Windows hashes

[mango]

all the episodes talk aout getting the hash thing if ur the administrator, put if ur not the administrator how would you go around gettin the hash thingy another way

[Sammael]

From here

2) Dude, where’s my hash?

Now that you’ve got Ophcrack and rainbow tables installed, you’ll need hashes. There are three places to find them on Windows XP:

* In the folder C:windowssystem32config. This folder is locked to all accounts (including an Administrator account) while running, except the special System account.

* In a SAM file from C:windowsrepair if rdisk has ever run

* In the registry, under HKEY_LOCAL_MACHINESAM, which is locked to all accounts

This doesn’t look good for retreiving the windows hashes! Well, to work around the built-in windows protections, we can recover hashes by the following techniques:

* Boot to linux and copy the file directly from C:windowssystem32config. This is probably too troublesome for most users, but with a liveCD it’s trivial.

* Run pwdump2, including in Ophcrack, to trick out the registry values. If you didn’t change any settings, it should be installed in C:Program Filesophcrackwin32_tools. Here’s an example session from the command line (start, run, type “cmd†and hit enter):

C:Documents and SettingsElliott Back>cd “C:Program Filesophcrackwin32_toolsâ€

C:Program Filesophcrackwin32_tools>pwdump2

Administrator:499:aabbcc:3311dd:::

Elliott Back:234:aabbcc:3311dd:::

C:Program Filesophcrackwin32_tools>

Naturally, I’ve censored the hashes and the number of users. If you’d like some hashes to play with, here are hashes for users with passwords varying from length from 1 to 7 characters long: test-hashes.txt.

It is the second on a google search for "how to get windows hashes".