College Extra Credi...
 
Notifications
Clear all

College Extra Credit Assignment - Cracking a SAM file

4 Posts
3 Users
0 Reactions
1,247 Views
(@wermer)
Posts: 2
New Member
Topic starter
 

College student here.  I'm an older student; decided to go back later in life than I should have, but back in college nonetheless.  To get to the point, our professor has challenged us with an extra credit assignment of cracking a SAM file.  After he posted the SAM file on our Blackboard (an app we use for assignments, etc), I spent many hours beating my head against the wall.  Everything I found on it suggested I also needed the SYSTEM file as well from the same machine.  If this is the case, I am somewhat confused why he would have us try this without all of the pieces required, but regardless, I am determined to push forward and see if that is still a possibility.  I'm not asking for a walkthrough by any means, just a simple answer of whether or not it is even possible.  Of course, if anyone DOES feel like saying how to do it, I wouldn't be complaining!  =)

He has told us it is from a Windows Server 2019 OS, and he gave us the amount of characters in the password, as we need to be able to 'hack' it before December 1st.  I know how to reset the password to whatever I want it to be, but he wants us to post the actual password.  Either way, I thought I would post this here as I am somewhat out of my element and losing steam.  I also understand that this could be posted by anyone, so I will also post a SS of the assignment as proof (I have omitted any personal info from the SS).  I also understand that this could be faked or PS'd or whatever too, but /shrug not sure how else I could prove my credibility.  Thank you for your time.

 

SS - https://imgur.com/j2wBrD8

 

-Wermer

 
Posted : 16/11/2023 3:35 pm
(@headmulotti)
Posts: 2
New Member
 

Have you used Mimikatz yet

 

 
Posted : 17/11/2023 6:40 pm
(@wermer)
Posts: 2
New Member
Topic starter
 

@headmulotti So far, my attempt at using mimikatz was futile.  After allowing my PC to even use it (Windows 10 does NOT like 'hacking' software being on the hard drive), it still required the SYSTEM hive registry file.  Unless I'm getting confused with another of the applications I was attempting to learn/use.  That was over 2 weeks now.  I'll have to go back and try again and respond with a more informative response.

 
Posted : 24/11/2023 11:54 pm
(@tic-tac)
Posts: 26
Eminent Member
 

It's been almost 4 years since the last time I cracked a Windows user password. According to my notes from back then, I always used both SAM and SYSTEM files to successfully extract the hash from the SAM file. 

I've used pwdump and samdump2 to dump the hashes and they need both aforementioned registry hives. 

Also I have this in my notes:

"If the user is using live account then the password hashes will be generic, blank when using pwdump and samdump2, in such case use mimikatz to extract the correct hash. Dump the SYSTEM and SAM file in the same folder as mimikatz.exe, run the app, enter - lsadump::sam /system:SYSTEM /sam:SAM"

 

Maybe things have changed from back then and now you don't need the SYSTEM file to extract hashes from SAM file. Take a look at this Kali tool, maybe it can extract the hash from your SAM file:

https://www.kali.org/tools/creddump7/

 

 
Posted : 28/11/2023 8:03 pm
Share: