1. Crack an FTP Password: NETWOX/NETWAG
The NETWOX application can be a very dangerous tool in wrong hands. The latest version has a 197 different techniques to enumerate information from the LOCAL AREA NETWORK(LAN) or launch attacks against a remote target. In this I just explain its ability to brute-force an FTP server given a username and password list.
SOURCE TO GET SOFTWARE:www.laurentconstantin.com/en/netw/netwox
PROCEDURE:Compile all components, run the NETWOX application, and review the results.
2. Extract Password Hashes: FGDump
The FGDump application was written to obtain the password hashes from the security Accounts manager(SAM) file on the target computer. This process includes:
1. Binding to a machine using the Inter-Process Communication(IPC$) or lists of targets.
2. Stopping the running of Anti-virus programs.
3. Locating writable file shares.
4. Uploading fgexec (for remote command execution) and cachedump.
5. Executing pwdump.
6. Executing cachedump.
7. Deleting uploaded files from the file share.
8. Unbinding from the file share.
9. Restarting any Anti-virus programs.
10. Unbinding from IPC$.
SOFTWARE TO GET SOFTWARE: [content suppressed]
PROCEDURE: Select the target and execute with the following syntax:
As a example;
fgdump -vv -h IP address -u adminidtrator -p 123
1. here -vv shows very verbose mode.
2. -h IP address identifies the target.
3. -u adminsitrator identifies the usernaem to use.
4. -p 123 is the password for the administrator account.
According to the results of this example,it tells:
sharing of any drive
any mapped drive bounded with ADMIN$ and is writeable or not.
any antivirus running or not.
The Passwords were successfully dumped from the target and all the traces of the attack were removed from the target.
From the directory on the attacker's machine, two new files were created:
1. ip address cachedump
2. ip address pwdump
Of above two, the IP address.pwdump is the file of interest. By opening the ip address.pwdump file with a text editor such as Notepad the password hashes from the target are visible.
You can get more options by the following syntax:
3. Crack and Capture Password hashes: LC5
L0phtcrack version 5(LC5) is a password-auditing tool that allows for the capturing of windows passwords and or the conversion pf captured Windows password hashes into correct password. This is done by sending the captured hash through an alogrithm until the new hash exactly matches the original one. This identifies the password that computes into the hash.
LINK TO GET SOFTWARE: [content suppressed]
PROCEDURE:Install the L0phtcrack application,start, select parameters, and execute.
Simple to use and very good softwarer .you need a password dump file too which is created by fgdump ..........................herheheheheeheheeeee.....
4.Change the Administrator Password: CHNTPW
The change NT password(CHNTPW) application will change the administrator password regardless of what it is currently set to. CHNTPW also demonstrates the need for strong access controls and physical access to servers or any computer.
LINK TO GET SOFTWARE:home.eunet.no/~pnordahl/ntpasswd/
PROCEDURE: Gain physical access to the computer,boot from the CHNTPW CD, follow the on-screen instructions, change the password(s), and reboot.
5.BRUTE-FORCE Passwords for a hashed file: JOHN THE Ripper
JOHN THE RIPPER has been around seemingly forever. Its ability to brute-force passwords has a proven track record. It is flexible, fast, aand efficient, which are all quality items to look for when cracking passwords.
LINK TO GET SOFTWARE:www.openwall.com/john/
PROCEDURE:Configure, make and execute with approprite options against a file containing hashed paswords with the following syntax:
6.BRUTE-FORCE sn FTP Password Connection: BRUTEFTP
File Transfer Protocol is used to transfer files between computers and is still widely in use. The biggest flaw with FTP is that it is unencrypted in nature and f intercepted can be read easily, including the usernames, passwords, and data.
PROCEDURE: Install the application, select the target and execute.
7.BRUTE-FORCE terminal server passwords:TSGrinder II
TSGrinder II is an application designed to brute-force a usernames's password against a Terminal Server. Terminal Server uses an encrypted channel,which also helps evade Instrusion Detection Systems.ALthough a dicitionary-based tools, it supports multiple attack windows from the same dictionary file.
LINK TO GET SOFTWARE:www.hammerofgod.com/download.htm
PROCEDURE: Start the application with selected options under the following syntax:
tsgrinder -u (username) -w (dictionary file) target
as a example:
tsgrinder -u kermit -p dict IP address