-
March 10th, 2007, 03:37 AM
#1
Junior Member
Anyone know any tool can do bootable pwdump?
There are lots of password dumping tools, like pwdump, pwdump2,3,4,5, samdump...
But they all required a administrative privilege logged in. So I need is a bootable one. None of them can do bootable.
I know ophcrack would do, it's a linux based tool. But I do not need to crack immediately. Any tool would just show the hash without cracking it right away?
-
March 10th, 2007, 03:49 AM
#2
have you tried helix i'm pretty sure it's got a psswrd tool, just download, burn the .iso restart and boot up into helix.
Or just put the burnt CD in while still logged into windows ..
http://www.e-fense.com/helix/
-
March 10th, 2007, 05:11 AM
#3
Junior Member
Backtrack 2 can do it
-
March 10th, 2007, 10:37 AM
#4
I really don't understand this question
If I can log in as administrator, then what the hell do I need to crack a password for?
As I see it, in real life, it is a multistage process?
1. Boot from external source
2. Run password extraction tool
3. Crack password (in your own time)
-
March 11th, 2007, 05:49 AM
#5
Junior Member
I try to crack the password just to learn how to do it, in order to find out a way to prevent people crack it.
Just like a company network security, he know how to protect company server by learning to hack a server frist.
-
March 11th, 2007, 12:28 PM
#6
Originally Posted by cpthk
I try to crack the password just to learn how to do it, in order to find out a way to prevent people crack it.
You obviously do not understand the basics. If someone can get your password hash then they can crack it. All you can do is:
1. Make your physical security such that they cannot access your passwords.
2. Make the passwords long and complicated enough that their cracking tools either won't work, or take so long that they give up.
Just like a company network security, he know how to protect company server by learning to hack a server frist.
No, they don't................. most of them are "button monkeys" who only know how to use off the shelf tools. The whole industry is getting dumbed down, even the hackers................after all, why mess around for hours/days/months trying to crack a password, when a simple keylogger will tell you all that you need?
Anyway, back to your question. You need a "live CD" or bootable medium that will get you in past the administrator rights restriction. On this media you add the password capturing tools that you want.
You capture the password hash and save it to the media, floppy, usb or whatever............ you could even e-mail it
THEN you use a cracking tool to find out what the password is.
The process model is:
Gain Access---->Extract Data----->Process Data
Unless you are talking about an online/realtime/interactive attack, which you do not seem to be doing?
You really need to read up on the larger picture of security models and concepts before messing around with skiddie cracking tools......... that is NOT the way to learn.......... trust me
EDIT: Take a look at this to see what I mean about password cracking............ OK, they only suggest values for machines with capacities of up to 1 billion passwords a second, and assuming an even chance you can divide the cracking time by 2.............. but what if you have a complex password of more than 15 characters?............ not to mention if you used the whole ASCII character set?
http://www.lockdown.co.uk/?pg=combi&s=articles
Last edited by nihil; March 11th, 2007 at 11:50 PM.
-
March 12th, 2007, 03:32 AM
#7
Junior Member
Originally Posted by cpthk
I know ophcrack would do, it's a linux based tool. But I do not need to crack immediately. Any tool would just show the hash without cracking it right away?
In Ophcrack, there is a button labeled "Save As", that should save the hashes in a text file.
Similar Threads
-
By ThePreacher in forum Miscellaneous Security Discussions
Replies: 17
Last Post: December 14th, 2006, 09:37 PM
-
By c0br4 in forum Hardware
Replies: 9
Last Post: May 6th, 2006, 09:14 AM
-
By Blunted One in forum Microsoft Security Discussions
Replies: 10
Last Post: May 3rd, 2006, 06:50 AM
-
By SDK in forum IDS & Scanner Discussions
Replies: 11
Last Post: April 13th, 2004, 01:39 AM
-
By gore in forum Operating Systems
Replies: 3
Last Post: March 7th, 2004, 08:02 AM
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|