Saturday, 31 October 2020

Use of Rainbow Crack to Exploit Windows

 Gone are the days when we have to wait for the days together to recover the Windows account password. Thanks to the rainbow crack technology, now we can crack the passwords in few seconds with 100% success rate.


This Rainbow cracking technology works on simple concept. Instead of computing the hashes for each password dynamically and comparing with the correct one during cracking, password hashes are computed in advance for all character sets. These hashes are then stored in datasets called rainbow tables.

So cracking involves just comparing the current password hash with the pre computed hashes within the rainbow tables and get the associated plain text password. Hence it takes very less time compared to the traditional method of brute force cracking. Setting up the rainbow table for various character sets is just one time activity and may take days or months based on the character set and speed of the machine. Once the rainbow tables are ready, you can feed the password hash to it and get your password cracked in seconds.

In order to recover your Windows user password, first you have to get the LM hash for the target user account. This can be done in many ways. You can use any of the tools such as pwdump, cain&abel or LC5. You need to have administrator privileges to dump the hashes using these tools. If you have lost administrator password itself, then you can boot the system using BackTrack live cd or Windows restore CD and then copy the SAM & SYSTEM hive files (which is located in c:\windows\system32\config folder. Note that your system drive may be different). Next feed these files to Cain & Abel tool to get the LM hashes for the target account.

Read more : lm password cracker

No comments:

Post a Comment

Router Role in Networking

  The Quick Definition: Route redistribution is a process that allows a network to use a routing protocol to dynamically route traffic based...