Windows Logon password:
Getting a windows logon password is not so difficult. It is very easy process and self explanatory. We can get many offline password crackers which can change or clear the existing passwords. You can download it here.
Just download their ISO images, burn them, insert to CD ROM and then things are simply self explanatory. So first we need to know how authentication system works in windows.
When you set windows login password, It should obviously stored in a file somewhere.
The password is stored in SAM file placed in %systemroot%\system32\config.
Why don't we try to open SAM file and look at the passwords. let's try that.Open c:\windows\system32\config and open SAM. You must get an error shown in the image below.
We can't open SAM file when windows is running it. Even if anyhow we manage to access the contents in the SAM file it won't get in a clear text. We can see that in an encrypted format.
SAM file:
SAM means security accounts manager. It is a database stored as a registry in windows and stores windows users and passwords in hashed format.
Hashing is a kind of encryption which is a one way function. i.e, if plain text is converted to hash it cannot be converted back to plain text.
Windows authentication procedure:
Whenever the user creates new account in windows, the password is converted to hash value and is stored in SAM database. Every time when the user used to logon to the system the password you entered is converted to hash and compares with the password stored in the SAM database.
If both the hashes match then the user is successfully authenticated.
How to access SAM files?
SAM files cannot be moved or copied to another source while windows is running. It can be accessed only when windows is not running. Got confused? here we go, let's talk about concept of live operating systems concept. A live CD containing a bootable OS should be inserted into the CD ROM and can be used without installation.
How to open a hash file?
It is impossible to convert hash one way hash function to plain text format. But automated tools can do two things:
1) clear or change the password:
2)crack password
No comments:
Post a Comment