-
SAM file oh my!
I have a windows 7 box that I was trying to pen test... I began with the basic chntpw on ubuntu.. trying to clear/change the password. When I rebooted into windows the passwords I had "set" was not valid, the password was not cleared (for another acct) and the Administrator account had not been enabled as I had selected. I continued to try using chntpw but eventually gave up.
Now on BT4 I've tried bkhive, and john but neither seems to be working (both are throwing me errors)
BKHive:
root@bt:/mnt/WIN/Windows/System32/config# bkhive system /root/key
bkhive 1.1.1 by Objectif Securite
http://www.objectif-securite.ch
original author: ncuomo@studenti.unina.it
Error opening hive file system
and
John:
root@bt:/pentest/passwords/jtr# ./john -format:NT /root/ipass
Loaded 1 password hash (NT MD4 [128/128 SSE2 + 32/32])
Crash recovery file is locked: ./john.rec
Does anyone have any ideas as to why this is happening and/or what I should do about it.
PS although I don't want a direct answer (A start in the right direction would be nice), I'm at the point where I really do just want to make sure I haven't screwed things up too badly so solutions and help are much appreciated
-
Re: SAM file oh my!
Oh boy. I think you made a post about the same subject twice, which is not very appreciated...
Anyway, if you're attacking the machine you're running BT on, there is a useful tool called "utilman' if I remember correctly. You should try looking that way.
As for messing anything, I know some would say "you don't know what you're doing, maybe try something else from BT".
-
Re: SAM file oh my!
i had the same issue with chntpw, it wouldn't clear the password. I eventually moved onto samdump2 and just cracked the hash. also when using bkhive dont do /root/key instead try
I also have windows 7 and this works for me.
-
Re: SAM file oh my!
You can check my blog on using the method "comaX" suggested. Here i give two methods of accomplishing this and offensive security has a video of this as well.
Go here
