1. PLEASE BE AWARE THAT THIS TUTORIAL IS ONLY FOR EDUCATIONAL PURPOSES:
Steps for Password Cracking Demonstration using
John the Ripper:
1. Launch Windows XP and create a few accounts with
passwords if you have not done so.
2. Shutdown Windows XP after completing the above
step.
3. In order for one to extract the hash file from
Windows XP in Kali. Both OS have to be running on the same machine. For the
Bootable USB Drive this step can be ignored; however, for the Virtual Box
Demonstration one must add the XP machine’s virtual hard disk to the Kali Linux
Virtual Machine. This can be done by going to the Virtual Machine’s setting and
under Storage selecting Controller: SATA, clicking add virtual hard disk, and
then selecting the XP Virtual Machine’s hard disk where ever it is located.
4. Start up the Kali Linux Virtual Machine and open
the terminal.
5. Type fdisk -l to show the partition table, or
all hard disk partitions on the Virtual Machine
6. Then type mount -t ntfs /dev/sdb1 /mnt. This allows one to gain
access to the file system stored on this hard disk.
7. Next type df -k to show used or available space
in the volumes of this hard disk.
8. After doing that, change directories by typing
cd /mnt to go to the /mnt directory. From here, type in ls to show the contents
of this directory. Then change directories to WINDOWS/system32/config using the
same command as this is the location of the SAM file. This . Now type ls to
show the contents of this directory as well. As you can see SAM file is located
in this directory.
9. Now type bkhive system /root/hive.txt followed
by samdump2 SAM /root/hive.txt> /root/hash.txt
10. Next go back to the root directory by typing cd
/root
11. Now type the following commands in that order:
a. ls -l *.txt
b. file *.txt
c.
cat
hash.txt
This should show what is
stored in the hash.txt file.
Figure 1: Obtaining the
hash file.
12. Copy and
paste this over into leafpad and save it as password.txt onto under root/Home.
13. Now
either open up Johnny the GUI version of John the Ripper and open up the file,
or type in the terminal john followed by the name of the text file, in this
case password.txt to crack the passwords.
No comments:
Post a Comment