DEVIL'S BLOG ON SECURITY


A DEVIL'S BLOG ON COMPUTER AND INFORMATION SECURITY, ETHICAL HACKING AND COUNTERMEASURES


Learn Ethical Hacking | Learn Hacking Online | Learn How To Hack|Hack Counter Hack| Ethical Hacking Tutorials


Home   ||   See All Tutorials  ||   Products  ||   About This Blog   ||  Subscribe To RSS Feed



Join facebook group THE HACKER DEVIL


How To Dump Windows Password Using Pwdump

How To Dump Windows Password Using Pwdump


In previous post about dumping password I have just discussed about pwdump but haven't provided any tutorial. In this post I am providing most basic tutorial on using pwdump. You don't need to worry about any other options than what I ll discuss here since you will never face any problem even if you never use them
, actually the options that will not be discussed in this post never really gets used. Pwdump can practically dump password hashes from any version of windows. You can down load pwdump6 from following link.

To dump passwords from your own system type,

E:\Tools>Pwdump.exe localhost

it'll dump password hashes on screen, to take output on file redirect output as,

E:\Tools>Pwdump.exe localhost > password.txt

Now note that for dumping password from any machine you'll require admin privileges, it'll not work for you if your account is standard account and not the admin one.

If you want to dump password from remote machine you'll need to supply user-name and password of administrator along with IP address.

E:\Tools>Pwdump.exe 192.168.248.128 -u Max -p 12345

In above command 192.168.248.128 is IP address one of the machines connected in my LAN setup. Option “ -u ” specifies user name and “ -p ” specifies password for user Max which is administrator of system with IP address 192.168.248.128 . Above command will work if IPC$ share is open for remote connection if not you have to specify share which is open for connection use command in following way to connect to share open for remote connection.

E:\Tools>Pwdump.exe 192.168.248.128\share_name$ -u Max -p 12345

To know is there any share open for remote connection or not type following command in your command prompt.

C:\>net share

If you find word remote in remarks section after execution that means share is open for remote connection. If you want to check shares for remote host append above command by remote host's IP address. If you get list means you can connect else you can not dump passwords from remote host. To get dumped passwords in file append commands by “> passord.txt”. Ok I hope that is easy to understand, if you still have got any problems feel free to ask. Thanks for reading and keep visiting.

Free Ethical Hacking Training | Learn Ethical Hacking Online Free | Learn How To Hack | Hack Counter Hack | Ethical Hacking Tutorials | Devil's Blog On Security