How to recover Windows XP passwords with PwDump and MdCrack

This is a one method to crack windows passwords. We will show you other windows password cracking methods in later posts. Here you will get an idea about how Windows password recovering method works exactly.

How many times did you attempted to recover the windows passwords lost bu you. ?
This guide will show you how to securely recover Windows Passwords using two tools PwDump and MdCrack.
Download two tools here (PwDump 7.1 and Mdcrack)

First of all I'll give a brief about what is MdCrack and Pwdump.
PwDump used to extract raw passwords from Windows SAM file. (In Windows OS, the SAM file is used to store all information about user passwords and logins) Once you extracted passwords from windows SAM file you can use them to find the what is the exact password.
You also can download PWdump from Andres Tarasco Acuna's web site here

The MdCrack part is converts raw hex data extracted by PwDump to decide the exact password. (MdCrack web site : http://mdcrack.openwall.net)

Ok let's begin to Recover our Windows Passwords.

Step 01:
First of all Download two tools here (PwDump 7.1 and Mdcrack)
Extract the zip and copy two folders to a main level directory in my computer (for ex: to D:\ drive)

Step 02:
Run Your CMD 'Command Prompt' in Windows
Start > Run > type 'cmd' > OK.

Step 03:
Now type the path to PwDump.exe in command prompt.
EX: D:\pwdump\pwdump.exe (don't put spaces between words)
then hit Enter to extract raw passwords from SAM file.

Here is how it looks like on my Windows PC. It should looks same in yours. (click on the image to get a larger version)

Step 04:
Now copy all raw data from command prompt(CMD) to a notepad and save.
(right click on CMD and click on mark to enable select and select the content of passwords and type CTRL+V to copy.)
Close the CMD.

Step 05:
Now again open the CMD and type the path to MDcrack to fire up MdCrack.
You should care in this step.
EX: D:\md-crack\MDCrack-sse.exe --algorithm=NTLM1 A9079FA49307FF67A8297431A2AC6770

the hex part (A9079FA49307FF67A8297431A2AC6770) should be the second part of the hex data shown after each user. (after the : mark of hex raw)
Now hit enter to begin the process.

You are alsmost done and just wait till the MdCrack recovering the passwords.
Don't forgot to let us know your rresults here.
Happy Cracking/Recovering


  1. Just tell me the how the algorithm part works.
    Do we have to enter it before the hex part. ?

  2. Yes
    you have to type exactly same as the above picture says. Just change the hex part with yours numbers.
    Please let me know whether you succeeded with this method.

  3. How much time taken to get results ?

  4. It's depend on the size of the password.
    Some times it got in few seconds.

  5. This really a good site Programming. I have lot of info in this site. and we have a boiler installation company at UK London.
    The site URL is

  6. or you can watch step by step video tutorial here http://tinyurl.com/ncmrom

  7. Some good advice here. Another nice utility I've used with success in past when helping someone to recover a lost or forgotten password is the Offline NT Password & Registry Editor. You can find more info about it and a free download of it over at the following address:

  8. It was not my windows password but my entire data which was accidentally deleted .I went for a windows data recovery software named Stellar Phoenix Windows Data Recovery Software and it it really worked in an excellent way.

  9. SPWDR seems a very powerful software

  10. I have recently bought a second-hand computer from a store. But when it starts up, it requires me to type the administrator password, and it makes me quite disappointed!

    Eventually I have managed to reset the administrator password using a password reset boot CD from http://www.top-password.com/reset-windows-password.html

  11. I tried this and got the error *unable to allocate enough memory* sorry but I am a COMPLETE NOOB please help me!

  12. Your rar contains trojan horses. better off downloading from the authors, it's clean then.

  13. so far so good now i just need to wait....and wait

  14. When i type in the path to PWdump.exe in cmd, it says access denied. why ?
    I have administrator privileges and im using PWdump7 :(
    How do i get access? thx in advance..

  15. "I tried this and got the error *unable to allocate enough memory* sorry but I am a COMPLETE NOOB please help me! "

    me too, what is the problem?!!

  16. it says "unable to allocate enough memory"! what do I do?

  17. used this and everythig worked as said above. was able recover only the administrator password could not recover my user name/domain loggin. but at least we got back the use of the computer.

  18. its god thank, john the ripper work´s to

  19. In my situation, PwDump 7 worked great!
    Unfortunately MdCrack never did manage to break the passwords on my workstation.
    It ran for over 40 minutes with no success.
    However, I was able to use a website called http://crackstation.net/ which let me enter the hashes for two passwords, and within 5 seconds apiece, they were successfully cracked!!!
    Mike H.