Hello All,
Progress Report:
1]. I've created a user account *TestUser*.
2]. A purely alphabetic password with length = 8 characters.
3]. Ran LC5, trial version. The trial version ONLY supports Dictionary attacks. The PreComputed and the BruteForce were only for registered licenced users.
4]. Chose to Import accounts from Local Machine.
5]. Ran the Audit.
6]. LC5 got the LM Hash and NTLM Hash and cracked the password and displayed it in plain text for *TestUser*.
7]. LC5 also displayed all the LM & NTLM hashes for all the other accounts.
8]. LM Passwords were *empty*, LM Hash does NOT support passwords with 14 or more characters.
9]. I can post the results on here, but the output displays the LM & NTLM hashes for my other accounts which are members of the admin group.
I just wanted to take small steps.
With that said, my next goals are
-to incrementally make strong passwords for *TestUser*.
-Dump the SAM and choose the option of Importing from SAM File. I've downloaded NTFSDOS Pro [read-only] version from
www.sysinternals.com/ntw2k/freeware/ntfsdospro.shtml
. But I read somewhere you need NTFSDOS with [read-write] options. The other option is to use Linux [with NTFS File System Support].
I would greatly appreciate thoughts from you guys or constructive criticisms or anything that would help. If anyone of you think I'm doing something wrong, please feel free to let me know.
Thankyou.
-There Is A Foolish Corner In The Brain Of The Wisest Man- Aristotle