Thanks for the tips, this is great !


I still have a lot to learn, and that's what's awesome !!!!!

OK I see what you mean about what I am trying to do now. However, in the copy/paste I provided above, isn't the first part ":........................:" the salt and the second part "....................." the hash ?


Just to clear things up: When I use Ophcrack, I point it the config folder meaning I suppose that it has access to both the SYSTEM and SAM files and therefore the salt as well. Yet, it does not work.


When I use John The Ripper, how could I provide it with the salt to make this brute force process faster (ETA currently displayed: June 2015 lol!)


I am also trying to use rcracki on the Hash having downloaded Numeric tables (99.9% success for lengths 1 to which I guess is also a good idea. I will try SamInside as well.


In the meantime, can you comment on the different options above, which one is best and also why in earth would ophcrack not work


Any help is appreciated, this is soooooo frustrating !

PS: I've looked online and it seems that Windows 7 hashes do not have a salt, hence the weakness of windows passwords.


So how can I go about getting this password ? The numeric rainbow table for 1-8 char did not work either


I uploaded the hash to onlinehashcrack.com and it found the password in a couple minutes. Obviously ow it is asking me to pay for it. It says its 8 characters so maybe I can rely on that at first. Is that website reliable ? (in which case it is crackable quite easily, I am just not doing it properly).


Thanks

Staff note: double post, whore.

Hi all, I'm getting into hacking for fun purposes and to better both my computer skills and better protect my own data.
I managed to get the following hash from a Windows 7 machine through the sam file (samdump2) but can't seem to resolve the password for the "admin" account with either Ophcrack (loaded all vista tables) or John The Ripper (currently brute-forcing since no dictionary works but that could take a while  --> ./john hash.txt -format=nt -users=admin).


All I know is that the password is probably between 6 and 10 characters (most probably and that it should be relatively simple, maybe even all numbers.


I've managed to crack my own password with Ophcrack in seconds and it is a combination of alphanum that does not mean anything. I am therefore a bit suprised not to be able to crack this one.


Can someone please either find it for me (and tell me how they did) or guide me in the right direction.


Thanks a lot for your help !



Administrateur:500:aad3b435b51404eeaad3b435b51404ee:31d6cfe0d16ae931b73c59d7e0c089c0:::
Invité:501:aad3b435b51404eeaad3b435b51404ee:31d6cfe0d16ae931b73c59d7e0c089c0:::
admin:1000:aad3b435b51404eeaad3b435b51404ee:37daed37b26be6fe6ac86ac23719aaca:::
HomeGroupUser$:1002:aad3b435b51404eeaad3b435b51404ee:9a7a1cfd02d858c7803c1f9b31a42e9c:::
LogMeInRemoteUser:1003:aad3b435b51404eeaad3b435b51404ee:e33b9ed540d6e47a55ce63d6c207417d:::