252
◾
Ethical Hacking and Penetration Testing Guide
Credits
—http://www.tarasco.org/security/pwdump_7/index.html
This is the screenshot of pwdump, where it has extracted hashes from the sam directory.
Downloads
◾
http://www.foofus.net/~fizzgig/pwdump/
◾
http://www.tarasco.org/security/pwdump_7/
◾
http://www.foofus.net/~fizzgig/fgdump/default.htm
Ophcrack
Ophcrack is a Windows-based tool that has the capability to not only dump the hashes, but also
crack those hashes using rainbow tables. The ophcrack program comes
with rainbow tables that
work for passwords of a very short length. So if the password is lengthy, or, say, alphanumeric,
you won’t be able to crack it. In that case you can download additional
rainbow tables from
the rainbow crack project, which
provides free rainbow tables, but as rainbow tables are huge
in size they also provide you options to buy any rainbow tables if you don’t
want to download
gigabytes of rainbow tables.
Postexploitation
◾
253
References
http://sourceforge.net/projects/ophcrack/
http://project-rainbowcrack.com/table.htm
Scenario 3—Offline System
So here we have the third and last scenario, where we have physical access
to the computer but no
administrative rights. In this case we can choose between two approaches:
1. Using a bootable CD such as Ophcrack LiveCD to crack the passwords.
2. Bypassing the log-in.
Ophcrack LiveCD
Ophcrack LiveCD can be downloaded from the official website (links are given later) and can be
used to crack passwords. It comes along with rainbow tables, which are
capable of cracking pass-
words of shorter length.
Dostları ilə paylaş: 
