Sunday, May 4, 2014

Grab Password Hash File in Windows 7 with PwDump7

     This article is meant for informative and educational research only. Not responsible for any misuse of this information.

This guide will show you how to use PwDump7 to quickly generate a listing of hashes for Windows 7 user accounts.

I'll be running all commands as administrator and assuming that I made a new user named Bob for testing purposes. This guide assumes you have some familiarity using the command prompt in Windows.

PwDump7 can be found at: http://www.tarasco.org/security/pwdump_7/

A direct download of the software can be found here: http://www.tarasco.org/security/pwdump_7/pwdump7.zip

1. Unzip the file PwDump7 and copy it into your C:\Windows\System32 folder like this:



2. Open a command prompt as administrator. Start menu > All Programs > Accessories > Command Prompt - Right click on Command Prompt and chose run as admin.

3. Navigate into your system32 folder. A quick tutorial of commands can be found here: http://www.computerhope.com/issues/chusedos.htm

4. Run the command: PwDump7 and hit enter.


5. The program will run and hashes for user accounts will be displayed. Below is a shot of Bob's hash:


6. Right click in the top window bar of the command prompt and go to edit to select all and then do it again and chose copy this time. Copy and paste the correct hash portion into a new text document and save as hash.txt



7. You now have hash.txt containing the user password hash. From here, it can be used with other programs to try and  crack the password. 



No comments:

Post a Comment