Practical Hacking Techniques and Countermeasures

Prev | Current Page 120 | Next

Mark D. Spivey

"Practical Hacking Techniques and Countermeasures"

Sometimes antivirus software will stop Pwdump
from being successful.
310

Practical Hacking Techniques and Countermeasures
Procedure:
Select the target and execute with the following syntax:
fgdump (-h host | -f filename) ??“u
Username ??“p Password
In this example, the target of 172.16.1.46 will have the password hashes
exploited by typing:
fgdump ??“vv ??“h 172.16.1.46 ??“u administrator ??“p 123

The
??“vv
instructs FGDump to run in very verbose mode.

The ??“h 172.16.1.46 identifies the target.

The ??“u administrator identifies the username to use.

The
??“p 123
is the password for the Administrator account.
Brute Force

311
According to the results of this example, the target:

Has the entire C Drive shared as C$ (a hidden share).

Has a mapped drive E: bound by ADMIN$ and is a writable share.

Has no antivirus running.
The passwords were successfully dumped from the target and all traces of
the attack were removed from the target.
From the directory on the attacker??™s machine, two new files were created:
172.16.1.46.cachedump
172.16.1.46.pwdump
Of the two, the 172.16.1.46.pwdump is the file of interest.
312 Practical Hacking Techniques and Countermeasures
By opening the 172.16.1.46.pwdump file with a text editor such as
Notepad the password hashes from the target are visible.
The 172.16.1.46.pwdump file will be used in the next lab (Lab 55 ??” LC5)
to produce the passwords for each account hash.

Pages:
108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132

Recollections of Calcutta for over Half a Century (page 112) The Time Traders (page 60) A Text-Book of the History of Painting (page 353)

Electronic Books

Mark D. Spivey

"Practical Hacking Techniques and Countermeasures"