Tag Archives: hash

Using bkhive and samdump2

ls
bkhive system /root/hive.txt
samdump2 SAM /root/hive.txt > /root/hash.txt

  1. ls the contents of the /WINDOWS/system32/config directory.
  2. bkhive dumps the syskey bootkey from Windows NT/2k/XP/Vista system hive.
  3. samdump2 dumps the Windows NT/2k/XP/Vista password hashes.

View Hash Contents

cd /root
ls -l *.txt
file *.txt
cat hash.txt

  1. Change directory into /root, because that is where we put our hive and hash files.
  2. List out the files using a wildcard (*).
  3. Determine the file type of the hash and hive files, where the hash file is (ASCII) and the hive file is (Compressed Binary).
  4. View the contents of the hash file

 

SOURCE: http://www.computersecuritystudent.com/SECURITY_TOOLS/PASSWORD_CRACKING/lesson2/

Leave a Comment