SAM database (Dumping and Cracking the local user accounts)
Let’s talk about the hash crack through post / hashdump and john (john the ripper) of the Metasploit module. Once the meterpreter shell is injected and driven into the target pc, the shell connection is maintained.
- Get meterpreter session
2. Privilege escalation
3. Use post/windows/gather/hashdump module
4. Since the dump file is still in memory, it can work with john the ripper module.use auxiliary/analyze/jtr_crack_fast