1
00:00:00,690 --> 00:00:06,689
In this lecture, we are going to see how we can crack those passwords off, crack on windows.

2
00:00:08,140 --> 00:00:12,850
This can be used in the scenario where you have physical access to a system which is possible.

3
00:00:13,510 --> 00:00:19,660
You can copy the file hashes and then use the tool to crack the password in an offline attack on windows.

4
00:00:20,970 --> 00:00:24,930
It may also be possible to track other users passwords on the same system.

5
00:00:28,850 --> 00:00:32,060
We have different methods for obtaining hashes of the passwords.

6
00:00:33,000 --> 00:00:38,340
The first method you can copy same and system files after booting from the live USB drive.

7
00:00:39,690 --> 00:00:45,420
The second method you can directly dump the ashes with off crack, and in the third method you can use

8
00:00:45,420 --> 00:00:48,630
some command line tools to dump ashes from the registry.

9
00:00:53,070 --> 00:00:56,660
So it was a step download of Greg from offshore website.

10
00:01:00,010 --> 00:01:03,310
No download Vista free rainbow tables and expect them.

11
00:01:05,920 --> 00:01:06,730
All, Greg.

12
00:01:06,790 --> 00:01:09,070
Click on tables and install the tables.

13
00:01:12,580 --> 00:01:12,850
No.

14
00:01:12,850 --> 00:01:14,740
Let's see how we can dump the hashes.

15
00:01:18,980 --> 00:01:23,870
In off grid, click on load and choose the option to load from same with same to.

16
00:01:24,880 --> 00:01:28,570
But remember, this may not work on latest Windows ten or 11.

17
00:01:29,570 --> 00:01:34,580
Knowing the second method, you can use this command as shown on the screen to dump hashes directly

18
00:01:34,580 --> 00:01:35,440
from the digital.

19
00:01:38,420 --> 00:01:45,050
Click or load encrypted hashes in North Korea and use the folder where you have saved the registry backups.

20
00:01:47,410 --> 00:01:48,430
There was a third method.

21
00:01:48,430 --> 00:01:54,970
You can move from Galileo USB, you can navigate to Windows System32 config folder and copy same or

22
00:01:54,970 --> 00:01:55,810
system files.

23
00:01:56,290 --> 00:02:01,840
Once copied to the main machine, you can click on load encrypted hashes of crack and select the folder.

24
00:02:03,070 --> 00:02:05,220
Now let's see how we can create caches.

25
00:02:09,289 --> 00:02:14,690
Once we have hash entry in the store, you can click on track and the password will be correct.

26
00:02:17,580 --> 00:02:17,790
No.

27
00:02:17,790 --> 00:02:19,440
Let's see the actual demonstration.

28
00:02:23,500 --> 00:02:27,520
First of all, a Google search for off track and open the official website.

29
00:02:37,200 --> 00:02:41,010
Now click on download and download for Windows.

30
00:02:53,600 --> 00:02:54,800
Was downloaded.

31
00:02:55,160 --> 00:02:56,330
Extract the folder.

32
00:02:57,640 --> 00:03:00,970
And we will have both good and bad versions available.

33
00:03:04,480 --> 00:03:05,380
No, but it.

34
00:03:10,990 --> 00:03:15,850
Click on tables and you will see that we don't have any rainbow table installed.

35
00:03:17,690 --> 00:03:17,830
No.

36
00:03:18,000 --> 00:03:20,220
Go back to all of your website.

37
00:03:21,270 --> 00:03:22,440
Liquid tables.

38
00:03:24,240 --> 00:03:27,210
Download Vista for your tables if you want.

39
00:03:27,210 --> 00:03:29,430
You can also download larger tables.

40
00:03:45,810 --> 00:03:48,660
Was the tables or donated to them.

41
00:03:51,910 --> 00:03:53,610
And then go to tables north.

42
00:03:53,620 --> 00:03:54,210
Greg.

43
00:03:55,330 --> 00:03:57,820
The option of this DVD and click on install.

44
00:04:00,200 --> 00:04:02,570
Select the directory of these W tables.

45
00:04:07,270 --> 00:04:08,850
And use the option to select for.

46
00:04:11,510 --> 00:04:12,170
So click on.

47
00:04:12,170 --> 00:04:12,740
Okay.

48
00:04:14,450 --> 00:04:16,700
It will see that these trophy tables will appear.

49
00:04:19,709 --> 00:04:19,980
No.

50
00:04:19,980 --> 00:04:22,290
Let's see some methods to dump the hashes.

51
00:04:22,830 --> 00:04:28,140
No, In first method you can simply click on load and select the option to dump local Sam in Sam dump

52
00:04:28,140 --> 00:04:28,620
to.

53
00:04:30,170 --> 00:04:34,010
Although this method does not work after Windows ten anniversary update.

54
00:04:34,490 --> 00:04:39,710
But it may work in Windows seven, or if you are using some older versions of Windows ten.

55
00:04:43,120 --> 00:04:45,790
No In second method, open a command prompt.

56
00:04:49,000 --> 00:04:53,950
Use the command req or XY to save same or system files.

57
00:04:57,610 --> 00:04:59,800
You can use the command as shown on the screen.

58
00:05:02,700 --> 00:05:05,760
These files will be saved in C temporary folder.

59
00:05:07,210 --> 00:05:07,460
North.

60
00:05:07,480 --> 00:05:08,730
Click click.

61
00:05:08,740 --> 00:05:09,470
Unload.

62
00:05:09,820 --> 00:05:10,690
Put same.

63
00:05:14,960 --> 00:05:16,640
You'll see a temporary folder.

64
00:05:20,900 --> 00:05:23,100
We will see that all hashes will be loaded.

65
00:05:26,940 --> 00:05:27,180
No.

66
00:05:27,180 --> 00:05:28,920
Let's move over to the third method.

67
00:05:31,620 --> 00:05:35,670
Just plug in your live USB type-c and move from USB.

68
00:05:47,600 --> 00:05:49,790
Google should go from live system.

69
00:05:56,530 --> 00:05:57,490
Where's clipboards?

70
00:05:57,490 --> 00:06:00,400
Double click the windows drive mounted.

71
00:06:02,620 --> 00:06:04,120
And then go to windows.

72
00:06:05,960 --> 00:06:08,360
System32 config folder.

73
00:06:20,460 --> 00:06:24,960
Open the folder as route and copy same and system files.

74
00:06:31,780 --> 00:06:35,500
I'm using VMware, so I'm directly copying them to my main machine.

75
00:06:35,890 --> 00:06:38,200
You can use a USB to copy the files.

76
00:06:48,770 --> 00:06:50,750
No in North Korea, click on load.

77
00:06:53,500 --> 00:06:56,390
They select the option within the same.

78
00:07:01,540 --> 00:07:04,150
Choose the folder where you have pasted these files.

79
00:07:07,620 --> 00:07:09,750
Many will see that her ashes will be loaded.

80
00:07:11,320 --> 00:07:12,970
Those simply click tracked.

81
00:07:13,830 --> 00:07:14,630
Friend of Greg.

82
00:07:14,640 --> 00:07:14,810
Will.

83
00:07:14,820 --> 00:07:15,110
Greg.

84
00:07:15,120 --> 00:07:15,900
Our password.

85
00:07:18,280 --> 00:07:19,240
The password is correct.

86
00:07:19,270 --> 00:07:20,380
It will be displayed.

87
00:07:24,760 --> 00:07:27,970
I hope you like this lecture and see you in the next lecture.