Skip to main content

-: Windows-XP Password Cracking :-

Here we use the tool "Cain and Abel" for cracking passwords of any local user/administrator.
First download cain and abel from "http://www.oxid.it/cain.html" and installit on your system.

Make sure that you have disabled the antivirus/firewall running on your system before installing and throughout this process.

Two most effective techniques used here are "Brute-Force" and"Cryptanalysis".

Brute-Force:- As this techniques takes more time to complete, the attacker prefer this technique only when there is a hope that the password contain same type of characters or may be two. i.e only loweralpha, only alpha, only numeric or may be loweralpha-numeric, also it should contain less than 7 characters. Otherwise it takes more time to crack password, which may be the mixture of all types of characters along with special symbols.
The step-by-step explaination for this technique is given below-

1) Open the tool "Cain and Abel"   



2) Go into the category "Cracker"      it displays all sub-categories under "Cracker" in left panel.


3) Select "LM & NTLM Hashes" from left panel and then click on      symbol, you will be greeted by a window as shown.


4) Check "import hashes from local system" and then click "Next". This shows all the active accounts on local system like administrator, guest, etc. along with LM and NT hashed values of their respective passwords, as shown below.


5) Right clicking on any username shows all available options using which we can crack it's password.


6) Here we select "Brute-Force Attack" and then "NTLM Hashes", since windows uses NTLM hashes to store local users' passwords.

7) You will be greeted by a window where you can modify properties for brute-force attack such as password length, character set, etc.


8) Click on "Start" button.

9) On completion it will reveal the exact password.

  

ryptanalisys :- Basically, Cryptanalisys means Operations performed in converting encrypted messages to plain text without initial knowledge of the crypto-algorithm and/or key employed in the encryption.
This is the fastest technique of password cracking possible due to"Rainbow Tables".
A rainbow table is a file that is used to lookup an unknown plaintext from a known hash for an algorithm that does not usually permit this operation.
Steps 1 to 4 i.e upto importing hashes from local system, are similar to previous technique (i.e brute-force). The steps coming after that are as follows-

5) Here, select "cryptanalisys attack" then "NTLM hashes" and then select "via rainbow tables". Here we can choose either OphCrack or RainbowCrack formats of tables. The rainbow tables are available free to download on internet.
Due to large file size of rainbow tables (350MB - 3GB); instead ofdownloading we can also create at own just by downloading rainbow table generator (winrtgen.zip of 181KB) free download at"http://www.oxid.it/downloads/winrtgen.zip"


6) Click on "Add Table"


7) Browse for the location of rainbow table on your system, select proper table and click "open".


8) Select the loaded table and then click on "Start" button.


9) On completetion it will show the exact password.


To learn windows password cracking techniques properly, one must understand "LM" & "NTLM" algorithms, SAM File, Dumping NTLM hashes from local SAM, Rainbow Tables, etc.......!

Comments

Post a Comment

Popular posts from this blog

Edit tiles in Windows 8

If you’ve recently installed or upgraded to Windows 8 and have started customizing programs onto its new Start Menu UI, you’ll notice that the program icons are the same old icons placed in an oversized box. You’ll see the program name under it and will be in awe at  how out of place the newly added icons are with the rest   of the Windows 8 theme. We’ve found a handy program to spruce things up by  creating awesome-looking tiles that match the look of Windows 8 apps  on the Start Menu, something like what you see below. And you can get that look using   OblyTile . First thing’s first, the icons you see above are works from users of deviantART. OblyTile only sets up your tiles; you have to provide the icons or images for the tile. But not to worry, we’ll provide you with  a few links which we’ve found to recreate the look and feel  of the screenshot you see above. Getting Started With OblyTile Run OblyTile (no insta...
81 comments
Read more

STEALING PASSWORD WITH GOOGLE HACK

Google is a treasure trove full of important information, especially for  the underground  world. This Potential fact can also be utilized in the data for the username and password stored on a server. If the administrator save important data not in the  complete system authentifikasi folder, then most likely be reached by the google search engine. If data is successfully steal in by the unauthorized person, then the will be in misuse. Here, some google search syntax to crawl the password: 1.  "Login: *" "password =*" filetype: xls  (searching data command to the system files that are stored in  Microsoft Excel ) 2.  allinurl: auth_user_file.txt  (to find files auth_user_file.txt containing password on server). 3.  filetype: xls inurl: "password.xls"  (looking for username and password in ms excel format). This command can change with admin.xls) 4.  intitle: login password  (get link to the  login ...
37 comments
Read more

Bump Your Desktop Into 3D With BumpTop

Your desktop doesn’t have to be a boring graveyard for lost and forgotten files anymore! Transform it with BumpTop into 3D desktop that help you keep organized. Like a real desk. Create the desktop that suits your needs and style. There’s nothing about the installation, you just keep on pressing “Forward” and you are done. When you launch BumpTop for the first time, you’ll be taken in tutorial to show you how to use BumpTop efficiently, it doesn’t last more than a minute so make sure you watch it. Features: Right after the tutorial you’ll see you shiny new 3D desktop. Let’s start using the new desktop by learning  some basics. Right-Click Options: You right-click menu is now replaced by BumTop’s menu, but you can still access your normal menu by choosing more. Piles: You can make piles of files, photos and folders just like how you do in real life. You can do this by selecting them and drag across the pile icon that appears without letting go of the mous...
Post a Comment
Read more