Slimeball
Software Prototype Designer
2
MONTHS
2 2 MONTHS OF SERVICE
LEVEL 1
400 XP
Hey Folks, in this tutorial we will discuss the next method to crack window 10 login password using kali linux operating system. There are many other ways by which you can easily crack the window machine logon password, one of which we have discussed in our previous article. Lets start discussing about this topic without wasting any time.
Prerequisites to crack window 10 password
- Kali Linux ISO Image – Download here
- CD/DVD or USB drive with at least 8 GB
- Rufus Softrware – Donwload here
What is SAM File ?
So when we go to crack the login password of the window machine then we need hashes which is stored within the Windows SAM file at C:\Windows\System32\config location.
Let’s take a look
!!Make Bootable USB of Kali Linux
Let’s start making bootable USB. Just you need to follow the instructions given below.
- Step-1 Download the Rufus tool using the given link above.
- Step-2 Install and boot the software, download the ISO image of kali linux operating system with the link given above.
- Step-3 After downloading the image file, then click on Select, browse the ISO image and select it.
- Step-4 Just click on start and complete the process of making bootable USB.
After successfully creating a bootable USB, your USB will look like the image below. Just ignore it.
Go back to the login screen and enter the wrong password 1 to 2 times to create SAM logs into the system.
Ready
!! Just connect the bootable USB to the computer USB port and enter the BIOS setup by pressing the special key (ESC) via the keyboard ( It may be difficult according to the different-2 computers ), select bootable USB and you will get the interface as shown in the given picture. Now click on the first option and proceed ahead.
Done
!! Finally we have entered into the kali linux operating system, so let’s start the process of cracking the password of window 10 machine.
Locate the file manager and open it. After opening it then go to the “other locations” option and select the second directory where SAM is saved. The directory we have selected is the C drive of the window machine where the window is installed.
Hmm
!! After that Right-click on a blank space in File Manager, and select Open Terminal Here. After that we will go to the “/Windows /System32/config/” location one by one using the cd command. Now we have reached the place where the SAM file is kept.
Chntpw Tool to Crack Window 10 Password
Basically we are unable to read the SAM file which is why we will use chntpw tool which will crack the window 10 password itself. You can check all the features of this tool by execute the following command.
chntpw1chntpw
List Users
Through the following command we can check all existing users in the window machine.
chntpw -l SAM1chntpw-lSAM
Select User
Now we need to select the user whose password we want to crack. Just replace the username and execute the command. Immediately after executing the command it gives the menu to choose what you want to do. All you have to do is proceed by selecting option 1.
Usage
!! chntpw -u < username > SAMchntpw -u hp SAM1chntpw-uhp SAM
Reboot System
Done
!! To stop editing in the user configuration enter “q” and reboot the system.
BOOM
!! You do not need to enter any password, just hit enter on the login screen and you will be logged into the system successfully.
Crack Window 10 Password via Pwdump
PWDump is a tool can be control within a command-line interface that used to extract the NTLM (LanMan) hashes from “LSASS.exe” in memory. This time we will go through the file manager on the “system32” directory and right-click to open the terminal.
Now we need to go to “config” directory to obtains the SAM files. All SAM files and their logs are saved here.
Dump
!! As you can see, all hashes of existing users are dumped. Now we can crack these hashes using john the ripper and other kind of tools and get the password. If you want know the complete processing then you can read this article.pwdump SYSTEM SAM1pwdump SYSTEM SAM
Crack Window 10 Password via Samdump2
It is an also in-built and small utility designed to dump hashes with the help of SAM files. If in some case the pwdump tool does not work well then you can use another option of that tool called “samdump2“. Just execute the following command and dump hashes.
samdump2 SYSTEM SAM1samdump2 SYSTEM SAM
We think john the rippper tool would be the best option for cracking windows 10 passwords. You can check complete article on it from here.
