[root-me]Command & Control Level 5

The goal from the challenge was to get the password of user JohnDoe from a given memory dump,so lets get started

First, get Hashdump using the great Volatility :

root@kaliLinux:~/rootme# python /root/networkpentest/volatility-2.4/vol.py -f ch2.dmp --profile=Win7SP0x86 hashdump

Volatility Foundation Volatility Framework 2.4
Administrator:500:aad3b435b51404eeaad3b435b51404ee:31d6cfe0d16ae931b73c59d7e0c089c0:::
Guest:501:aad3b435b51404eeaad3b435b51404ee:31d6cfe0d16ae931b73c59d7e0c089c0:::
John Doe:1000:aad3b435b51404eeaad3b435b51404ee:b9f917853e3dbf6e6831ecce60725930:::

Then use john to crack John Doe Password :

root@kaliLinux:~/rootme# john ./pwlist --format=nt --wordlist=/root/rockyou.txt
Created directory: /root/.john
Loaded 1 password hash (NT MD4 [128/128 X2 SSE2-16])
-> passw0rd         (John Doe)
guesses: 1  time: 0:00:00:00 DONE (Thu Jan  8 13:53:58 2015)  c/s: 16000