how to HACK a password // Windows Edition
Рет қаралды 1,281,364
10 ай бұрынCreate passwords I can’t hack with Dashlane (unlike Michael): dashlane.com/networkchuck50 (50% off) with code NETWORKCHUCK50
It is surprisingly easy to hack a password on Windows. In this video, NetworkChuck will demonstrate how you can grab a password hash from a Windows computer and reveal the passwords with a tool called impacket secrets dump. Once we have the hash, we can use a password cracking tool called Hashcat (a popular tool in Kali Linux), to crack the password.
VIDEO HELP
---------------------------------------------------
Mitigation Techniques: attack.mitre.org/techniques/T...
SECURITY MEASURES YOU NEED TO DISABLE TO USE ALL FEATURES IN THIS VIDEO
-Disable “DisableRestrictedAdmin” (this allows winrm and rdp access with a hash): reg add HKLM\System\CurrentControlSet\Control\Lsa /t REG_DWORD /v DisableRestrictedAdmin /d 0x0 /f
-Turn off Windows Firewall
-Enable RDP and add user to RDP users group
🔥🔥Join the NetworkChuck Academy!: ntck.co/NCAcademy
**Sponsored by Dashlane
SUPPORT NETWORKCHUCK
---------------------------------------------------
➡️NetworkChuck membership: ntck.co/Premium
☕☕ COFFEE and MERCH: ntck.co/coffee
Check out my new channel: ntck.co/ncclips
🆘🆘NEED HELP?? Join the Discord Server: / discord
STUDY WITH ME on Twitch: bit.ly/nc_twitch
READY TO LEARN??
---------------------------------------------------
-Learn Python: bit.ly/3rzZjzz
-Get your CCNA: bit.ly/nc-ccna
FOLLOW ME EVERYWHERE
---------------------------------------------------
Instagram: / networkchuck
Twitter: / networkchuck
Facebook: / networkchuck
Join the Discord server: bit.ly/nc-discord
AFFILIATES & REFERRALS
---------------------------------------------------
(GEAR I USE...STUFF I RECOMMEND)
My network gear: geni.us/L6wyIUj
Amazon Affiliate Store: www.amazon.com/shop/networkchuck
Buy a Raspberry Pi: geni.us/aBeqAL
Do you want to know how I draw on the screen?? Go to ntck.co/EpicPen and use code NetworkChuck to get 20% off!!
fast and reliable unifi in the cloud: hostifi.com/?via=chuck
- Password cracking techniques
- How to hack a password on Windows
- Cybersecurity vulnerabilities
- Cyberattacks and network security
- Kali Linux for password hacking
- Hashcat and CUPP for password cracking
- Pass the Hash attack
- NTLM and RDP security
- WinRM for remote access
- Ethical hacking for information security
- IT security and password protection
- NetworkChuck's password cracking tutorial
- Learn password cracking on NetworkChuck
- Understanding cybersecurity and password hacking
- Protecting against password hacking
- Information security and password protection
- IT security best practices for passwords
#passwordhacking #passwordcracking #windows
@NetworkChuck 10 ай бұрын
Create passwords I can’t hack with Dashlane: dashlane.com/networkchuck50 (50% off) with code NETWORKCHUCK50 VIDEO HELP --------------------------------------------------- Mitigation Techniques: attack.mitre.org/techniques/T1003/002/ SECURITY MEASURES YOU NEED TO DISABLE TO USE ALL FEATURES IN THIS VIDEO -Disable “DisableRestrictedAdmin” (this allows winrm and rdp access with a hash): reg add HKLM\System\CurrentControlSet\Control\Lsa /t REG_DWORD /v DisableRestrictedAdmin /d 0x0 /f -Turn off Windows Firewall -Enable RDP and add user to RDP users group 🔥🔥Join the NetworkChuck Academy!: ntck.co/NCAcademy **Sponsored by Dashlane
@Obama_ 10 ай бұрын
:)
@loadrocks1235 10 ай бұрын
My parents won’t let me and I got hacked plz help me ):
@JeffJeycyn 10 ай бұрын
Hy I'm just a kid interested in coding and I kinda need your help
@shootproof7080 10 ай бұрын
How not to hack a password. CLS
@elvendragonhammer5433 10 ай бұрын
You forgot to close the CMD/Powershell window on his PC so unless he's not used to your antics yet he knows something is up lol
@jakesteel3641 10 ай бұрын
Next time be sure to close the cmd window with your commands and delete the files you saved. Many hackers caught by not covering their tracks. Watch the clip you forgot this.
@ShinyTechThings 10 ай бұрын
Yup, he did 🤔
@Shimi1990 10 ай бұрын
LOL saw that too😂
@Destuctor28 10 ай бұрын
Hahaha hilarious to see that we all noticed it 😂
@yaboiJCMdagoat 10 ай бұрын
I’m pretty sure if he was doing it for real he would do all of that
@noviccen388 10 ай бұрын
relax and chill bro, it's staged. he knows whats he is doing
@Angadss101 10 ай бұрын
“He doesn’t even know” Also CMD open: 😂
@destroychihuahua 9 ай бұрын
I just found your channel two hours ago and you’ve already answered dozens of my questions across 3 videos. You’ve got my attention 😂
@TheCrazycrab2 6 ай бұрын
What blows me away is someone created hash cat, someone created CUPP, there are truly some brilliant minds out there that are on a level which is almost incomprehensible
@havaduman2689 10 ай бұрын
I've had the feeling BTC would be going to 3k as well. Clearing out all my Alts going into BTC and MA230FH only, maybe a little BNB.
@user-jl5cx8yb7i 8 ай бұрын
ALLHACKZEB help you aloot ❤❤❤
@rajaramanv 10 ай бұрын
I quite enjoyed the suspense, drama and all the fun you had. You are definitely not a boring computer nerd !
@imgunnaduwit 10 ай бұрын
youre vids are very well made and make learning white hats stuff very interesting, I'm a beginer and the more I watch your stuff the more it makes me want to learn keep up the good work
@yusufmusaoz 10 ай бұрын
Thank you for the update MA230FH is done right, and waiting is part of the process,
@dreadesina5216 7 ай бұрын
I know this is for educational purposes but most system now add salt to the password before it's hashed and also re hash it many times which mean the complexity is way too high to crack via brute forcing or rainbow table. I'm a developer and this is how we store password in the DB with some good library and I'm perplexed that window use MD4 while SHA256 is the most secure Hash function. Anyway good stuff like always haven't been on here in a minute your charismatic is what I came out here for and hoping I can grow my patches beard to your level 😀
@jeffburkholder2148 8 ай бұрын
very cool. Have watched a few of your videos. Question: what software are you using to write/draw on screen when doing the videos?
@Harrun 10 ай бұрын
Hey Chuck! Love your videos, they are super entertaining
@unknown-userGohst 10 ай бұрын
One of your top coolest videos Chuck! I learned a lot :)
@seanfager8063 10 ай бұрын
Nice. I had to break into a Windows system, once upon a time, when our vendor lost their password list for our site. Used the ol' "crash it over and over until it lets you boot into cmd/"DOS", replace the accessibility tools with a copy if cmd.exe, and manually modify the registry via the command prompt Windows launches instead of text-to-speech type stuff after a reboot" method. Works, but is a replacement for existing passwords rather than a data pull, so it's super obvious after the fact.
@kapzvara5732 8 ай бұрын
Great video thanks for this really interesting video on hashs
@narayan..7518 10 ай бұрын
I love this "educational" content. You're the best
@Shubham-Mishra 10 ай бұрын
Hey man, please post videos frequently, We miss you ❤
@JensSkov 8 ай бұрын
Love that T-shirt! I missed the affiliate link for that one :)
@somarm6929 10 ай бұрын
Great stuff as usual, I love your videos Chuck you are a great cybersecurity teacher and specialist. I enjoy your videos a lot and learn a lot from you. You are the best
@somarm6929 10 ай бұрын
@elenaalice4391 Thank you for the tip I'll definitely check them out
@lebothegizebo 9 ай бұрын
You can actually do this without being logged in. If you exploit CMD to be open on the login screen, it still works if you replace something like accessibility with CMD with a windows repair drive or if you do it by holding shift plus restart and going into cmd
@Mr.Programs1256 10 ай бұрын
Thats incredible i love all your video ! Keep doing good content like this !🙂
@justice32legends 10 ай бұрын
Oh no don't! Don't give me hope...
@DeNikow 10 ай бұрын
FYI, for domain users it's not the SAM hive but rather the SECURITY registry hive. The mistake that is often made is allowing end users to be local administrators on their endpoints within a domain. If an unknowingly system administrator then logs on to the PC with a domain administrator account or an account with local administrator on a domain member server, you're basically screwed if the endpoint is hacked. Even if the end user is not local admin, it's still really bad practice as there are other ways to elevate privileges depending on software used, Windows up-to-dateness etc.
@anaprivrat6050 9 ай бұрын
The way you approached my request in getting back my account added so much to it. It’s great to see how your unique perspective contributed to the outcome. The role you play on your job *Web back doors* is crucial. I really appreciate the constructive feedback you give to me regularly. Thank you for taking the time to work with me on this. It helped me get so much and also got my account back.
@sonniiiiii 10 ай бұрын
Awesome! Love your content. ❤
@Jessterr2 7 ай бұрын
I'm in a software engineering school right now. I think you just helped me affirm my major choice. Thanks lmao
@jackjaguarygo 3 ай бұрын
Would that be Cyber Security? I'm curious what type of degree or work this can translate to. It peaked my interest and I'd like to do something career-wise that involves this! Just want to make sure I recognize the proper track and stay on it! :)
@zehra.5479 10 ай бұрын
Your work speaks volumes of the kind of man you are - efficient, organized and result-oriented. Well done MetaspyClub Best Social Media Expertise Within you is the absolute power to rise above any situation or struggle, and transform it into the strongest and the most beautiful version of you ever.
@kristenarias2022 9 ай бұрын
Fewer problems, more solutions - keep working like this and nothing will be able to stop you from reaching the top. Good job *Web back doors* , Even the smallest of jobs well done will take you one step closer to the success you have always dreamed about. Keep it up Mate
@notleonid 10 ай бұрын
" He doesn't even know... What a sucker 😈" *left with the command prompt open with all the command history*
@uknowme4398 7 ай бұрын
00:00 Hacking Michael's Windows password using hash cracking 01:27 Obtaining system registry hash via command line 02:58 Secure your passwords with Dashlane 04:49 Extracted NTLM hashes can be cracked using password guessing tools 06:18 Hackers use dictionary attacks to crack passwords in data breaches. 07:57 Successfully hacked into a Windows machine using a dictionary attack 09:30 Pass the hash attack allows access to Windows computer without password. 11:01 Disabling security features was necessary to detect registry keys and execute commands remotely. Crafted by Merlin AI.
@Evil_Spotify 2 ай бұрын
Underrated comment
@MasteringAnySkillAndKnowledge 6 ай бұрын
Chuck, you showed great composure, impressive experiencea! Awesome...
@lgndw 10 ай бұрын
The way I used to do it was my own way I had loads of netbooks from ebay that had xp and vista on them so I fired up kali linux live installed chntpw looked in system 32 files for configuration folder then looked for SAM files put in a few commands and I got full access to the hdd.
@SeRoShadow 10 ай бұрын
Here is an easier way to OVERRIDE the password on any Windows OS. Run cmd then type : net user %username% * Input the new password to whatever you wish ( even blank ) and thats it. PS: as in video, you need access to an user account with admin priviledge.
@user-su5lw4tm5z 10 ай бұрын
Love you MR.chuck thanks for your content ❤❤❤
@Antonio-vf2xj 8 ай бұрын
After some time, I managed to actually make an USB that when you put on a pc and run a file, gravs those saves files from reigstry, also does other stuff like get the user name, ect, (to get something to make the passwords list later), it's pretty insane how actually it's so easy, but also hard, to hack people And before you say, yes, I tested it but I'm not using it to hack anyone else without him knowing. Anyway, I love this video, and this channel!
@user-xj1hl9qk6p 10 ай бұрын
Love your videos!!! Quick side note/observation/comment and a pretty much rhetorical question, its not so much of a "hack" when having to disable firewall, add user and possibly enable RDP and disable restricted admin, is it?? I dont know you may have addressed that at the start of the video, your pretty thorough so i would assume that you mentioned that, which makes me ponder the fact that i am writing this right now, past the point of return!!!! Thanks for the hours of entertainment AND KNOWLEDGE (more importantly) you have provided!!
@Matrixred11 3 ай бұрын
in one day i think i whatched all ur videos, good videos.
@chuckfinley4869 10 ай бұрын
leet mode is for leet text. Leet or 1337 is a way of writing used on the internet, in which the usual letters that are used to spell a word are replaced by numbers or special characters
@priyojitdeb1891 10 ай бұрын
03:58 you left the CMD window open for Michael to see
@celinediarra4906 10 ай бұрын
Thank you very much Chuk for such a great content.
@maltebjorklund4354 5 ай бұрын
really good explaining! You just got a like!!
@gerowen 10 ай бұрын
Years ago I used a Linux package called "chntpw" to forcibly reset the local Admin password on Windows machines. It's available in basically all Linux distributions and you just have to be able to mount the drive in question.
@camelotenglishtuition6394 10 ай бұрын
Right.. or just boot from a nix distro and copy the windows files ..
@Kenny_the_WBSK 10 ай бұрын
"He doesnt even know" *leaves cmd on* XD all jokes aside this is good information and I will try it out on my system as well for fun. Thanks chuck :)
@PotatoNachoIT 9 ай бұрын
who in the world would leave their computer ON without security where there is someone like chuck
@jackspartan4221 10 ай бұрын
Thank you for continuously making more videos!!
@zyphon7 10 ай бұрын
Frankly I’m just concerned with what Michael is doing in the bathroom. That’s a long break 😂
@lokeshsharma7703 4 ай бұрын
This so helped me a lot in my hacking journey Thank you so much 🙂🙂🙂🙂
@ogeretla9332 9 ай бұрын
could you get the files from outside the OS, for example a linux bootable drive, mounting the disk with the windows partition and grabbing the file. This is possible right?
@Obama_ 10 ай бұрын
Great video as always
@petershepherd447 8 ай бұрын
Anyone notice how Chuck left open the command prompt window with the commands in it on his employees computer? xD
@microsoftsarker 5 ай бұрын
Thanks man!! It was helpful 😃Thanks a lot
@Seanleeeeeeee-fk9xl 7 ай бұрын
Is it a good idea to use Kali Linux as my overall OS on my PC, or should I continue using VirtualBox?
@DmitriyK007 10 ай бұрын
Awesome video! Few questions. I hope Micheal staged this pass, and it is different from his common password(lol). 2, typically, on Windows, when you rdp, it kicks the logged-in user from the machine. Is Xrdp different?
@nayanchoudhary4353 10 ай бұрын
It should not be different experience. The person on the PC is locked out.
@An.Individual 10 ай бұрын
3:58 Chuck leaves the command prompt open so the guy will know what has happened. Rooky mistake.
@kreesky 9 ай бұрын
Any advice would be appreciated, I did all the steps in your video but hash-cat keeps saying EXHAUSTED. I even changed my password to something super simple and even WROTE it on the .txt, still says exhausted. Please help?
@faltadeinformacao5373 10 ай бұрын
great video just a small detail was missing during the explanation of the attack windows must have remote desktop and that it is activated for it to make the connection just a question is this a local attack?
@youssefshares 10 ай бұрын
You are such an inspiration to me ❤
@user-wi2hl6ce5j 10 ай бұрын
Hey dude Nice video! BTW don't forget to exit the command line window at 3:59
@coremanner1943 9 ай бұрын
Damn thankyou so much for the tutorial!!
@Felos_Felopoulos 10 ай бұрын
nice video as always!!
@chloetzpiano6548 10 ай бұрын
Just recently got hired as junior network engineer after passing ccna. My journey is still long ahead but networkchuck gave me this career interest path few years ago. Thank you chuck. Ok now to panic and keep studying.Bye
@danbromberg 8 ай бұрын
Is there a 100% Windows version (i.e., non-Linux) to do this? Love your energy!
@alphonseyt9574 10 ай бұрын
its really nice to try in friends in same network
@SamOfTheSmokies76 10 ай бұрын
Thanks for the vid man :D
@SisandaSibiya-ur1cy 10 ай бұрын
Bro was fighting for his life in that toilet😂😭
@tharakakarunarathne5346 10 ай бұрын
I did kind of a same thing 15 years back using telnet. My gaming friends were freaked out. Back then I only knwe to clise their running programs and shutdown the windows with a message. But that was enough. :D
@wizix9877 10 ай бұрын
next episode, Micheal suing NetworkChuck for emotional damage.
@sanjuk3 10 ай бұрын
Noticed he left the terminal open and michael doesnt notices it? LOL:))
@ShinigamiAnger 10 ай бұрын
There are also some cheap pendrives that do all the work for you, you just plug it in for a short period of time and they do all the work. That’s why you want to use a different account as the administrator AND an hardware key (yubikey like)
@AnthonyMarkSimon8863 9 ай бұрын
May i ask which software ur using? I wanted to practice it but i couldn't find the software ur using
@toumpanis 10 ай бұрын
But you left the cmd open on the way out with all the commands you've used... how he doesn't know as you said?
@8080VB 10 ай бұрын
Wow Secretdump is like the windows version of unshadow . Very cool !
@noviccen388 5 ай бұрын
10:03 does that work only for the same network segment? or it can be inter-network connected?
@DadVlogsContentWarning 10 ай бұрын
Great Video!
@shyguy6185 10 ай бұрын
Chuck: "He doesn't even know" Also Chuck: Leaves CMD window WITH COMANDS USED open and Saved files in folder.
@DerekNhyira 10 ай бұрын
Yea, noticed it.
@astronomia0_0 10 ай бұрын
How to install every single tool that network chuck used in his videos and that probably will use in his kali linux videos: First: make sure you have at least 10GB spare on your dev (1,2,3 and all the other that you and your system created) partition (not to be confused with the HOME partition, but if you selected the all files in one partition while installing, you shouldnt have to worry about this). 2: execute SUDO APT UPDATE -Y (-y stands for automatically allowing everything, basically you won't have to type y to agree with apt using you storage while running this specific process) 3: then SUDO APT FULL-UPGRADE -Y 3.5 (optional step): execute kali-tweaks if your system don't have the metapackage group installed yet 4: after you make sure it's completely update, do SUDO APT INSTALL KALI-LINUX-DEFAULT -y 5: then SUDO APT INSTALL KALI-LINUX-EVERYTHING -Y then go touch some grass because it's probably gonna take a considerable amount of time to completely install it 6: enjoy Side note for new devs: do not execute those listed commands in capslock, do it normally, I simply wrote that way so people could diferenciate between regular text and the command itself
@PicSta 10 ай бұрын
As you have said, you had to prepare a few things to get this “hacking method” to work. In a real world people use defaults, like RDP is not enabled, Windows Defender or any other security software is running. Means Windows is not better, worse compared to any other OS or software. All login systems use a similar way to store the needed hash value to check against the given password. All websites out there, where you sign up, the password gets stored in a DB with a hash value. What we should question, how easy it is to find out what it actually is.
@xxstepsxx4227 10 ай бұрын
He barely touched that coffee mug, call ambulance! Chuck is sick! 😂
@wonkavision4k758 7 ай бұрын
great video! so what about the wifi password . is that password you found just for windows?
@JackInSuit 10 ай бұрын
Hey @NetworkChuck you should consider creating a tutorial on how to make a pssword manager on a usb stik that encrypts your passwords. So like when you put in a password there is a rule that states A = 123 for example. I keep trying to do this but I am confused lol
@Cyhawkx 10 ай бұрын
Dude just use a normal password manager like keepassxc or 1password
@zeenxdownz 10 ай бұрын
@@Cyhawkx thats not the usual way that (i) or possibly (other programmers) do it. it's pretty fun to do, imagine making your own little lab with your own password manager. it's not for storing passwords, its for fun :D wish you luck.
@RazoBeckett. 10 ай бұрын
Quick and sweet
@RentedLipz 8 ай бұрын
are you doing this on the local machine or on a domain. I am assuming it is the local SAM of the desktop
@test-rj2vl 10 ай бұрын
I remember there was a live CD that could boot window computer and then use dictionary on those hashes. So you could basically make usb drive, take it to school computer class during the break when teacher was not there and get admin password to install some games.
@goc19777 10 ай бұрын
If it's Windows 10, you can do this MUCH more easily with a cmd trick lol 😂
@aninsecurecarrot 10 ай бұрын
What trick is that? Just curious
@sonniiiiii 10 ай бұрын
You left the cmd on. What if he saw it?
@dominicy4868 10 ай бұрын
Cmd window with all the commands used... they'd definitely notice. He also forgot to delete the files he saved 😅 most "hackers" get caught because they forget to cover their tracks
@funkyjunky3224 10 ай бұрын
This is amazing and I’m going to do something similar but use a rubber ducky and such. How would this would across different networks. Thinks a home firewall will stop you from connecting to a friends computer?
@tylerloomis3160 9 ай бұрын
FYI, leet is short for leetspeak, where you substitute numbers for letters (leet=1337) It was popular last century in IRC chat.
@xrellikgr 10 ай бұрын
Big shoot out to network Chuck for teaching me how to be an unethical hacker 😈
@ritsux4204 10 ай бұрын
Hey Chuck can you tell us how to install PHP in kali linux in your next video? btw I'm a huge fan of your videos and love your content.
@itskb1443 9 ай бұрын
I consider you *Web back doors* to be both a professional and mentor to those in your profession. I can always rely on your feedback and thoughts. I know that the door is always open for communication with you, which makes each process we work on together so much easier to complete. You are such an incredible problem-solver. Wow. Just wow.
@Calvinthewestie 10 ай бұрын
this didint work
@IDs4ios Ай бұрын
It won’t work with the iPhone comma or mobile comma just google the altoro mutual comma and copy and paste
@hacktheworld2976 10 ай бұрын
Hi! I like your videos networkchuck and i dont miss any of them. Can you make a video about how track location with phone number.
@charalampost769 10 ай бұрын
Great video Chuck, but is this for local or microsoft account? or both?
@mysteriousgamer 10 ай бұрын
Another mitigation would be to not use your administrator account by default. By using a general user account, Chuck would not have been able to create the hash file via CMD.
@TopMusicsEnglish 10 ай бұрын
Hey i have a question why dont we jus get the hash and convert to password using a converter online insted od coding it is it possible?
@modys434 6 ай бұрын
i love you very much you are my favorite teacher 🤩🤩😍
@dany2685 10 ай бұрын
Normally system folders should have administrator protection and it is not that easy to copy those files but this is a good beginner example of how to crack windows passwords
@dennisaleander5175 10 ай бұрын
Linux does that but it forces the user to input the account password every time which is not convenient.
@The.King.12 10 ай бұрын
What if there is no password?
@user-sr5pj2ee5e 22 күн бұрын
You'll know it by analyzing the hash
@bendixdavid3593 10 ай бұрын
Can I crack the Hash also on windows or do i have to use the Linux command prompt to do that?
@user-ql3ix6sg3h 8 ай бұрын
Good one bro!! How were you able to connect to your server computer graphically(GUI)??? I use openssh which isn't gui. You or anyone else please
@user-xh9ob1is1q 8 ай бұрын
*Thank god for life ALLHACKZEB helps aloot* ❤❤❤
@delofon 8 ай бұрын
You're talking about a Linux (or BSD too iirc) server right? If yes, OpenSSH supports X11 forwarding. This means you can install an X server on your SSH client PC (be it X Org or Xephyr for Linux or Xming or etc. for Windows). Then, by appending -Y parameter (read ssh manpage to better know what it does) to your ssh client (like `ssh -Y user@host`). This way you'll be able to open windows on your client PC as if they were opened on the server. This essentially will create a new desktop on your PC that thinks and acts like it's on the server. If not or you want to stream your server's existing desktop to your client, use either VNC or RDP.
@user-ql3ix6sg3h 7 ай бұрын
@@delofon Thank you bro, I will go about that. Appreciated.
@user-ql3ix6sg3h 7 ай бұрын
@@delofon How about similar thing but vice versa? like it should allow one to display graphical windows applications on one's linux desktop? just as it does on linux server to window client, but window server to linux client this time. So i want to independently control my windows apps or screen on another pc(linux) and then also use my windows apps independently. RDP like anydesk and teamviewer don't usually provide that. they just allow you to share the whole screen and whatever you do, it reflects live and directly on the remote pc. (windows is my intended remote in this case).
AS400 and SQL Tricks
Рет қаралды 5
CaseGuru / Наушники / Пылесосы / Смарт-часы /
Рет қаралды 4 МЛН