Documente Academic
Documente Profesional
Documente Cultură
INDEX
Introduction Types of password cracking How to crack windows password with command prompt How to crack windows password with Hiren Boot CD
2|Page
Introduction
To bypass any system login authentication is known as system hacking. Consider that you had forgot your own system password and tried all possible passwords but it didnt work in this case what you will do to bypass? Or consider that your best friend has forgot his system password and asking you for help in that case what will you do? Dont worry guys here is the perfect tutorial which will show you how to bypass login authentication to any system. And this process also used by professional hacker during investigation of a criminal case. After getting this tutorial you can also perform this attacks to bypass login authentication. And it is very easy to perform.
Before getting forward to further topics lets understand different types of password attack.
4|Page
2) Brute Force Attack: This attack tries all the combination of words, Upper case, Lower case, Special characters and spaces. This attack needs more time to crack the password as it uses all the combinations of words, For example aa,ab,ac,ad,Aa,Ab,Ac,Ad,A!,A@ and etc. so trying this many combinations obviously it will take even more than 6 days to crack the password and obvious we cant wait till 6 days.
3) Rainbow table attack: A rainbow table is a list of pre-computed hashes - the numerical value of an encrypted password, used by most systems today - and thats the hashes of all possible password combinations for any given hashing algorithm. The time it takes to crack a password using a rainbow table is less than above attacks. And they also large number in size to download. We cannot afford the size as they are around 50 to 100 GB.
5|Page
4) Shoulder Surfing: I will explain you by screenshot so that you can easily be understand that what is shoulder surfing?
5) Offline Password Cracking: Offline password cracking is the process of recovering passwords from data that have been stored in or transmitted by a computer system. System password is stored in a Security Account Manager(SAM) file, the below path shows the location of SAM file C:/Windows/System32/config
6|Page
This SAM file stores system password and the last login details in hash format. But the problem is, you cannot open the file and if somehow opens than you will see nothing in the SAM file as this file is configured in such a way that when operating system boots this file will be locked and user cannot open the file.
Lets HACK!!!!!!!
7|Page
8|Page
This command will show you all the user accounts which are available in the system.
9|Page
Step 3: type net user [account name] *, where account name is which you to crack the password and * is to tell the administrator that I want to change the password
10 | P a g e
Step 4: As soon as you press enter it will ask you for the password, follow the screenshot below
And yes you have crack the system password with command prompt successfully. This will work in Windows XP, Windows 7 and in Windows 8 also.
11 | P a g e
12 | P a g e
13 | P a g e
Step 4: Select linux distribution, than select your file location(.iso) and select device drive letter.
Click on create.
14 | P a g e
15 | P a g e
Step 6: Restart the system and boot from pendrive and you will come to below screenshot
16 | P a g e
Step 9: Dont be panic its normal thing while booting from external device just wait for some time and you will come to below screenshot
Step-10:
17 | P a g e
Step-11:
It is asking the path of SAM file and the default path is Windows/System32/config which it has already found as you can see the above screenshot. Simply click Enter
18 | P a g e
Step-12:
After getting on above screenshot select option 1 as we have to reset password which is in SAM file. Select 1 and click on Enter
19 | P a g e
Step-13:
Here we have to select 1 in order to reset windows password. Select 1-Edit user data and passwords and click Enter.
20 | P a g e
Step-14:
Choose Username that you want to crack the password and click Enter as shown in above screenshot.
21 | P a g e
Step-15:
Here I am selecting option 1 to clear the password, you can choose the option 2 if you want to add new password but it sometimes not work properly so its better to select option 1 and click Enter.
22 | P a g e
Step-16:
As you can see in above screenshot that Password Cleared! so you have successful in clearing password but dont forget to save as this step is important. Select option ! to quit and click Enter.
23 | P a g e
Step-17:
24 | P a g e
Step-18:
Here is the step to save your settings, press y and click Enter. Step-18:
As you can see in above screenshot that you have successfully done editing in password.
25 | P a g e
Now press ctrl+alt+delete button to restart the system and as you can see in below screenshot that you login successful without password.
26 | P a g e
Step 2: Extract that file in specific folder and remember we have to make it bootable pendrive or cd with the help of unetbootin, this is also a great software which helps you in making bootable pendrive, follow the below screenshots to see the step by step process of making bootable pendrive
28 | P a g e
Step 5: Select diskimage option and location of .iso image file which you have downloaded and select the drive of external device
Press OK
29 | P a g e
Step 6: Wait for some time and you will come to below screenshot
After that reboot your system and boot from your pendrive.
30 | P a g e
Step 7: When you boot from your pendrive you will come to below screenshot
And it will reboot automatically after this process gets over as it will directly give access to administrator account, you dont have to do anything during the process thats the main advantage of this tool and it is very easy to use. You just have to boot from external device and you are done!!!!!!!
31 | P a g e
32 | P a g e
33 | P a g e
Step-3: As soon as you click on update a small window will pop-up as shown in below screenshot and select Password Startup and simply enter your password to encrypt SAM file.
Now what it does when you restart your system, first of all it will ask you to enter syskey password, and then you will ask to enter password of your account to login.
NOTE: There are more than 100+ ways to crack the windows password and I cannot show you all but we have to look for easy method and ofcourse this Tutorial contains easy ways to crack the system password.
34 | P a g e
35 | P a g e