In this recipe, we will utilize John the Ripper (John) to crack a Windows Security Access Manager (SAM) file. The SAM file stores the usernames and password hashes of users of the target Windows system. For security reasons, the SAM file is protected from unauthorized access by not being able to be opened manually or be copied while the Windows system is in operation.
You will need access to a SAM file.
For this recipe, we will assume that you have gained access to a Windows host machine.
Let's begin the process of cracking a Windows SAM file using John the Ripper. We are assuming that you have accessed the Windows machine via either a remote exploit hack or you have physical access to the computer and are using Kali Linux on a USB or DVD-ROM drive.
Check for the hard drive you wish to mount:
Fdisk –l
Mount the hard drive and set
target
as its mount point:mount /dev/sda1 /target/
Change directories to the location...