ApolloSoldier

Showing Your Current Password

23 posts in this topic

This may sound like an odd question, but how do you show what your current password is when logged in? I don't want to change it, just show what it is. If anyone could help that would be great.

are you talking about your forum password?

I'm guessing its for a windows pass...

Could you be a little more specific?

0

Share this post


Link to post
Share on other sites

You can't in well designed systems.

0

Share this post


Link to post
Share on other sites

Marioni!

That's all I'm saying.

Edited by Replica
0

Share this post


Link to post
Share on other sites

If you're on a Windows box, you might want to try Cain and try to dump whatever passwords are still stored in the memory and Cookies. They might correspond with the login password.

If this fails, you could try to crack it. Alternatively you could boot up a small Linux distribution, browse to your system directory and use pwdump2 + JTR. However, it's probably only a viable option if you suspect the password is reasonably weak, if you have access to Deep Blue, or if you have months of Green Wing episodes to get through, because the process can be terribly slow. Good luck!

0

Share this post


Link to post
Share on other sites

Ophcrack is what you need as said before. This will show you the passwords on you machine.

http://sourceforge.net/project/showfiles.p...ckage_id=167699

Alternatively:

Irongeek also has a video tutorial called Cracking Syskey and the SAM on Windows Using Samdump2 and John which is what you'll be doing.

This is basically ALL you need to know.

0

Share this post


Link to post
Share on other sites
His password is very long (+8 characters) and consists of only numbers.

That is quite a weak password if it is all numbers.

Using just numbers, the minimum number of possible combinations for an 8 character password is 10^8. With 9 characters, it is 10^9.

If it is just using the lower case alphabet, the combinations at 8 characters are 26^8 (~208x10^9), 9 characters is 26^9 (~5x10^12).

Considering that a medium computer could probably compute something in the region of ~2x10^6 hashes per second (ntlm hash benchmark using Winrtgen on my 1.73GHz laptop) a password of between 8 and 10 numeric only characters will only take a couple of days to crack (less if you have more computing power). Alphabetic will take a bit longer.

A really good password would be consisting of:

Upper case letters (26 to choose from)

Lower case letters (26 to choose from)

Numbers (10 to pick from)

Special characters (at least 32 to pick from if anything is permitted)

This gives a possible 94^8 (~6x10^15) combinations for an 8 character password. Even more for a longer one. This will take you quite a while to crack.

0

Share this post


Link to post
Share on other sites

ophcrack is the way to go here, or some other liveCD technique. *Auditor fan*... but before that, try your birthday, siblings birthday, his birthday or his anniversary. all in reverse too. might save you the download.

0

Share this post


Link to post
Share on other sites

As much as I love Ophcrack, I don't think I can recommend it as my first choice for this situation.

It takes too much time and you definatley can't risk getting caught; I'm sure you'd lose a lot more than admin privileges if you did.

Aside from time, you also mentioned that he (your dad) almost always stays logged in so he might notice if the machine was rebooted.

For this scenario I think the best solution would be a hardware keylogger; i.e. The KeyKatcher.

Edited by xGERMx
0

Share this post


Link to post
Share on other sites

Okay, so download Ophcrack. I have PowerIso so I can mount it to a disk. Would this require a reboot? Thank for the help guys.

Edited by ApolloSoldier
0

Share this post


Link to post
Share on other sites

Yeah...you stick the cd in and then reboot

...In the BIOS you have to make sure that you select "boot from cd" too

0

Share this post


Link to post
Share on other sites

a key logger is the right tool for this. if you can though, social engineering, or lean over his shoulder and watch what he types, are the safer bets.

0

Share this post


Link to post
Share on other sites
What if I used the Ophcrack on my machine? Would it retreive the password he used or just my passwords?

Young padawan, you have one of three choices:

Option A)

Watch as your dad types the password in. Remember one number each time and go write it down. It's much easier than trying to remember everything all at once.

Option B)

Install Cain & Able on your dad's computer, dump the hashes and submit them to plain-text.info and wait for the cracked password.

Option C)

Ophcrack and repeat last part of option B.

0

Share this post


Link to post
Share on other sites
What if I used the Ophcrack on my machine? Would it retreive the password he used or just my passwords?

It'll enable you to find passes for each user on that computer.

What I suggest is looking for a manual or tutorial explaining the use of ophcrack and reading it.

0

Share this post


Link to post
Share on other sites

But, with cracking, it can take an enormous amount of time if the password is strong. If you key log, you will do less work and have /all/ passwords to the machine. It just takes a little craftiness in order to do it. What anti-virus is running on the target machine? If it is Norton or McAfee (or any other decent AV) you will need to use a live CD. Those AV's pick up most key loggers. In any case, your going to have to read and follow tutorials- with great understanding. If your dad finds out you _will_ loose access to your computers. <_<

Alk3

0

Share this post


Link to post
Share on other sites
If your dad finds out you _will_ loose access to your computers. <_<

He may have already :lol:

0

Share this post


Link to post
Share on other sites
siw.exe FTW

click 'secrets'

Great program, use it all the time, doesn't get this guy anywhere closer to his goal.

0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now