Saturday, March 28, 2009

Hack any Windows PC in 5 minutes

Resources Required:

1. Target computer should be able to boot with a USB Pendrive. Check BIOS...
2. Download image.exe from here.
3. Download usb_format.zip from here.
4. Download vfdwin from here.
5. Download LR4.exe from here.

Lets Begin.................

Perform the following on any Windows computer:
1. Install WinRAR, vfdwin, USB Format.

2. Right Click on image.exe and choose extract here using WinRAR.

3. It should say archieve is corrupt and you will get a file image.ima in the same directory

4. Open vfdwin and then "Open" image.ima. After sometime, you should notice a new floppy
drive, lets say a: in "My Computer"

5. Now launch USB Format and then select "File System" as FAT and check "Create Bootable DOS Diskette" and in the "use DOS system files located at", type in a: (or the drive that showed up after mounting the floppy image image.ima in step

6. Click on Start and wait a while.

7. When that is done, copy all the files from A: to your USB pendrive in the root folder ie if your USB is E:, then copy all files from a: to E:, but when it asks for Overwrite, always answer "NO" otherwise, the bootable USB may not work.

Now Lets Hack

Perform the following on the computer you want to recover passwords from:
(Windows NT/2000/XP/2003/Vista):

1. Insert the Pendrive THEN turn the computer on. Make sure the BIOS is so configured that the computer boots from USB.

2. Text will flick across the computer screen then the computer should switch off by itself.

3. Remove the disk. (The computer will not have been changed in any way and will work normally again when the disk is removed)

Final Step

Perform the following on any Windows computer with internet access:

1. Insert the Pendrive.

2. Open Pendrive and Browse for UPLOAD.TXT .

3. Open Command Prompt (Start -->Run --> Type "cmd" )

4.Change the directory of command prompt to Pendrive where "UPLOAD.TXT" is stored.



5. Type the following "LR4.exe --verbose --file=abc.txt"

(What all this does is converting the hash that can be interpreted only by Loginrecovery.com to the more general form of hash representation which can be cracked by any Password Cracker.)

---->>>eg. the hash that I had on my UPLOAD.TXT for Administrator was
Administrator:500:58,58,E7,F0,6B,16,44,B6,FC,02,2B,0C,8D,0D,6C,5C,46: _9C,B6,9B,4D,AF,14,34,AA,41,14,5E,23,EB,9C,4C,BD,XX:::

---->>>And the converted hash in abc.txt was as follows
Administrator:500:008F9813BEEC5EA4AAD3B435B51404EE:445E43F557BCDC52E9BC06CB9344F465:::

6. Now copy the same hash in abc.txt but only the part that after Username:500:
---->>eg. Here the hash for Administrator is
008F9813BEEC5EA4AAD3B435B51404EE:445E43F557BCDC52E9BC06CB9344F465

7.Now copy the same hash and paste it into the following site here:




8.Now finally its Done You can get the password within seconds .
Note : This site currently accepts alpha-numeric passwords only.
For password with special characters you can try this website here were you can submit
the hash and later you search for the same to know the password.

Happy Hacking