1
00:00:00,420 --> 00:00:05,190
In this lecture, we are going to see how we can crack Windows passwords with card.

2
00:00:06,939 --> 00:00:12,250
Ashgate is a GPU based tool, so you will need to have it running on a machine with a powerful graphics

3
00:00:12,280 --> 00:00:12,610
card.

4
00:00:12,610 --> 00:00:13,660
With all drivers.

5
00:00:13,960 --> 00:00:15,700
It can be your windows machine.

6
00:00:15,700 --> 00:00:19,180
You're going to call your machine or you can even do it in the cloud.

7
00:00:19,750 --> 00:00:24,550
For this lecture we are going to use it on windows with all GPU driver installed.

8
00:00:26,070 --> 00:00:27,600
The concept is fairly simple.

9
00:00:27,960 --> 00:00:34,410
The step one, we are going to get the hashes from same file with Curly line X and instead we are going

10
00:00:34,410 --> 00:00:38,670
to crack these hashes with hash card and rock judiciary on our PC.

11
00:00:39,610 --> 00:00:44,340
This attack can be used in a scenario where you have a physical access to a system which is possible

12
00:00:45,300 --> 00:00:47,970
that can be used to quickly crack the password.

13
00:00:48,300 --> 00:00:54,510
You can copy the extracted hashes from the same file with Linux in a USB drive, and then in your own

14
00:00:54,510 --> 00:01:00,630
time in offline mode, you can connect the hashes at your home on your main PC with a hash card.

15
00:01:01,020 --> 00:01:04,230
We need to have reliable USB for this attack.

16
00:01:04,620 --> 00:01:10,710
You can check the lecture as a bootable USB drive to learn how to make the bootable USB.

17
00:01:11,100 --> 00:01:15,120
The first step is to all hash card from official website in your main PC.

18
00:01:17,350 --> 00:01:21,160
Download and extract the role obituary and you get for the.

19
00:01:24,040 --> 00:01:29,560
No move from Caroline as you drive Le Guin, your US built target PC and boot from it.

20
00:01:32,120 --> 00:01:38,490
So navigate to windows system32 config folder and copy same or system file to the desktop.

21
00:01:40,490 --> 00:01:47,540
Now open the terminal on desktop and dump the hashes with SAM pool as the text will contain all hashes,

22
00:01:47,540 --> 00:01:48,920
but we are aiming to crack.

23
00:01:50,620 --> 00:01:54,970
No copy this hashed or text file to the hash card folder on your main PC.

24
00:01:55,060 --> 00:01:57,190
You can use a USB to copy the file.

25
00:01:59,890 --> 00:02:03,370
Open PowerShell, then use the command to create the password.

26
00:02:03,880 --> 00:02:07,900
Here, 1000 Tesla has scared the windows password to be cracked.

27
00:02:08,740 --> 00:02:15,190
Cracked will store all correct passwords hashed or text is the source file and rock you are additionally.

28
00:02:18,830 --> 00:02:24,170
Once Haggard cracked the password, you can open the text file to view the correct password.

29
00:02:25,850 --> 00:02:27,710
Let's see the demonstration of the attack.

30
00:02:29,360 --> 00:02:31,610
First of all on Google, search for Cat.

31
00:02:34,800 --> 00:02:36,000
An official website.

32
00:02:39,380 --> 00:02:41,460
And download the batteries for windows.

33
00:02:49,080 --> 00:02:50,340
And click on download.

34
00:02:54,310 --> 00:02:57,610
Most downloaded strict code folder.

35
00:03:02,170 --> 00:03:03,940
And you can see all the files here.

36
00:03:05,360 --> 00:03:07,910
No, we need to download that all traditionally.

37
00:03:08,240 --> 00:03:13,700
We can just paste the link as given in the presentation and downloading will automatically start.

38
00:03:17,030 --> 00:03:18,610
Was the dictionary downloaded.

39
00:03:18,620 --> 00:03:20,420
Copy it to the folder.

40
00:03:24,570 --> 00:03:28,860
No plug in live USB in your target PC and boot from USB.

41
00:03:33,590 --> 00:03:35,420
It was the live option to boot.

42
00:03:41,990 --> 00:03:46,250
Most college stores double click drive containing windows files to mounted.

43
00:03:49,360 --> 00:03:50,650
Navigate to windows.

44
00:03:55,620 --> 00:03:58,470
System32 and config folder.

45
00:04:01,340 --> 00:04:01,550
Hancock.

46
00:04:01,730 --> 00:04:03,900
This system falls to the Dexter.

47
00:04:14,610 --> 00:04:18,800
No right click on your desktop and choose the option to open terminal here.

48
00:04:26,080 --> 00:04:29,350
I used the command Sam dump to dump her ashes.

49
00:04:36,840 --> 00:04:41,040
You can open your text file and verify that all hashes have been dumped.

50
00:04:44,200 --> 00:04:48,190
You can copy this file to the USB drive and copy it to your main machine.

51
00:04:48,760 --> 00:04:52,390
I'm using a virtual machine so I can copy it to the main machine.

52
00:04:58,590 --> 00:05:00,600
Paste this file in haircut folder.

53
00:05:03,360 --> 00:05:06,480
Right click in the haircut folder and open partial window.

54
00:05:10,370 --> 00:05:13,640
No one has shared with the given command as shown on the screen.

55
00:05:16,920 --> 00:05:22,890
You do not need to give data and it reflects I require them because it helps me choose my graphic card.

56
00:05:26,250 --> 00:05:28,460
Shared will automatically create the password.

57
00:05:31,130 --> 00:05:36,710
And once the password is correct, you can open your text file and your password.

58
00:05:43,690 --> 00:05:47,050
I hope you like this lecture and see you in the next lecture.