POC On Sam Decryption

POC On Sam Decryption



Introduction
In this report we will decrypt the SAM file by using the Cain & Abel tool.

About SAM
SAM stands for “Security account manager”.It is a database file in Windows XP,Windows Vista,Windows 7,Windows 8.1,Windows 10 that stores user’ password.It stores password in the hash value which is not a readable form
Location:-  C:\Windows\System32\config

About Cain & Abel
Cain & Abel(GUI base) is a password recovery tool for microsoft operating Systems.It allows recovery of several kind of passwords by sniffing the networks,cracking encrypted passwords using Dictionary, Brute-force and cryptanalysis, Recording VoIP conversations, Decoding scrambled passwords, Recovering wireless network keys and all stuffs.

Lab Environment
Operating system:- Windows 7
Tool:- Cain & Abel v4.9.35

Proof Of Concept

Step 1:-
Before opening the Cain & Abel firstly we will have to off all the security checks(firewall, antivirus, window defender etc.). I off firewall because only this security is on my OS.




Step 2:-
After installing and do all the setup of Cain & Abel then we have UI.



Step 3:-
  • Then click on the Cracker submenu.
  • After click we get.


  • Right click on the plain area.
  • Then click on “Add to list”.

  • Check the radio button(Import hashes from local system).


  • Then click on next.

Step 4:-
Then After clicking on the next you will get all the user of that operating system.here we can see that there is three users account in the operating system and only one has cross sign means this account is protected with the password and password is in the SAM file and the password in the form of hash value that we have to decrypt.

Step 5:-
  • Right click in the user “kartik saxena” which we have to decrypt.
  • Then click on brute force attack(trial and error method used by application programs to decode encrypted data).
  • Then NTLM hash



Step 6:-
  • Then you have window like this here you have some setting you have to set according to us in what pattern we want to attack.


Step 7:-
We have to set some Setting
  • Predefined(combination of numbers, alphabets,special characters).
  • Mini(set minimum characters from which attack starts).
  • Max(set maximum characters from which attack finishes).
  • Then click start.
Step 8:-
  • I set predefined to “0123456789”.
  • Min “10” .
  • Max “10” .
  • Then click on start.
  • And it will start brute forcing.
  • After some time it will give decrypt the hash value and give the password of the user.


Comments

Popular posts from this blog

POC of Nagios XI 5.2.6-5.4.12 -Chained Remote Code Execution(Metasploit) | CVE-2018-8733

What is .crypt12 file extension?