Electronic Books

Brute Force
335
Remove CHNTPW and reboot the virtual computer. More than likely the
machine will want to perform a file system check. Allow this check to complete.
The virtual computer will boot and bring up the log-in screen. Use the
username of Administrator with no password. Press the Enter key.
336
Practical Hacking Techniques and Countermeasures
The Windows Administrator now logs in.
Now the attacker has complete control over this computer. Had this been
a domain controller, the attacker would now have control over the domain.
*Note: The fact that an attacker can get physical access to your server is bad enough.
CHNTPW demonstrates how that access can cost you the data on your server
or network. The reality is an attacker in this position would set up backdoors
throughout the network and return from outside the building ???at will.???
Brute Force
337
Lab 57: Brute-Force Passwords
Brute-Force Passwords for a Hashed File: John the Ripper
Prerequisites: Hashed password file
Countermeasures: Strong Administrator passwords, strong password policy
Description: John the Ripper (JtR) has been around seemingly forever.
Its ability to brute-force passwords has a proven track record. It is
flexible, fast, and efficient, which are all quality items to look for when
cracking passwords. Remember that all commands in Linux are case
sensitive.
Procedure: Configure, make, and execute with appropriate options
against a file containing hashed passwords with the following syntax:
John (Password File)
In this example, from the directory containing the hashed passwords, type:
john ??“i pwdump
338
Practical Hacking Techniques and Countermeasures
John will start to brute-force its way through the hashed passwords until
it determines the correct password.


Pages:
114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138