Page 1 of 2 12 LastLast
Results 1 to 10 of 16

Thread: .pwl hacking

  1. #1
    Junior Member
    Join Date
    Dec 2001
    Posts
    13

    .pwl hacking

    Ive been trying to do some security checks on my own computers, and i feel like a complete idiot here coming from using linux to asking about windows.. but..

    im trying to view whats in my .pwl file to see how secure it is. I know it could just be renamed, but thats a different problem. I tried viewing it in notepad but its encrypted. is there a program i could use? id like to secure this computer a little better.. even for windows.

    Thanks for the help.
    ~DreamWeaver~

  2. #2
    Old-Fogey:Addicts founder Terr's Avatar
    Join Date
    Aug 2001
    Location
    Seattle, WA
    Posts
    2,007
    Okay, here's the skinny on .pwl files in Windows 9x. You CAN cause them NOT to be created through some registry keys (more on that if you want). They appear in c:\windows\ as the username (first 8 characters) and with a PWL extension. They are encrypted with your windows-logon password, (Novell network passwords work in this effect, as do simple user-profile passwords, which give you custom desktops and wallpapers, etc.)

    The encryption method is VERY insecure, comparatively. If your windows logon password isn't humungous, I suggest either disabling pwl caching, or running a batch file to delete them each startup.

    Now, to the cracking! I would suggest trying Cain (search from google), with later versions called Cain and Abel. Abel is a trojan that can be placed on a computer to collect pwl passwords, so be prepared for some virus alerts. Cain can run brute-force or dictionary attacks against a pwl file, but you have to supply the username. If the username is over 8 characters or contains invalid DOS-filename characters, you'll have to do some educated guessing.
    [HvC]Terr: L33T Technical Proficiency

  3. #3
    Junior Member
    Join Date
    Dec 2001
    Posts
    13
    I have Cain + Abel, but whenever i start the attack on the .pwl from cain, itll tell me how long the password is (5 chars) but it wont tell me what it is.. :Confused:

    ~DW~

  4. #4
    Junior Member
    Join Date
    Dec 2001
    Posts
    13
    previously id used cain 2.0 cain 1.0 seems to work much better. Just thought youd like to know. I obtained it from packetstorm i believe.

    Thanks,
    ~DW~

  5. #5
    Originally posted by Terr
    Okay, here's the skinny on .pwl files in Windows 9x. You CAN cause them NOT to be created through some registry keys (more on that if you want). *****yes Terr MORE*****

    The encryption method is VERY insecure, comparatively. If your windows logon password isn't humungous, I suggest either disabling pwl caching, or running a batch file to delete them each startup.


    The encryption method is VERY VERY insecure. There is a proggie called revelation by snadboy...it is able to decode the .pwl for the screensaver on win98. You can study the the de-encryption method he uses...He will even give you the source code.

  6. #6
    Old-Fogey:Addicts founder Terr's Avatar
    Join Date
    Aug 2001
    Location
    Seattle, WA
    Posts
    2,007
    Originally posted by antihaxor
    The encryption method is VERY VERY insecure. There is a proggie called revelation by snadboy...it is able to decode the .pwl for the screensaver on win98. You can study the the de-encryption method he uses...He will even give you the source code.
    Uhm... my understanding had been that Revelation uses a call in windows which only works if you are ALREADY LOGGED IN. In other words, someone had to put the windows logon password in correctly already. It won't work if you have a .pwl file itself, and are not already in a session on the computer.

    In other words, it decrypts the CONTENTS of the pwl file, but only if you are already logged in, and it doesn't give you the actual logon password.

    Maybe I'm wrong, but whatever.

    EDIT:Oops! I got Revelation mixed up with another program, but I think Revelation still only works if you are already logged in. (Revelation is different from what I just described, but same limitations, will elaborate if necessary.)
    [HvC]Terr: L33T Technical Proficiency

  7. #7
    Senior Member
    Join Date
    Aug 2001
    Location
    Pittsburgh
    Posts
    153
    I'm not sure if this will help you but you do not even have to view the .pwl files to bypass the login. When you boot your pc boot to DOS. Now all you have to do is find the pwl file you want and rename the extension to .zzz* Hope that helped.

  8. #8
    hey Terr, could you tell some more about the registry and PWL files thing ??

  9. #9
    Junior Member
    Join Date
    Jan 2002
    Posts
    5

    Lightbulb .pwl hacking

    Here's a way to hack .pwl password in Win 9x... Just try to get Cain and Abel password cracker but you must supply a username inorder to crack the password... Another way is to find the .pwl pass and delete it then reboot the computer and the computer will ask you to supply again a new pass...


    Uhm... my understanding had been that Revelation uses a call in windows which only works if you are ALREADY LOGGED IN. In other words, someone had to put the windows logon password in correctly already. It won't work if you have a .pwl file itself, and are not already in a session on the computer. <---I agree with terr on this

  10. #10

    Talking

    Very Good Terr But I Just Wondered If You Could Please Teach Me How To Delete These Password Files From The Registary So My User Passwords Cannot Be Ripped With Programmes Like Cane Can You Tell Me How To Do This In Windows 98 And Windows XP Please Thanx Scott

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •