NegativeSpace Posted July 2, 2012 Share Posted July 2, 2012 (edited) I've done this probably 5 times successfully now, but each time, I can not remember how, so I go searching and never find anything useful, and figure it out eventually on my own. This time I cant figure it out. I need to have a human readable hash from a .SAM in order to crack the hash and get a Windows password. I have the .SAM, SAM.LOG, but I just can not remember how to get a hash from that. I do remember that I have never used BKHIVE or SAMDUMP2 to do it, because I tried those several times and I am jus tnot good enough in with Linux CLI yet to make it work. So how the hell do I get from having .SAM to having a human readable NTLM hash that I can crack? Edited July 2, 2012 by NegativeSpace Quote Link to comment Share on other sites More sharing options...
Infiltrator Posted July 2, 2012 Share Posted July 2, 2012 You can use OPhcrack to extract the hash. Quote Link to comment Share on other sites More sharing options...
digip Posted July 2, 2012 Share Posted July 2, 2012 You can use OPhcrack to extract the hash. Si. Ophcrack will let you both dump the sam file for offline cracking when using the live cd doesn't have large enough tables needed, or will also just crack them on the fly if they are simple passwords. You could also do it with backtrack, I think its just called "samdump" when you boot off of it to a windows machine, mount both the windows drive and a thumbdrive or such to write the hashes to. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.