I did many tutorials on cracking passwords, but no one seems to know how to extract password hashes. Well on popular demand we have decided to make an in-depth tutorial on extracting password hashes so that we can hack them with the help of other tutorials. So to make sure you understand the basics of password hashing before we continue.
Table of contents
What are password hashes?
The process of hashing is used to store passwords and sensitive data in computers, ensuring the security of the data. You can examine the following examples to observe some instances of hashes.
hash(“hello”) = 2cf24dba5fb0a30e26e83b2ac5b9e29e1b161e5c1fa7425e73043362938b9824
hash(“hbllo”) = 58756879c05c68dfac9866712fad6a93f8146f337a69afe7dd238f3364946366
hash(“waltz”) = c0e81794384491161f1777c232bc6bd9ec38f616560b120fda8e90f383853542
One-way functions, known as hash algorithms, transform any amount of data into an unalterable “fingerprint” of a fixed and predetermined length. They have the property that if the input changes even by a single bit, the resulting hash is completely different as you can see above.
Thus password hashing is excellent for protecting passwords because we still need to verify that a user’s password is correct.
The general workflow for account registration and authentication in a hash-based account system is as follows:
1. The user creates an account on a website or a network.
2. Their password is hashed and stored in the database.
3. When the user tries to log in, the hash of the password they entered is compared against the hash of their actual stored password ( hash is retrieved from the database).
4. If the hashes match, the user is granted access. If not, the warnings about incorrect credentials are shown.
5. Steps 3 and 4 repeat every time someone tries to log in to the account.
So we will be doing following tutorials for extracting password hashes
- Linux passwords
- windows passwords
DISCLAIMER: This is an educational article meant to aware of and educates readers about the hacks. Do not use this tool or website on any website. Do not apply or execute any method or use tools without the concern of the party.
The hackeracademy.org team will not be in any way responsible for any illegal activities and usage of tools by you. We want to make readers aware of active threats and how they work. Use this article only for educational purposes.
1) Obtaining Linux password hashes
In the Linux operating system, the shadow file stores the hashed passwords, which are hashed and secured. Also, you cannot directly see the files like you can see regular files.
To access the hidden hashes type the following command:
unshadow /etc/passwd /etc/shadow > crack.txt
unshadow is a Linux command which extracts the password hashes. As you can see the above command sends the hashes into the crack.txt file.
As you can see below the file crack.txt which has the hashes of the password.
2) Extracting password hash dumps from Windows
Pwdump is an amazing hacking tool that can help you get the LM and NTLM secret password hashes of client accounts from the Security Account Manager (SAM) database.
Download and extract the pwdump in the windows machine you want to hack. Use pwdump7 for this tutorial.
Now just by using this tool, we can get the windows password hashes from the SAM database.
Open a terminal and type the following command in the pwdump7 directory
pwdump7 > hash.txt
As you can see below, the program extracts and stores the hashes in the file named hash.txt.
Now once you have the hashes you can use john the ripper or hash suite to crack the passwords. If you want to crack the password using an android device, you can also use hash suite droid. I have written articles on each do read them.
Commonly asked questions about obtaining hashes
Q.1 Do websites have similar password hashes?
Yes, but the database stores them. If you are able to extract the database then you can get access to the passwords.
Q.2 Can we get facebook and Instagram password hashes?
No. You cannot crack passwords of Facebook and Instagram
Q.3 Does WhatsApp also have a hash?
No, it uses an encrypted key system. I have already made an article on how to hack WhatsApp with that method you can read it.
Q.4 Is it possible to crack any password hash?
If we find the corresponding password, we can only crack the hashes. If the password is too big and too unique then your security becomes that good. That is why we always suggest our users keep long and complicated passwords.