password cracking guide

[toutankhamoun]

thX dude nice !!

[Eliteghost]

Thanks for putting all that effort into this.

Truly appreciate the work thank you again, keep up great job

[MrBurns]

well done, thanks for sharing

[ntrncx]

thanks man very usefull informations

[Chobin73]

Please note that with fgdump it's possible to extract the sam hashes remotely, by only knowing the local administrator password of a system.

[bofh28]

Please note that with fgdump it's possible to extract the sam hashes remotely, by only knowing the local administrator password of a system.

How did you know my secret plan???

I am adding a section on extracting hashes remotely for the next version as there have been some questions about that. Unfortunately updating crunch and looking for work has taken most of my time.

Thanks for the reminder.

[Chobin73]

How did you know my secret plan???

I'm a damn GENIUS!!!

I am adding a section on extracting hashes remotely for the next version as there have been some questions about that. Unfortunately updating crunch and looking for work has taken most of my time.

Well, sorry for your job...i swear someday we could finally have a linux porting of fgdump...it's terribly effective when used against windows DC's!!

Thanks for the reminder.

You're welcome: 200€, thank's!

[BadKarmaPR]

great work and the thing I love the most is in the hydra section, you covered using a single thread and not 30 or 40 like I have seen in other tutorials, I have seen routers being DoS by inexperience pentesters in the past bruteforcing with to many threads network equipment. I would also add dumping the hashes with meterpreter using hashdump as well as some of the incognito features in meterpreter.

[adroitlearner]

So when do we get to read your latest work. fingers crossed...waiting for it

[bofh28]

great work and the thing I love the most is in the hydra section, you covered using a single thread and not 30 or 40 like I have seen in other tutorials, I have seen routers being DoS by inexperience pentesters in the past bruteforcing with to many threads network equipment. I would also add dumping the hashes with meterpreter using hashdump as well as some of the incognito features in meterpreter.

Thank you. I seen (and done) that too. However you also have to blame the router manufacturer sometimes. I have this old D-Link wireless router that just locks up if you if use hydra or medusa on it. Even with the proper and very conservative settings the router dies. It a firmware issue as we have 3 of these routers and they all exhibit this behavior. However the routers are so old they are nolonger supported and open firmware (dd-wrt) can't run on them as they only have 2MB of flash.

I am not familiar with meterpreter. (A quick google later). OK it is a part of metasploit. metasploit is a very powerful framework. When I decided to write this guide I made one thing very clear to myself. I will only cover password cracking AFTER compromise. I would not show anyone how to exploit a system and then extract the password hashes. If I cover hashdump it will be from the point after the system has been compromised. I won't cover how to break into a system. There are already many other guides and threads that cover how to break into a system.

It is a fine line I am trying to walk (especially since I starting to write the section about remotely extracting the hashes). I don't want to turn my guide into a step by step guide how to hack into something that any technological illiterate person could use to do something bad. Yes my guide is step by step but I try to educate the user along the way. I try to make them understand what they are doing and way.

I hope you understand.