EGL202 Cyber Security Essentials

Lab 2 Password Cracking

A. Introduction
Password cracking is one of the easiest and common ways hackers obtain unauthorized computer
or network access.

You will learn how to dump Windows Operating System (OS) password hashes. The password
hashes will enable the attacker to derive the actual passwords.

You will need administrator access to dump the contents of the Security Account Manager (SAM)
file on Windows machines. You will start with a simple SAM hash dump and run it with a hash
decryptor to uncover plain-text passwords. You will use the HACKER Virtual Machine (VM) for this
lab exercise.

Task 1: Generate Hashes

1) Launch VMWare Workstation 15 Player. Open the HACKER VM in E Drive in E:\Lab

Virtual Machines\EG2762\Hacker. If prompted, just click “Take Ownership”.

2) Click “Play virtual machine” and if there is a warning prompt, click “I copied it” and this
will take you to the Hacker VM.

Cyber Security Essentials Page 1 Effective date: 05 Mar 2021

Background: Pwdump7 is used to dump protected files.

3) Start-> Run -> cmd. Open Command Prompt and locate the folder location of
pwdump7.exe. Type the folder location of pwdump7.exe. (eg. cd C:\Documents and
Settings\thehacker\Desktop\Password Cracking Tools\pwdump7).

Cyber Security Essentials Page 2 Effective date: 05 Mar 2021

 4) Enter pwdump7.exe. This displays all password hashes.

5) Enter pwdump7.exe > c:\hashes.txt. This will copy all the data of pwdump7.exe to the
c:\hashes.txt file.

Cyber Security Essentials Page 3 Effective date: 05 Mar 2021

 6) Go to c:\ and open the hashes.txt file with Notepad. Check the generated hashes.

Task 2: Install Ohpcrack

Ophcrack is used to crack password hashes by using LM hashes through rainbow tables.

1) Locate the folder location of Ophcrack (e.g. C:\Documents and Settings\thehacker\

Desktop\Password Cracking Tools\Ophcrack). Double click the installer.

Cyber Security Essentials Page 4 Effective date: 05 Mar 2021

 2) The installation wizard appears. Click Next.

3) In the Choose Components window, uncheck all options and click Next.

Cyber Security Essentials Page 5 Effective date: 05 Mar 2021

 4) Follow the installation steps to install Ophcrack.

Cyber Security Essentials Page 6 Effective date: 05 Mar 2021

Task 3: Crack the Password Hashes
1) Double click Ophcrack icon on your desktop.

Cyber Security Essentials Page 7 Effective date: 05 Mar 2021

 2) Select Load > PWDUMP file.

3) Browse and select the hashes.txt file in C:\. Click Open. Hashes you had cracked
earlier are now loaded in Ophcrack.

Cyber Security Essentials Page 8 Effective date: 05 Mar 2021

 4) Select Tables > Vista free and click Install.

5) Browse to (e.g. C:\Documents and Settings\thehacker\Desktop\Password

Cracking Tools\Ophcrack) and select the tables_vista_free folder. Click OK.

Cyber Security Essentials Page 9 Effective date: 05 Mar 2021

The tables_vista_free is a pre-computed table for reversing cryptographic hash functions and
recovering plaintext passwords up to a certain length.

6) The selected tables_vista_free is installed under the name Vista free, represented by
a green coloured button. Select the table and click OK.

Cyber Security Essentials Page 10 Effective date: 05 Mar 2021

 7) Click on Crack button. Ophcrack begins to crack passwords. The cracked passwords
will be displayed after some time. Notice the amount of time it takes to crack the
passwords.

Which column displays the full cracked password? ____________

In real time, if an attacker attempts to exploit a machine and escalate the privileges, the attacker
can obtain password hashes using tools like PWdump7. After which the attacker can use hash-
decoding tools like Ophcrack to acquire plain-text passwords.

Cyber Security Essentials Page 11 Effective date: 05 Mar 2021

Cyber Security Essentials Page 12 Effective date: 05 Mar 2021