LAB 3: Cracking Windows Passwords

 

Materials Needed:

• Computer
• Internet connection
• Pwdump3 and LC4 software

 

Activity

 

1)      The first step in determining user passwords is acquiring the list of usernames and the corresponding encrypted passwords. This part of the lab will show you how to obtain the password file.

a)      Obtain permission from your network administrator before attempting to obtain password hashes from another computer. You must connect to the targety computer with an administrative level account.

b)      Install pwdump (www.polivec.com/pwdump3.html )

c)      Run pwdump3 from the command line on a computer that you have administrative access to and save the hash to a file:

                                                               i.      Pwdump3 [IP address of target] > passwords.txt

 

 

2)      Once you have obtained the encrypted passwords, you need to decode them into plaintext. [This should only be done with permission!]

a)      Install LC4 (www.atstake.com/research/lc/download.html)

b)      Run LC4 (Start|Programs|LC4) with the 15 day Trial

                                                               i.      Retrieve from the local machine

                                                             ii.      Select Strong Password Audit

                                                            iii.      Select all Reporting Styles