Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 30 Jul 2009 22:27:32 +0400
From: Solar Designer <solar@...nwall.com>
To: john-users@...ts.openwall.com
Subject: Re: get the password of windows XP

On Tue, Jul 28, 2009 at 12:11:56PM +0530, jith wrote:
> I am new guy to use john the ripper
> i want to crack the windows XP password
> i have the SAM system security file from c:\windows\system32\config
> using saminside i got the ntlm and lm hashes
> then how can i get the password from those file....

What does your file look like?

JtR will load files that are in PWDUMP output format.  The lines should
look like:

Administrator:500:E52CAC67419A9A224A3B108F3FA6CB6D:8846F7EAEE8FB117AD06BDD830B7586C:::

In the above example, the 3rd field is the LM hash and the 4th field is
the NTLM hash.  The corresponding password is "password".  When you run
JtR on a file containing the above line, it cracks the LM hash:

$ john pw
Loaded 2 password hashes with no different salts (LM DES [64/64 BS MMX])
PASSWOR          (Administrator:1)
D                (Administrator:2)
guesses: 2  time: 0:00:00:00 100% (2)  c/s: 466914  trying: MIMING - D

To crack the NTLM hash (and thus get the case-sensitive password), use
the recipe given in the following posting:

http://www.openwall.com/lists/john-users/2006/07/08/2

Alexander

-- 
To unsubscribe, e-mail john-users-unsubscribe@...ts.openwall.com and reply
to the automated confirmation request that will be sent to you.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux - Powered by OpenVZ