LAB 3: Cracking Windows Passwords
Materials Needed:
Activity
1) The first step in determining user passwords is acquiring the list of usernames and the corresponding encrypted passwords. This part of the lab will show you how to obtain the password file.
a) Obtain permission from your network administrator before attempting to obtain password hashes from another computer. You must connect to the targety computer with an administrative level account.
b) Install pwdump (www.polivec.com/pwdump3.html )
c) Run pwdump3 from the command line on a computer that you have administrative access to and save the hash to a file:
i. Pwdump3 [IP address of target] > passwords.txt
2) Once you have obtained the encrypted passwords, you need to decode them into plaintext. [This should only be done with permission!]
a) Install LC4 (www.atstake.com/research/lc/download.html)
b) Run LC4 (Start|Programs|LC4) with the 15 day Trial
i. Retrieve from the local machine
ii. Select Strong Password Audit
iii. Select all Reporting Styles