Jump to content

Ophcrack No Go. Worth Trying Usb?


NegativeSpace

Recommended Posts

Use backtrack to dump the same hashes, save them to the thumbdrive(if not writable, you need to make a partition on the thumbdrive that is writable, or remount the system as RW and save it) or another location, upload to another PC on the network, etc(you should be able to copy and paste the hash into a browser, might already be found via google (hint)). Once you have the dump of the sam file, then you can boot into ophcrack(full version, not from backtrack) from another machine and read the sam file for cracking. If then it doesn't work, you need to go to the ophcrack page and find the links for the other tables to download and crack against. XP uses different tables than Vista/7, so make sure you don't waste time downloading the wrong ones. http://ophcrack.sourceforge.net/tables.php

I never figured out how to dump the hashes and apply them to ophcrack in BT through the command line. I know now that it wouldn't have worked because ophcrack (within BackTrack Live) doesn't include any tables, but I still want to learn how to do it anyway.

If BT is installed on a local drive, how would a person download all of the tables for ophcrack so that it could be used to crack hashes taken from other machines?

Edited by NegativeSpace
Link to comment
Share on other sites

samdump2 or bkhive, if iirc, should show you the hashes, then you copy them, in text, or whatever, to where you need them, such as another computer, or a google search. I thought samdump2 dumped them, but maybe that was the wrong tool. Try bkhive. You have to mount the windows hdd, change directory to the location of the SAM file and run bkhive(check its man pages for syntax) or samdump2 to grab the hashes. I think samdump2 does both grab the hashes and crack them, but I could be wrong. I think you can also copy the physical sam file or ntuser.dat file to be pulled from there as well. Haven't done this in so long, I never really had a need, always just booted ophcrack, or used pwdump in windows against the lsass files in XP back in the day. Windows vista and 7 I don't think work with pwdump, but there are ways to dump them in powershell if you have physical access to the machine and are logged in, which in your case, doesn't help.

Edited by digip
Link to comment
Share on other sites

Watch this video.

Link to comment
Share on other sites

I have to say, the thing that I ended up doing, mostly, was suggested to me by digip. I simply downloaded BT5 ISO and Unetbootin, figured out how to find the hash, wrote it down on piece of paper, and used an online cracker. I guess I used the advice from several people to eventually get there, so I'm not sure. Anyone want to comment? I said I would give ten dollars to whoever gave me the instructions, so now I want to do that, but I'm not sure who! If you think it was you, say it was you. If you think it was someone else, say it was them.

Thanks for the help again. Great learning experience.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...