diff --git a/05a-Windows.md b/05a-Windows.md new file mode 100644 index 0000000..af8fa74 --- /dev/null +++ b/05a-Windows.md @@ -0,0 +1,65 @@ +# 05a-Windows +## 01-E01-find-installation-and-version + +![find-windows-installation-and-version](https://git.neumannsland.de/casualscripter/Masterthesis/raw/branch/master/home/lucifer/Pictures/Screenshots/windows-version.png) + +## 02a-RAW-remove-hiberfile + +See #4 ! + +## 02b-RAW-delete-dev-mapping-and-detach-loop-dev + +See #4 ! + +## 03a-WindowsDir-fred + +![fred-windows-hives](https://git.neumannsland.de/casualscripter/Masterthesis/raw/branch/master/home/lucifer/Pictures/Screenshots/windows-fred.png) + +![fred-software-hive](https://git.neumannsland.de/casualscripter/Masterthesis/raw/branch/master/home/lucifer/Pictures/Screenshots/fred-windows-version.png) + +I also think about an alternative (or addition) for some time: + +```shell +$ regripper -r SOFTWARE -p winver +Launching winver v.20200525 +winver v.20200525 +(Software) Get Windows version & build info + +ProductName Windows 7 Ultimate +CSDVersion Service Pack 1 +BuildLab 7601.win7sp1_gdr.130828-1532 +BuildLabEx 7601.18247.amd64fre.win7sp1_gdr.130828-1532 +RegisteredOrganization +RegisteredOwner user +InstallDate 2013-11-08 11:29:52Z +``` + +## 03b-NTUSER.DAT-fred + +![fred-user-hive](https://git.neumannsland.de/casualscripter/Masterthesis/raw/branch/master/home/lucifer/Pictures/Screenshots/NTUSER.DAT-fred.png) + +## 04-WindowsDir-activate-all-services-in-Vista-and-7 + +Just right click, fire up and click ok. + +## 05-E01-pwdump + +![pwdump](https://git.neumannsland.de/casualscripter/Masterthesis/raw/branch/master/home/lucifer/Pictures/Screenshots/pwdump.png) + +## 06-pwdump-Ophcrack + +![Ophcrack-tables](https://git.neumannsland.de/casualscripter/Masterthesis/raw/branch/master/home/lucifer/Pictures/Screenshots/Ophcrack-rainbow-tables.png) + +![Ophcrack](https://git.neumannsland.de/casualscripter/Masterthesis/raw/branch/master/home/lucifer/Pictures/Screenshots/Ophcrack.png) + +## 07a-pwdump-hashcat-dictionary + +![hashcat-dictionary](https://git.neumannsland.de/casualscripter/Masterthesis/raw/branch/master/home/lucifer/Pictures/Screenshots/hashcat-dictionary.png) + +## 07b-pwdump-hashcat-brute-force + +![hashcat-patterns](https://git.neumannsland.de/casualscripter/Masterthesis/raw/branch/master/home/lucifer/Pictures/Screenshots/hashcat-brute-force-patterns.png) + +## 08-WindowsDir-chntpw + +![chntpw](https://git.neumannsland.de/casualscripter/Masterthesis/raw/branch/master/home/lucifer/Pictures/Screenshots/chntpw.png)