itjc.net

You are here: Home

how to obtain a Windows password hash - offline

  • Print
Details
Category: grey hat
Published on Sunday, 21 April 2013 00:19
Written by itjc
Hits: 127

Basic Windows passwords are stored in the SAM database, located by default at:

C:\Windows\System32\config\

Normally, there are protections in place that mean you can't access this file while the system is running. But you CAN access it while the system is offline via:

  • live cd
  • WinPE
  • mount the system drive in another machine

Caveat: If you cannot boot from live CD, you can't change the boot order, or the system is using Windows 8 with secure boot enabled, you will need to resort to mounting the system drive in another machine.

 

Once you have a copy of this folder, you can work with it offline, using the linux programs bkhive anc samdump2. Backtrack has these already installed for you, so use Backtrack, or obtain linux binary for bkhive & samdump2 on your linux distro of choice.

 

run these two commands:

bhkive ./config/SYSTEM keyout

samdump2 ./config/SAM keyout

(where config is the whole config folder from above).

 

samdump2 will output a list of any hashes present. These will be for the local user accounts on the computer, NOT domain accounts.

 

You can take this output, and dump it into your cracking tool of choice.

Your tool of choice is oclhashcat+.

on data interception?

  • Print
Details
Category: technical
Published on Sunday, 21 April 2013 00:13
Written by itjc
Hits: 121

 

if your data passes through a network, it can be read on that network. if your data passes though several networks on the way to the recipient, it can be read at every single point along the way. encryption won't the interception, but it will stop the understanding.

Read more: on data interception?

why do security certificates matter?

  • Print
Details
Category: technical
Published on Thursday, 04 April 2013 13:43
Written by itjc
Hits: 170

So, after a few months of procrastinating (almost 5), I've gotten around to renewing the SSL certificate on the website. There's no need to be alarmed, this doesn't really affect anybody who's visiting the site. You'll only notice if you visit using https://itjc.net. Don't be alarmed by the warning about an untrusted certificate. All that means is the certificate has changed, which in this case was intentional, and your browser doesn't trust the certificate automatically, because I haven't bribed a Certificate Authority, but opted for a self signed certificate instead. For this particular site, that doesn't matter a whole lot.

However, for any merchant or banking website, or a website which you log into (like Gmail, Facebook, etc.), the security certificate matters a lot.

 

This provides an opportunity to explain what's going on for those who may not already know. In the next few days (months?), I plan on writing a bit about certificates, what I've learned about how to make them, and some of my thoughts on the advantages/disadvantages of creating your own versus purchasing one.

 

For now, we'll start on what a security certificate is, in simple terms for non techies. In the context of the internet, a security certificate is like a proof of identity. Every time you visit a website, it presents you with it's identification papers (it's security certificate). This certificate doesn't change. Therefore, every time you see the same certificate, you get an assurance that the website is authentic, you are actually talking to the real website.

 

If you are the victim of a spoofing or phishing attack, you might think you are visiting https://bank.com, but actually be looking at https://attacker.com. When this happens, https://attacker.com presents you with a bogus security certificate. Naturally, this does not match the trusted certificate on file for https://bank.com, and you get a big red scary warning, telling you that the site is fake. When you see this warning, you decide not to give attacker.com your credit card and banking details, and your pocketbook is much happier.

 

In a nutshell, that's why security certificates matter. In the next article, I'll explain a bit about different kinds of certificates, and how your browser automatically knows that a certificate is valid or not.

Bermuda Weather

  • Print
Details
Category: blog
Published on Tuesday, 02 April 2013 02:02
Written by itjc
Hits: 155

Hey all, been a long while since the last post. If you've noticed, kudo's to you. I don't expect to receive much traffic here anyway though, as I don't post often, and most of the content has an admittedly narrow target audience. However, there has been some new news, which I am at liberty to disuss, and which may be a source for most of the new visitors to this humble abode.

 

I have a strong interest in open source stuff, and a strong interest in Android stuff, and a mild interest in learning more about developing. Therefore, I have undertaken a small project, and written/published an application on the Google Play store. (yay!).

It's a very very simple design, not really worthy of the name, but it's useful to some, patched together by yours truly, and accepted to the Play store by Google. So that's a first for me, and as basic as the application is, it's still an accomplishment of sorts. So, without further adieu, I present to you: Bermuda Weather

As you can easily click the link, and read the descriptions there, I won't bother repeating it all here. In two sentences: The Bermuda Weather Service publishes a forecast for Bermuda, updated every few hours. The app retrieves this forecast, and displays it in a WebView(). It's that simple.

options

 

TeamViewer for Remote Support Remote Support
©2013 itjc.net