Windows usually stores passwords in these locations


Download 50.22 Kb.
NameWindows usually stores passwords in these locations
A typeDocumentation
manual-guide.com > manual > Documentation
Password cracking software

These tools require physical access on the tested computer:

• John the Ripper (www.openwall.com/john)

• pwdump2 (razor.bindview.com/tools/desc/pwdump2_

readme.html)

• Crack (coast.cs.purdue.edu/pub/tools/unix/pwdutils/

crack)

• Brutus (www.hoobie.net/brutus)

• Pandora (www.nmrc.org/project/pandora)

• NTFSDOS Professional (www.winternals.com)

Windows usually stores passwords in these locations:

• Security Accounts Manager (SAM) database

(c:\winnt\system32\config)

Password dictionary download

_ ftp://ftp.cerias.purdue.edu/pub/dict

_ ftp://ftp.ox.ac.uk/pub/wordlists

_ packetstormsecurity.nl/Crackers/wordlists

_ www.outpost9.com/files/WordLists.html

Cracking passwords with pwdump2 and John the Ripper

The following steps use two of my favorite utilities to test the security of current

passwords on Windows systems:

88 Part II: Putting Ethical Hacking in Motion

_ pwdump2 (to extract password hashes from the Windows SAM database)

_ John the Ripper (to crack the hashes of Windows and UNIX passwords)

This test requires administrative access to either your Windows NT/2000

stand-alone workstation or server:

1. Create a new directory called passwords from the root of your

Windows C: drive.

2. Download and install a decompression tool, if you don’t have one.

FreeZip (members.ozemail.com.au/~nulifetv/freezip) and IZArc

(www.webattack.com/get/izarc.shtml) are free Windows decompression

tools. Windows XP includes built-in decompression.

3. Download, extract, and install the following software, if you don’t

already have it on your system:

• pwdump2 — download the file from razor.bindview.com/

tools/desc/pwdump2_readme.html

• John the Ripper — download the file from www.openwall.com/john

The network administrator remembers some great password-cracking

utilities from ElcomSoft (www.elcomsoft.com) that can help him out. He

may see something like Figures 7-5 and 7-6.

Keystroke logging

One of the best techniques for cracking passwords is remote keystroke

logging — the use of software or hardware to record keystrokes as they’re

being typed into the computer.

Be careful with keystroke logging. Even with good intentions, monitoring

employees can raise some legal issues. Discuss what you’ll be doing with

your legal counsel, and get approval from upper management.

Logging tools

With keystroke-logging tools, you can later assess the log files of your application

to see what passwords people are using:

_ Keystroke-logging applications can be installed on the monitored computer.

I recommend that you check out eBlaster and Spector Pro by

SpectorSoft (www.spectorsoft.com). Another popular tool that you

can use is Invisible KeyLogger Stealth, at www.amecisco.com/iks.htm,

as well as the hardware-based KeyGhost (www.keyghost.com). Dozens

of other such tools are available on the Internet.

_ Hardware-based tools fit between the keyboard and the computer or

replace the keyboard altogether.

See ip progession below….

netstat -an

Awareness and Training

Greenidea, Inc. Visible Statement (www.greenidea.com)

Interpact, Inc. Awareness Resources (www.interpactinc.com)

SANS Security Awareness Program (store.sans.org)

Security Awareness, Inc. Awareness Resources (www.securityawareness.com)

Dictionary Files and Word Lists

ftp://ftp.cerias.purdue.edu/pub/dict

ftp://ftp.ox.ac.uk/pub/wordlists

packetstormsecurity.nl/Crackers/wordlists

www.outpost9.com/files/WordLists.html

Default vendor passwords www.cirt.net/cgi-bin/passwd.pl

General Research Tools

CERT/CC Vulnerability Notes Database www.kb.cert.org/vuls

ChoicePoint www.choicepoint.com

Common Vulnerabilities and Exposures cve.mitre.org/cve

Google www.google.com

Hoover’s business information www.hoovers.com

NIST ICAT Metabase icat.nist.gov/icat.cfm

Sam Spade www.samspade.org

U.S. Securities and Exchange Commission www.sec.gov/edgar.shtml

Switchboard.com www.switchboard.com

U.S. Patent and Trademark Office www.uspto.gov

US Search.com www.ussearch.com

Yahoo! Finance site finance.yahoo.com

Hacker Stuff

2600 The Hacker Quarterly magazine www.2600.com

Computer Underground Digest www.soci.niu.edu/~cudigest

Hackers: Heroes of the Computer Revolution book by Steven Levy

Hacker t-shirts, equipment, and other trinkets www.thinkgeek.com

Honeypots: Tracking Hackers www.tracking-hackers.com

The Online Hacker Jargon File www.jargon.8hz.com

PHRACK www.phrack.org

330 Part VIII: Appendixes

Linux

Bastille Linux hardening utility www.bastille-linux.org

Debian Linux Security Alerts www.debian.org/security

Linux Administrator’s Security Guide www.seifried.org/lasg

Linux Kernel Updates www.linuxhq.com

Linux Security Auditing Tool (LSAT) usat.sourceforge.net

Red Hat Linux Security Alerts www.redhat.com/support/alerts

Slackware Linux Security Advisories www.slackware.com/security

Suse Linux Security Alerts www.suse.com/us/business/security.html

Tiger ftp.debian.org/debian/pool/main/t/tiger

VLAD the Scanner razor.bindview.com/tools/vlad

Log Analysis

LogAnalysis.org system logging resources www.loganalysis.org

Malware

chkrootkit www.chkrootkit.org

EICAR testing string www.eicar.org/anti_virus_test_file.htm

McAfee AVERT Stinger vil.nai.com/vil/stinger

PestPatrol’s database of pests research.pestpatrol.com/PestInfo/

pestdatabase.asp

Rkdet vancouver-webpages.com/rkdet

The File Extension Source filext.com

Wotsit’s Format at www.wotsit.org

Appendix A: Tools and Resources 331

Messaging

GFI e-mail security test www.gfi.com/emailsecuritytest

smtpscan www.greyhats.org/outils/smtpscan

How to disable SMTP relay on various e-mail servers www.mailabuse.org/

tsi/ar-fix.html

mailsnarf www.monkey.org/~dugsong/dsniff or ww.datanerds.net/

~mike/dsniff.html for the Windows version

Rogue Aware by Akonix www.akonix.com

NetWare

chknull www.phreak.org/archives/exploits/novell

Craig Johnson’s BorderManager resources nscsysop.hypermart.net

NCPQuery razor.bindview.com/tools/index.shtml

Novell Product Updates support.novell.com/filefinder

Remote packetstormsecurity.nl/Netware/penetration

Rcon program at packetstormsecurity.nl/Netware/penetration/

rcon.zip

Userdump www.roy.spang.org/freeware/userdump.html

Networks

dsniff www.monkey.org/~dugsong/dsniff

Ethereal network analyzer www.ethereal.com

ettercap ettercap.sourceforge.net

Firewalk www.packetfactory.net/firewalk

Firewall Informer www.blade-software.com

332 Part VIII: Appendixes

Foundstone FoundScan www.foundstone.com

GFI LANguard Network Scanner www.gfi.com

MAC address vendor lookup coffer.com/mac_find

Nessus vulnerability assessment tool www.nessus.org

Netcat www.atstake.com/research/tools/network_utilities

NetScanTools Pro all-in-one network testing tool www.netscantools.com

Nmap port scanner www.insecure.org/nmap

Port number listing www.iana.org/assignments/port-numbers

Qualys QualysGuard vulnerability assessment tool www.qualys.com

SuperScan port scanner www.foundstone.com

WildPackets EtherPeek www.wildpackets.com

Password Cracking

LC4 www.atstake.com/research/lc

John the Ripper www.openwall.com/john

pwdump2 razor.bindview.com/tools/desc/pwdump2_readme.html

NetBIOS Auditing Tool www.securityfocus.com/tools/543

Crack ftp://coast.cs.purdue.edu/pub/tools/unix/pwdutils/crack

Brutus www.hoobie.net/brutus

Pandora www.nmrc.org/project/Pandora

NTFSDOS Professional www.winternals.com

NTAccess www.mirider.com/ntaccess.html

TSCRACK softlabs.spacebitch.com/tscrack/index.html

TSGrinder www.hammerofgod.com/download/tsgrinder-2.03.zip

Appendix A: Tools and Resources 333

War Dialing

Palm ToneLoc Viewer chroot.ath.cx/fade/projects/palm/pTLV.html

PhoneSweep www.sandstorm.net/products/phonesweep

THC-Scan www.thc.org/releases.php

ToneLoc www.securityfocus.com/data/tools/auditing/pstn/tl110.zip

ToneLoc Utilities Phun-Pak www.hackcanada.com/ice3/phreak

Web Applications

2600’s Hacked Pages www.2600.com/hacked_pages

Archive of Hacked Websites www.onething.com/archive

BlackWidow www.softbytelabs.com/BlackWidow

Flawfinder www.dwheeler.com/flawfinder

ITS4 www.cigital.com/its4

Netcraft www.netcraft.com

Nikto www.cirt.net/code/nikto.shtml

RATS www.securesoftware.com/auditing_tools_download.htm

Sanctum AppScan www.sanctuminc.com

Shadow Database Scanner www.safety-lab.com/en/products/6.htm

SPI Dynamics WebInspect www.spidynamics.com

Windows

Amap www.thc.org/releases.php

DumpSec www.somarsoft.com

Legion packetstormsecurity.nl/groups/rhino9/legionv21.zip

Microsoft Office Patches office.microsoft.com/officeupdate

334 Part VIII: Appendixes

Microsoft Security Resources www.microsoft.com/technet/security/

Default.asp

Network Users www.optimumx.com/download/netusers.zip

Rpcdump razor.bindview.com/tools/files/rpctools-1.0.zip

SMAC MAC address changer www.klcconsulting.net/smac

Vision www.foundstone.com

Windows Update Utility for Patching windowsupdate.microsoft.com

Winfo www.ntsecurity.nu/toolbox/winfo

Wireless Networks

AirJack 802.11ninja.net/airjack

AirMagnet www.airmagnet.com

AirSnort airsnort.schmoo.com

Cantenna war-driving kit mywebpages.comcast.net/hughpep

Fluke WaveRunner www.flukenetworks.com

Kismet www.kismetwireless.net

Lucent Orinoco Registry Encryption/Decryption program www.cqure.net/

tools.jsp?id=3

Making a wireless antenna from a Pringles can www.oreillynet.com/cs/

weblog/view/wlg/448

NetStumbler www.netstumbler.com

Pong wireless firmware vulnerability testing program www.mobileaccess.de/

wlan/dl.php/pong_v1.1.zip

Security of the WEP Algorithm www.isaac.cs.berkeley.edu/isaac/

wep-faq.html

The Unofficial 802.11 Security Web Page www.drizzle.com/~aboba/IEEE

Wellenreiter www.wellenreiter.net

WiGLE database of wireless networks at www.wigle.net

WildPackets AiroPeek www.wildpackets.com

Appendix A: Tools and Resources 335

336 Part VIII: Appendixes

Share in:

Related:

Windows usually stores passwords in these locations iconDynamic Load Balancing is supported with Secure Path 0C for Windows...

Windows usually stores passwords in these locations iconWindows Time Service (W32Time) configuration for Windows 2000 and Windows n 0

Windows usually stores passwords in these locations iconGraphic driver installation for motherboard ep-m845B, ip-4gvi63 and...

Windows usually stores passwords in these locations iconUser Names & Passwords

Windows usually stores passwords in these locations iconSysuserperm which contains users and passwords. There is a

Windows usually stores passwords in these locations iconUser Names & Passwords

Windows usually stores passwords in these locations iconA permanent position involving Windows server (Windows 2008, Windows...

Windows usually stores passwords in these locations iconUser Accounts and Passwords are assigned in the system area by your

Windows usually stores passwords in these locations iconAnnpurna Provision Stores a-77

Windows usually stores passwords in these locations iconShips Stores – Food & Beverages (figures are approximate)

Windows usually stores passwords in these locations iconDescription of fix: Corrected the code to clone the properties and...

Windows usually stores passwords in these locations iconGuidelines for products that work well with the Microsoft® Windows®...

Windows usually stores passwords in these locations iconMicrosoft ® ms-dos ®, Windows ®, Windows nt ®, and Apple Macintosh Applications

Windows usually stores passwords in these locations iconMicrosoft windows ce and windows ce services read me file

Windows usually stores passwords in these locations iconProposals must be received on or before the due date and time at...

Windows usually stores passwords in these locations iconRelated Work Experience Digital Video Camera Expert: Best Buy Stores, md education

Windows usually stores passwords in these locations iconAbstract This specification describes the Plug and Play Extensions...

Windows usually stores passwords in these locations iconAbstract Windows® BitLocker™ Drive Encryption is a new hardware-enhanced...

Windows usually stores passwords in these locations iconCall remote locations to retrieve history transactions and update...

Windows usually stores passwords in these locations iconCall remote locations to retrieve history transactions and update...




manual


When copying material provide a link © 2017
contacts
manual-guide.com
search