John the Ripper, Cain and Abel to crack password protected files.
crack passwords from various file types on windows machine.
Security Accounts Manager (SAM) database. LM hashes stored in local SAM database or in Active Directory. LM hashes are weaker than NT hashes. so we have to prevant windows for storing LM hash. LM hash (also known as LanMan hash or LAN Manager hash) LM hash details LM hash (also known as LanMan hash or LAN Manager hash) is a compromised password hashing function that was the primary hash that Microsoft LAN Manager and Microsoft Windows versions prior to Windows NT used to store user passwords. John the Ripper works best if the files you want to crack is copied into same dir. john Windows.txt = to crack file from Windows.txt and list of passwords from same folder. ctrl+C to stop tool John the Ripper shows passwords in all Capital letters this is problem. Cain and Abel -> Cracker -> LM and NTLM Hashes -> blue + icon -> import hashes from text file -> select all hashes -> right click -> Dictionary Attack -> LM hashes -> right click in Dictionary Area -> add text file -> write *.lst in file name -> select pass list file -> click Start. same LM hash but diffrent NT hash LM- and NT-hashes are ways Windows stores passwords NTLMv1/v2 are challenge response protocols used for authentication in Windows environments The NTLM protocol also uses one of two one way functions, depending on the NTLM version. NTLM hash values are 16 bytes (128 bits) each. NTLMv2 is intended as a cryptographically strengthened replacement for NTLMv1 Windows does not utilize a technique called salting. Salting is a technique in which a random number is generated in order to compute the hash for the password. This means that the same password could have two completely different hash values, which would be ideal. John the Ripper "Jumbo" version which run on linux is far better than windows versions. ./zip2john Secret.zip > secret.hash ./john secret.hash –wordlist=password.lst ./john --show secret.hash ./office2john.py Premiere.xlsx > premiere.hash