All Linux HowTo's Security HowTo's Windows HowTo's

Get and Crack Windows 10 Passwords

This article demonstrates one way to get and crack Windows 10 passwords. All the steps are completed on Windows 10. The last step of running the hashes through the Rainbow attack process could be replaced with John (JtR). The tools we’ll use are:

  1. Windows 10 Pro
  2. samdump2
  3. mimikatz

Step 1. Log into the Windows 10 host and run the following command in CMD with administrative privileges:

reg save hklm/sam c:\sam.dump
reg save hklm/system c:\system.dump

Step 2. Disable the AV or add an exception (preferred). The Antivirus will almost certainly complain about (and remove) the program “mimikatz.exe”.

Step 3. Download “mimikatz” from the following URL:

Step 4. Unzip the “mimikatz” archive and execute the [32bit] “Win32\mimikatz.exe” or [64bit] “x64\mimikatz.exe”. Tip: you can double click the executable to start it.

Step 5. Run the following commands to extract the password hashes:

log hash.txt
lsadump::sam /system:c:\system.dump /sam:c:\sam.dump

Step 6. Open the “hash.txt” file to see find the hashes. They aren’t presented nicely so you need to copy/paste the hashes out yourself.

User : sally
  Hash NTLM: fb7eb56be65be76eb123eb321...

Using the above as an example, I’d create a new text file that looks like this:


The Rainbow input field doesn’t allow for the user names so we need to exclude those before placing the hashes into the Rainbow system. Like this:


Step 7. Visit the website that follows and paste the hashes (only the hashes, not the usernames) into the text field. Satisfy the “Captcha” and click the “Crack Hashes” button.

Similar Posts:

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.