Windows-Passwords

We can hack windows passwords using different methods.
Before going to hack windows passwords,we must learn about the internal mechanism that windows follows.

In windows,passwords are stored at C:\windows\system32\config\SAM.
But, that file is read only and is used by the Operating System.
So a normal user cannot access it,rename it or change it in anyway while using windows.
Because the moment windows operating system starts, the SAM file becomes inaccessible.

What is SAM?
The Security Accounts Manager is a database in the windows operating systems that contains usernames and passwords.
When a new user account is created with a password, it gets stored in the SAM file. These passwords are contained in the SAM in the hexadecimal format called HASHES.
when a user attempts to login,the username and the associated password will be checked with the entries of the SAM file.
If any entry in the SAM file matches with the entered login details,the user will be logged in. Otherwise it returns an error message requesting the user to enter the login details again.

Types of password attacks:
Dictionary attack:
 In this technique, some passwords will be written in a separate file called dictionary. This file contains common passwords used by the people. Using this file,we try to crack the password.
This is very fast but success rate is poor.
Brute Force Attack:
In this method we use all possible permutations by a set of character sets like 0-9,A-Z,a-z.
Advantage of this method is, the success rate is high.
Hybrid Attack:
We use the combination of the above two methods or any other.

Windows passwords can be hacked using the following tools.
1.Ophcrack live CD
2.ERD commander
3.Cain n Abel
4.John the ripper etc.

I will show how to hack windows passwords using Cain n Abel in my next tutorial.
Hope you liked it. If you have any doubts or suggestions leave your comments.