May 19, 2011
0
Here we use the tool "Cain and Abel" for cracking passwords of any local user/administrator.
First download cain and abel from "http://www.oxid.it/cain.html" and install it on your system.

Make sure that you have disabled the antivirus/firewall running on your system before installing and throughout this process.

Two most effective techniques used here are "Brute-Force" and "Cryptanalysis".

Brute-Force:- As this techniques takes more time to complete, the attacker prefer this technique only when there is a hope that the password contain same type of characters or may be two. i.e only loweralpha, only alpha, only numeric or may be loweralpha-numeric, also it should contain less than 7 characters. Otherwise it takes more time to crack password, which may be the mixture of all types of characters along with special symbols.
The step-by-step explaination for this technique is given below-

1) Open the tool "Cain and Abel"  


2) Go into the category "Cracker"     it displays all sub-categories under "Cracker" in left panel.


3) Select "LM & NTLM Hashes" from left panel and then click on     symbol, you will be greeted by a window as shown.


4) Check "import hashes from local system" and then click "Next". This shows all the active accounts on local system like administrator, guest, etc. along with LM and NT hashed values of their respective passwords, as shown below.


5) Right clicking on any username shows all available options using which we can crack it's password.


6) Here we select "Brute-Force Attack" and then "NTLM Hashes", since windows uses NTLM hashes to store local users' passwords.

7) You will be greeted by a window where you can modify properties for brute-force attack such as password length, character set, etc.


8) Click on "Start" button.

9) On completion it will reveal the exact password.






-: Windows-XP Password Cracking :-


Cryptanalisys :- Basically, Cryptanalisys means Operations performed in converting encrypted messages to plain text without initial knowledge of the crypto-algorithm and/or key employed in the encryption.
This is the fastest technique of password cracking possible due to "Rainbow Tables".
A rainbow table is a file that is used to lookup an unknown plaintext from a known hash for an algorithm that does not usually permit this operation.
Steps 1 to 4 i.e upto importing hashes from local system, are similar to previous technique (i.e brute-force). The steps coming after that are as follows-

5) Here, select "cryptanalisys attack" then "NTLM hashes" and then select "via rainbow tables". Here we can choose either OphCrack or RainbowCrack formats of tables. The rainbow tables are available free to download on internet.
Due to large file size of rainbow tables (350MB - 3GB); instead of downloading we can also create at own just by downloading rainbow table generator (winrtgen.zip of 181KB) free download at "http://www.oxid.it/downloads/winrtgen.zip"


6) Click on "Add Table"


7) Browse for the location of rainbow table on your system, select proper table and click "open".


8) Select the loaded table and then click on "Start" button.


9) On completetion it will show the exact password.


To learn windows password cracking techniques properly, one must understand "LM" & "NTLM" algorithms, SAM File, Dumping NTLM hashes from local SAM, Rainbow Tables, etc.......!

-: Windows-XP Password Cracking :-


Cryptanalisys :- Basically, Cryptanalisys means Operations performed in converting encrypted messages to plain text without initial knowledge of the crypto-algorithm and/or key employed in the encryption.
This is the fastest technique of password cracking possible due to "Rainbow Tables".
A rainbow table is a file that is used to lookup an unknown plaintext from a known hash for an algorithm that does not usually permit this operation.
Steps 1 to 4 i.e upto importing hashes from local system, are similar to previous technique (i.e brute-force). The steps coming after that are as follows-

5) Here, select "cryptanalisys attack" then "NTLM hashes" and then select "via rainbow tables". Here we can choose either OphCrack or RainbowCrack formats of tables. The rainbow tables are available free to download on internet.
Due to large file size of rainbow tables (350MB - 3GB); instead of downloading we can also create at own just by downloading rainbow table generator (winrtgen.zip of 181KB) free download at "http://www.oxid.it/downloads/winrtgen.zip"


6) Click on "Add Table"


7) Browse for the location of rainbow table on your system, select proper table and click "open".


8) Select the loaded table and then click on "Start" button.


9) On completetion it will show the exact password.


To learn windows password cracking techniques properly, one must understand "LM" & "NTLM" algorithms, SAM File, Dumping NTLM hashes from local SAM, Rainbow Tables, etc.......!

0 comments:

Labels

INTERNET (141) HACKING TRICKS AND TIPS (129) SYSTEM TRICKS (104) OTHERS (93) HOW TO (88) GPRS TRICKS (84) AIRTEL TRICKS (68) FREE GPRS (61) 4SHARED TRICKS (60) MOBILE TRICKS (56) HOT TRICKS (52) 3G TRICKS (50) TRICKSNEW (50) WINDOWS TRICKS (45) MOBILE HACKS (44) SOFTWARE (41) HACKING TRICKS (40) CALL TRICKS (38) MINI PROJECTS (35) FUN TRICKS (33) IEEE PROJECTS (31) FACEBOOK TRICKS (30) AIRCEL TRICKS (29) Mobile Tips (28) DOWNLOAD (27) COMPUTER TRICKS (26) AIRTEL 3G HACK(100%) WORKING (25) ALL NETWORK TRICKS (25) DOCOMO TRICKS (25) FREE SMS HACKS (23) PASSWORD HAKING (23) LEARN-HACKING TRICKS (22) OTHER PROJECTS (22) FREE CALL TRICKS (20) NOTEPAD (20) gmail (19) HACKERS (18) RELIANCE TRICKS (18) ANTI-VIRUS (16) TATA DOCOMO TRICKS (16) VIRUS (16) AIRCEL 3G HACK(100%) WORKING (15) IDEA TRICKS (15) BROWSING TRICKS (14) SMS TRICKS (14) account (14) FREE SMS WEBSITES (13) VODAFONE TRICKS (13) FREE FAKE MAIL (12) MOBILE SOFTWARE (12) secret code (12) E-MAIL (11) FREE SMS CRICKET ALERT (11) OPERA HACK (11) ACKING TRICKS (10) CRACKING TRICKS (10) INDIA MATCH LIVE STREAMING ONLINE FREE (10) BSNL TRICKS (9) E-MAIL BOMBERS (9) FREE FAKE CALLS (9) SERIALS (9) SMS BOMBERS (9) premium account (9) ALL RESULTS (8) CHEAT CODES (8) GAMES DESIGN PROJECT (8) HOTFILE TRICKS (8) MINI PROJECTS-CSE (8) MINI PROJECTS-MCA (8) MOBILE APPLICATIONS (8) MOBILE TV (8) SEND SMS NOW (8) SOURCE CODES (8) portable application software (8) CHINA MOBILE (7) FREE MOBILE TV (7) PAYPAL ACCOUNT HACK (7) TUTORIAL (7) TV ONLINE (7) BALANCE TRICKS (6) CHATTING TIPS (6) Free SMS Websites (6) GOOGLE+ (6) INTERVIEW (6) PLACEMENT TIPS (6) UNINOR TRICKS (6) WATCH TV FREE (6) YOU TUBE TRICKS (6) avoid hacking (6) MEMORY CARD (5) PAPER PRESENTATION (5) RESULTS (5) VOIP CALLS (5) command prompt (5) BLUETOOTH TIPS (4) EXAM DATES (4) LEARN-HACKING (4) MOST NEEDED TRICKS (4) SOURCECODE (4) TORRENTS (4) WEB PROJECTS (4) Amazon (3) E-BOOKS (3) FIREFOX (3) FREE CRICKET MATCH 2011 LIVE STREAMING (3) JOBS (3) MODEM (3) RECHARGE TRICKS (3) VIDEOCON TRICKS (3) VIRGIN TRICKS (3) ANDROID (2) BOMBERS (2) C#.NET (2) CRICKET LIVE STREAMING (2) FREE MOVIE DOWNLOAD (2) HR ROUND (2) IPHONE TRICKS (2) IPL MATCH FIXING (2) Inspirational Success Stories - Zero to Hero (2) JAVA CODE (2) MTNL (2) MTS TRICKS (2) Mobile Number Portability (2) ONLINE-FREE SHOPPING (2) PROJECTS (2) TATA INDICOM (2) YAHOO (2) Cashback (1) DCE (1) DOWNLOAD MENU (1) DTH TRICKS (1) FREE SUBSCRIPTION ALERTS (1) GRAMMAR (1) IMAGE TRICKS (1) LINUX (1) MATLAB PROJECTS (1) MICROCONTROLLER PROJECTS (1) MOTOROLA (1) Most Common Interview Mistakes to Avoid (1) NANOPARTICLES IN THE DRUG DELIVERY (1) ONLINE EARNING (1) PEN DRIVE (1) PHISHERS (1) RAPIDSHARE TRICKS (1) Swiggy (1) TECHNICAL JOKES (1) TOLL FREE CONTACT NUMBER LIST (1) UBUNTU (1) WHATSAPP HACK (1) Wi-Fi (1) Zomato (1)