I did many tutorials on cracking passwords, but no one seems to know how to extract password hashes. Well on popular demand we have decided to make an in-depth tutorial on extracting password hashes so that we can hack them with the help of other tutorials. So to make sure you understand the basics of password hashing before we continue.
Table of contents
What are password hashes?
Passwords and sensitive data is stored in computers by using the process of hashing to keep the data secure. You can check the following exaples to see some examples of hashes.
hash(“hello”) = 2cf24dba5fb0a30e26e83b2ac5b9e29e1b161e5c1fa7425e73043362938b9824
hash(“hbllo”) = 58756879c05c68dfac9866712fad6a93f8146f337a69afe7dd238f3364946366
hash(“waltz”) = c0e81794384491161f1777c232bc6bd9ec38f616560b120fda8e90f383853542
Hash algorithms are one-way functions that turn any amount of data into a fixed predetermined length “fingerprint” that cannot be reversed. They have the property that if the input changes even by a single bit, the resulting hash is completely different as you can see above.
Thus password hashing is excellent for protecting passwords because we still need to verify that a user’s password is correct.
The general workflow for account registration and authentication in a hash-based account system is as follows:
- The user creates an account on a website or a network.
2. Their password is hashed and stored in the database.
3. When the user tries to log in, the hash of the password they entered is compared against the hash of their actual stored password ( hash is retrieved from the database).
4. If the hashes match, the user is granted access. If not, the warnings about incorrect credentials are shown.
5. Steps 3 and 4 repeat every time someone tries to log in to the account.
So we will be doing following tutorials for extracting password hashes
- Linux passwords
- windows passwords
DISCLAIMER: This is an educational article meant to aware of and educates readers about the hacks. Do not use this tool or website on any website. Do not apply or execute any method or use tools without the concern of the party.
The hackingworld.com team will not be in any way responsible for any illegal activities and usage of tools by you. We want to make readers aware of active threats and how they work. Use this article only for educational purposes.
1) Obtaining Linux password hashes
In the Linux operating system, the hashed passwords are stored in the shadow file. This file is hashed and secured. Also, you cannot directly see the files like you can see regular files.
To access the hidden hashes type the following command:
unshadow /etc/passwd /etc/shadow > crack.txt
unshadow is a Linux command which extracts the password hashes. As you can see the above command sends the hashes into the crack.txt file.
As you can see below the file crack.txt which has the hashes of the password.
2) Extracting password hash dumps from Windows
Pwdump is an amazing hacking tool that can help you get the LM and NTLM secret password hashes of client accounts from the Security Account Manager (SAM) database.
Download and extract the pwdump in the windows machine you want to hack. Use pwdump7 for this tutorial.
Now just by using this tool, we can get the windows password hashes from the SAM database.
Open a terminal and type the following command in the pwdump7 directory
pwdump7 > hash.txt
As you can see below the hashes are extracted and stored in the file named hash.txt
Now once you have the hashes you can use john the ripper or hash suite to crack the passwords. If you want to crack the password using an android device, you can also use hash suite droid. I have written articles on each do read them.
Commonly asked questions about obtaining hashes
Q.1 Do websites have similar password hashes?
Yes, but they are stored in the database. If you are able to extract the database then you can get access to the passwords.
Q.2 Can we get facebook and Instagram password hashes?
No. You cannot crack passwords of Facebook and Instagram
Q.3 Does WhatsApp also have a hash?
No, it uses an encrypted key system. I have already made an article on how to hack WhatsApp with that method you can read it.
Q.4 Can any password hash be cracked?
If the corresponding password is found then hashes can only be cracked. If the password is too big and too unique then your security becomes that good. That is why we always suggest our users keep long and complicated passwords.