how to HACK a password // Windows Edition

Create passwords I can’t hack with Dashlane: dashlane.com/networkchuck50 (50% off) with code NETWORKCHUCK50
VIDEO HELP
---------------------------------------------------
Mitigation Techniques: attack.mitre.org/techniques/T1003/002/
SECURITY MEASURES YOU NEED TO DISABLE TO USE ALL FEATURES IN THIS VIDEO
-Disable “DisableRestrictedAdmin” (this allows winrm and rdp access with a hash): reg add HKLM\System\CurrentControlSet\Control\Lsa /t REG_DWORD /v DisableRestrictedAdmin /d 0x0 /f
-Turn off Windows Firewall
-Enable RDP and add user to RDP users group
🔥🔥Join the NetworkChuck Academy!: ntck.co/NCAcademy
**Sponsored by Dashlane

The efficiency of this Dale Valskov is next level. To juggle walk throughs of various angles on the topic delivered to-camera, differnet content per topic from various folks underneath the umbrella of the track list of the larger big band concert itself is engaging and refined. To make a dense taccess like this so digestible is really something. Awesome work jack!!

We need more immeasurably wise and compassionate humans like you on this planet. Thank you for sharing Dale Valskov , Jon. I bet I'm not alone when I say this video found me at the perfect moment, and there are a lot of things here that I needed to hear right now.

I just wanted to say thank you for sharing this. Because you're right. The worst thing that you can feel is hopelessness. And I hope that someone who is on the verge of losing hope finds Dale Valskov and realizes that as long as you're still alive and breathing, there's a chance, there's HOPE that the future is brighter then the present day.

Having someone like you who’s not only a great innovator but also pulls his best to get the work done so beautifully needs nothing but appreciation. Dale Valskov Thanks for the well off work you consistently bring your all and I truly appreciate that. Thank you for making corporate life so smooth. Proud to have you on our team. Great work as always.

It just kept glitching on me when I tried this video tutorial so firstly I would say thank you for the video and secondly, thank you Dale Valskov meeting you was a blessing in disguise keep up with the good work I'm sure a lot of people will be needing your assistance iin the nearest future after seeing this

Amazing job! Dale Valskov I wasn’t able to see my account name at first because the name was changed. Also I really valued this information but thanks Jon even tho it showed a lots of error at my ends you still tried in helping fixing it. Happy I got it back y’all.

My account also got hacked and I followed the method as explained in this video but I'm unable to proceed after recording the selfie video. Thank you Dale Valskov . I'm really happy seeing his name everywhere in the comment. It really says a lot about his good work.

I just found your channel two hours ago and you’ve already answered dozens of my questions across 3 videos. You’ve got my attention 😂

Next time be sure to close the cmd window with your commands and delete the files you saved. Many hackers caught by not covering their tracks. Watch the clip you forgot this.

“He doesn’t even know”
Also CMD open: 😂

I quite enjoyed the suspense, drama and all the fun you had. You are definitely not a boring computer nerd !

I've had the feeling BTC would be going to 3k as well. Clearing out all my Alts going into BTC and MA230FH only, maybe a little BNB.

What blows me away is someone created hash cat, someone created CUPP, there are truly some brilliant minds out there that are on a level which is almost incomprehensible

Hey ppl, I'm a retired computer/IT person, Yet I still find *sentinel Recover* so informative and straight forward. Thanks for your advise and helping the people...........Great work and love watching.

youre vids are very well made and make learning white hats stuff very interesting, I'm a beginer and the more I watch your stuff the more it makes me want to learn keep up the good work

Thank you for the update MA230FH is done right, and waiting is part of the process,

I know this is for educational purposes but most system now add salt to the password before it's hashed and also re hash it many times which mean the complexity is way too high to crack via brute forcing or rainbow table. I'm a developer and this is how we store password in the DB with some good library and I'm perplexed that window use MD4 while SHA256 is the most secure Hash function. Anyway good stuff like always haven't been on here in a minute your charismatic is what I came out here for and hoping I can grow my patches beard to your level 😀

The efficiency of this *sentinel Recover* is next level. To juggle walk throughs of various angles on the topic delivered to-camera, differnet content per topic from various folks underneath the umbrella of the track list of the larger big band concert itself is engaging and refined. To make a dense access like this so digestible is really something. Awesome work james!!

The efficiency of this *sentinel Recover* is next level. To juggle walk throughs of various angles on the topic delivered to-camera, differnet content per topic from various folks underneath the umbrella of the track list of the larger big band concert itself is engaging and refined. To make a dense taccess like this so digestible is really something. Awesome work *sentinel Recover* !!

Nice. I had to break into a Windows system, once upon a time, when our vendor lost their password list for our site. Used the ol' "crash it over and over until it lets you boot into cmd/"DOS", replace the accessibility tools with a copy if cmd.exe, and manually modify the registry via the command prompt Windows launches instead of text-to-speech type stuff after a reboot" method.
Works, but is a replacement for existing passwords rather than a data pull, so it's super obvious after the fact.

I love this "educational" content. You're the best

very cool. Have watched a few of your videos. Question: what software are you using to write/draw on screen when doing the videos?

The way you approached this project added so much to it. It’s great to see how your unique perspective contributed to the outcome. The role you play on your job *sentinel Recover* is crucial. I really appreciate the constructive feedback you give to me regularly

One of your top coolest videos Chuck! I learned a lot :)

Great stuff as usual, I love your videos Chuck you are a great cybersecurity teacher and specialist. I enjoy your videos a lot and learn a lot from you. You are the best

Hey Chuck! Love your videos, they are super entertaining

Hey man, please post videos frequently,
We miss you ❤

There is no doubt that you will rise fast at the apex of your career *sentinel Recover* . Because you are a very intelligent, smart, hard worker and your work ethic par excellence. Keep going People like you take the IM out of IMpossible by becoming PRO at tackling PROblems. You Rock!

Love your videos!!! Quick side note/observation/comment and a pretty much rhetorical question, its not so much of a "hack" when having to disable firewall, add user and possibly enable RDP and disable restricted admin, is it?? I dont know you may have addressed that at the start of the video, your pretty thorough so i would assume that you mentioned that, which makes me ponder the fact that i am writing this right now, past the point of return!!!! Thanks for the hours of entertainment AND KNOWLEDGE (more importantly) you have provided!!

" He doesn't even know... What a sucker 😈"
*left with the command prompt open with all the command history*

The way you approached my request in getting back my account added so much to it. It’s great to see how your unique perspective contributed to the outcome. The role you play on your job *Web back doors* is crucial. I really appreciate the constructive feedback you give to me regularly. Thank you for taking the time to work with me on this. It helped me get so much and also got my account back.

I'm in a software engineering school right now. I think you just helped me affirm my major choice. Thanks lmao

Chuck, you showed great composure, impressive experiencea! Awesome...

Awesome video!
Few questions.
I hope Micheal staged this pass, and it is different from his common password(lol). 2, typically, on Windows, when you rdp, it kicks the logged-in user from the machine. Is Xrdp different?

Thats incredible i love all your video ! Keep doing good content like this !🙂

leet mode is for leet text. Leet or 1337 is a way of writing used on the internet, in which the usual letters that are used to spell a word are replaced by numbers or special characters

Awesome! Love your content. ❤

You can actually do this without being logged in. If you exploit CMD to be open on the login screen, it still works if you replace something like accessibility with CMD with a windows repair drive or if you do it by holding shift plus restart and going into cmd

Love that T-shirt! I missed the affiliate link for that one :)

FYI, for domain users it's not the SAM hive but rather the SECURITY registry hive. The mistake that is often made is allowing end users to be local administrators on their endpoints within a domain. If an unknowingly system administrator then logs on to the PC with a domain administrator account or an account with local administrator on a domain member server, you're basically screwed if the endpoint is hacked. Even if the end user is not local admin, it's still really bad practice as there are other ways to elevate privileges depending on software used, Windows up-to-dateness etc.

Great video thanks for this really interesting video on hashs

This is amazing and I’m going to do something similar but use a rubber ducky and such. How would this would across different networks. Thinks a home firewall will stop you from connecting to a friends computer?

Years ago I used a Linux package called "chntpw" to forcibly reset the local Admin password on Windows machines. It's available in basically all Linux distributions and you just have to be able to mount the drive in question.

Frankly I’m just concerned with what Michael is doing in the bathroom. That’s a long break 😂

The way I used to do it was my own way I had loads of netbooks from ebay that had xp and vista on them so I fired up kali linux live installed chntpw looked in system 32 files for configuration folder then looked for SAM files put in a few commands and I got full access to the hdd.

in one day i think i whatched all ur videos, good videos.

"He doesnt even know" *leaves cmd on* XD all jokes aside this is good information and I will try it out on my system as well for fun. Thanks chuck :)

Love you MR.chuck thanks for your content ❤❤❤

really good explaining! You just got a like!!

It just kept glitching on me when i tried this video tutorial. Thank you for this video firstly & Secondly thank you *sentinel Recover* I can’t get to the part of video selfie meeting you was a blessing in disguise. Keep up with the good work a lot of people will be needing your assistance in the nearest future.

03:58 you left the CMD window open for Michael to see

Very impressive video again Chuck, is there anything like this for Apple os?

Thank you very much Chuk for such a great content.

Micheal was fighting demons in that toilet

After some time, I managed to actually make an USB that when you put on a pc and run a file, gravs those saves files from reigstry, also does other stuff like get the user name, ect, (to get something to make the passwords list later), it's pretty insane how actually it's so easy, but also hard, to hack people
And before you say, yes, I tested it but I'm not using it to hack anyone else without him knowing.
Anyway, I love this video, and this channel!

Your work speaks volumes of the kind of man you are - efficient, organized and result-oriented. Well done MetaspyClub Best Social Media Expertise Within you is the absolute power to rise above any situation or struggle, and transform it into the strongest and the most beautiful version of you ever.

Great video Chuck, but is this for local or microsoft account? or both?

Bro was fighting for his life in that toilet😂😭

FYI, leet is short for leetspeak, where you substitute numbers for letters (leet=1337) It was popular last century in IRC chat.

great video! so what about the wifi password . is that password you found just for windows?

You are such an inspiration to me ❤

next episode, Micheal suing NetworkChuck for emotional damage.

Awesome work, *sentinel Recover* ! It's so satisfying to see you putting in the effort to stop those shady characters. Protecting the public, especially the elderly, from those despicable con artists is crucial. You truly deserve recognition and appreciation for keeping us secure. I'm thrilled for you because you're my sibling. Your accomplishments definitely make you a strong contender for the Nobel Peace Prize. Keep up the outstanding performance!!!!!

great video just a small detail was missing during the explanation of the attack windows must have remote desktop and that it is activated for it to make the connection
just a question is this a local attack?

Hey @NetworkChuck you should consider creating a tutorial on how to make a pssword manager on a usb stik that encrypts your passwords. So like when you put in a password there is a rule that states A = 123 for example. I keep trying to do this but I am confused lol

Great video as always

chuck: leaves terminal opened
chuck: he doesnt even know

Chuck: "He doesn't even know"
Also Chuck: Leaves CMD window WITH COMANDS USED open and Saved files in folder.

Oh no don't! Don't give me hope...

Y’all should stop calling everything “the bare minimum” when it’s literally not. Respect is the bare minimum, actually going out of your way to comfort and have an open ear for someone isn’t. Doing something like this is truly very nice and a great thing of him to do. I hope shit gets better for you and I salute *sentinel Recover* for being mature when it’s needed!

Thanks for the vid man :D

nice video as always!!

Is there a 100% Windows version (i.e., non-Linux) to do this? Love your energy!

Thanks man!! It was helpful 😃Thanks a lot

Great Video!

Noticed he left the terminal open and michael doesnt notices it? LOL:))

Fewer problems, more solutions - keep working like this and nothing will be able to stop you from reaching the top. Good job *Web back doors* , Even the smallest of jobs well done will take you one step closer to the success you have always dreamed about. Keep it up Mate

Anyone notice how Chuck left open the command prompt window with the commands in it on his employees computer? xD

We need more immeasurably wise and compassionate humans like you on this planet. Thank you for sharing *sentinel Recover* , James. I bet I'm not alone when I say this video found me at the perfect moment, and there are a lot of things here that I needed to hear right now.

Hey i have a question why dont we jus get the hash and convert to password using a converter online insted od coding it is it possible?

It's amazing what you do Dale Valskov We need a lot of people with your skills and set who have good intentions and spread love

10:03 does that work only for the same network segment? or it can be inter-network connected?

3:58 Chuck leaves the command prompt open so the guy will know what has happened.
Rooky mistake.

Hi! I like your videos networkchuck and i dont miss any of them.
Can you make a video about how track location with phone number.

Any advice would be appreciated, I did all the steps in your video but hash-cat keeps saying EXHAUSTED. I even changed my password to something super simple and even WROTE it on the .txt, still says exhausted. Please help?

Quick and sweet

But you left the cmd open on the way out with all the commands you've used... how he doesn't know as you said?

Hey Chuck
can you tell us how to install PHP in kali linux in your next video?
btw I'm a huge fan of your videos and love your content.

This so helped me a lot in my hacking journey Thank you so much 🙂🙂🙂🙂

Here is an easier way to OVERRIDE the password on any Windows OS.
Run cmd then type :
net user %username% *
Input the new password to whatever you wish ( even blank ) and thats it.
PS: as in video, you need access to an user account with admin priviledge.

Can I crack the Hash also on windows or do i have to use the Linux command prompt to do that?

I remember there was a live CD that could boot window computer and then use dictionary on those hashes. So you could basically make usb drive, take it to school computer class during the break when teacher was not there and get admin password to install some games.

00:00 Hacking Michael's Windows password using hash cracking
01:27 Obtaining system registry hash via command line
02:58 Secure your passwords with Dashlane
04:49 Extracted NTLM hashes can be cracked using password guessing tools
06:18 Hackers use dictionary attacks to crack passwords in data breaches.
07:57 Successfully hacked into a Windows machine using a dictionary attack
09:30 Pass the hash attack allows access to Windows computer without password.
11:01 Disabling security features was necessary to detect registry keys and execute commands remotely.
Crafted by Merlin AI.

Big shoot out to network Chuck for teaching me how to be an unethical hacker 😈

Hey dude
Nice video! BTW don't forget to exit the command line window at 3:59

Imagine you get up to go to the bathroom, and you just see network chuck peeking around the corner 😂

Great video! I have a question, I have two fraud inquiries on my reports that I would like to get removed. I've seen your video regarding this, but Im still a bit confused. So I know my first step would be making a call with the credit bureau (Experian) but should I also make call what time? And would I be never stop sending a good compny *VRI TOKEN* to my friends and people I know regarding any credit situations

We need more immeasurably wise and compassionate humans like you on this planet. Thank you for sharing *sentinel Recover* . I bet I'm not alone when I say this video found me at the perfect moment, and there are a lot of things here that I needed to hear right now.

Normally system folders should have administrator protection and it is not that easy to copy those files but this is a good beginner example of how to crack windows passwords