Electronic Books

(From previous labs it was determined that a valid username on this target is
the Administrator account, which was renamed to Kermit.)
Click the . . . button by the dictionary.txt file and browse to a text
document containing a list of passwords, one password per line.
Brute Force
353
BruteFTP is now ready to start. Click the Start button. The BruteFTP
application will connect to the server and attempt each password in the
password file with the username you assigned. In this example the password
of 123 was found for the username Kermit.
*Note: I wanted to demonstrate that knowing the username is half the battle when
dealing with user accounts. Many users feel their username is ???no big deal,???
but as you can see from this lab it very well can become a ???big deal??? to an
attacker.
354
Practical Hacking Techniques and Countermeasures
Lab 59: Brute-Force Terminal Server
Brute-Force Terminal Server Passwords: TSGrinder II
Prerequisites: Server running Terminal Server
Countermeasures: Strong router ACLs, session monitoring
Description: TSGrinder is an application designed to brute-force a username??™s
password against a Terminal Server. Terminal Server uses an
encrypted channel, which also helps evade Intrusion Detection Systems
(IDS). Although a dictionary-based tool, it supports multiple attack
windows from the same dictionary file.
Procedure: Start the application with selected options under the following
syntax:
tsgrinder ??“u (username) ??“w (dictionary filename) target
In this example from the directory containing the application, type:
tsgrinder ??“u kermit ??“p dict 172.


Pages:
118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142