NegativeSpace Posted July 2, 2012 Posted July 2, 2012 (edited) I've done this probably 5 times successfully now, but each time, I can not remember how, so I go searching and never find anything useful, and figure it out eventually on my own. This time I cant figure it out. I need to have a human readable hash from a .SAM in order to crack the hash and get a Windows password. I have the .SAM, SAM.LOG, but I just can not remember how to get a hash from that. I do remember that I have never used BKHIVE or SAMDUMP2 to do it, because I tried those several times and I am jus tnot good enough in with Linux CLI yet to make it work. So how the hell do I get from having .SAM to having a human readable NTLM hash that I can crack? Edited July 2, 2012 by NegativeSpace Quote
digip Posted July 2, 2012 Posted July 2, 2012 You can use OPhcrack to extract the hash. Si. Ophcrack will let you both dump the sam file for offline cracking when using the live cd doesn't have large enough tables needed, or will also just crack them on the fly if they are simple passwords. You could also do it with backtrack, I think its just called "samdump" when you boot off of it to a windows machine, mount both the windows drive and a thumbdrive or such to write the hashes to. Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.