11-24-2021, 10:24 PM
(11-24-2021, 10:05 PM)Moreo Wrote: I don't know if it's the right place to ask but,
I've tried diffrent SAM dumpers and i never succeded to crack my windows password (even though it's only numbers)
Here is the command i'm using :I hope someone will be able to help meCode:hashcat.exe -m 1000 -a 3 -w 3 -O --outfile result.txt hashes.txt.sam --increment ?d?d?d?d?d?d?d
Have a good day
Are you sure you have the right hash in your hashes.txt.sam?
The format of pwdump is the following:
somewindowsuser:500:AAD3B435B51404EEAAD3B435B51404EE:4X8XDX5X8X7XXXXXXXXXCXDX0X4XBX27
^ ^ ^ ^
Username RID LM Hash NT Hash
You have to put only the NT Hash into your hashes.txt.sam. In this case, it would be 4X8XDX5X8X7XXXXXXXXXCXDX0X4XBX27
You will see the same LM Hash as I posted here, as it represents an empty LM Hash. That's because Windows 10 doesn't support LM anymore (unless you enable it again. Idk if that's possible).
Your NT Hash should be different tho.
You don't even need the --increment option, as you know the length of the password. Just use the right amounts of ?d and it'll be fine.