Learn Ethical Hacking & get free Hacking Tools
2 views
Skip to first unread message
Learn Ethical Hacking & Get free hacking tools and softwares
Jul 10, 2009, 12:08:03 AM7/10/09
to Meet...@googlegroups.com
Learn Ethical Hacking & get free Hacking Tools
|  |
- Enumerate User Information
- Enumerate User ID from SID
- Enumerate SID from User ID
- Enumerate Target MAC Address
- Establish a NULL Session:
- Social Engineering Techniques: Dumpster Diving
- PRACTICAL HACKING TECHNIQUES AND COUNTERMEASURES
|
Posted: 09 Jul 2009 11:40 AM PDT Enumerate User Information from Target: USERDUMP The USERDUMP application is designed to gather user information from the target. Some of the information enumerated is the user RID, privileges, login times, login dates, account expiration date, network storage limitations, login hours, and much more. From a DOS prompt type the following syntax: userdump \\Target IP Address Target Username The results reveal the following username Administrator details: The User ID is 500. (This tells us that this is indeed the real Administrator account.) The user’s password never expires. The Administrator last logged in at 12:44 a.m. on January 16, 2004. The account has had 9 bad password attempts. The Administrator has only logged in to this computer 2 times. The PasswordExp is set to 0. (This tell us that the password never expires.) The logon hours are all set to 1. (This tells us that the Administrator can log in 24/7.) Other information. The username Administrator details have been successfully enumerated via the USERDUMP application.  Exploit Data from Target Computer: USERINFO The USERINFO application is designed to gather user information from the target. Some of the information enumerated is the user RID, privileges, login times, login dates, account expiration date, network storage limitations, login hours, and much more. An attacker uses this information in his or her social engineering phase of an attack. From a Disc Operating System (DOS) prompt type the following syntax: userinfo \\Target IP Address Target Username Notice the results returned with USERINFO are identical to the USERDUMP application ---Regards,
Amarjit Singh   |
|
Posted: 09 Jul 2009 11:29 AM PDT Every user account on a Windows computer has a RID. Certain RIDs are static. The SID2USER application is used to enumerate the username from a given SID regardless of what the account may have been renamed. Establish a NULL session and initiate a query against the target. From the directory containing the sid2user executable establish a NULL session From a DOS prompt, type the following syntax: sid2user <\\Target IP Address> SID RID *Note: The computer name is optional with this utility. If none is given the local computer is used. User accounts that carry the same RID regardless of what the account has been renamed to are shown here: Username RID Administrator 500 Guest 501 User Accounts 1000 + In this example, the known SID (refer to Lab 10) is given plus the known Administrator RID of 500. The SID from Lab 10 plus the static RID of the Administrator account (500): The username for that RID is actually the Administrator account. The target resides in the WIN2000S-V domain.  On the target computer the Administrator account has been renamed to Kermit The renamed Administrator account of Kermit has been identified by the RID of 500. Remember that the RID for the real Administrator account will always be 500 regardless of what the account is renamed to. As before, the target resides in the WIN2000S-V domain. Knowing the username is half the battle to cracking an account. An attacker can now inject the username of Kermit into a brute-force password-cracking program until the correct password is identified. ---Regards, Amarjit Singh ---Regards,
Amarjit Singh   |
|
Posted: 09 Jul 2009 11:17 AM PDT Prerequisites: NULL Session Every account on a Windows computer has a Security Identifier (SID). SIDs are static for the machine the user accounts are installed on. The USER2SID application is used to enumerate the SID from a given username. Once the SID has been identified the username can be enumerated regardless of what the user account has been renamed (covered in Lab 11). First establish a NULL session. From a DOS prompt type the following syntax: user2sid <\\Target IP Address> account name The computer name is optional with this utility. If none is given the local computer is used. Suppose the target IP address is 172.16.1.40 and the target account name is Administrator. In this example the username of the Administrator:
 Amarjit Singh ---Regards,
Amarjit Singh   |
|
Posted: 09 Jul 2009 11:11 AM PDT The GETMAC application is used to identify the Media Access Control (MAC) address assigned to each network card (NIC) of the target. Another feature of the GETMAC application will identify the total number of NICs in the target. Procedure: Establish NULL session (refer to Lab 8). Then from a DOS prompt, type the following with the syntax of: getmac IP Address getmac \\192.168.1.1 The target MAC addresses have been identified as well as the total number of NICs. In this case, two NICs have been identified. Amarjit Singh ---Regards,
Amarjit Singh   |
|
Posted: 09 Jul 2009 11:08 AM PDT The NULL session is used on Windows computers via the Inter-Communication Process (IPC$) to allow the viewing of shared resources. This connection is made without a username or password. An attacker will use the NULL session to his or her advantage to enumerate user information from the target. Many enumeration labs are more successful when establishing a NULL session. Procedure: From an operating system (OS) prompt enter the following syntax: net use \\Target IP Address\IPC$ ""/u:"" When successful, the result will show The command completed successfully. Note that this is not logged in the System Event Log! *Note: As long as the target computer has not restricted NULL sessions (see the “Restrict Anonymous” section in Chapter 1) and a firewall is not used to identify attempts to connect or deny connections to port 139 or 445, this technique works. Again, remember that this connection is not logged in the System Event Log. Amarjit Singh ---Regards,
Amarjit Singh   |
|
Social Engineering Techniques: Dumpster Diving Posted: 09 Jul 2009 11:03 AM PDT Information that companies consider sensitive is thrown out daily in the normal garbage cans. Attackers can successfully retrieve this data by literally climbing into the company dumpsters and pilfering through the garbage. Information such as names, Social Security numbers, addresses, phone numbers, account numbers, balances, and so forth is thrown out every day somewhere. I personally know a nationally recognized movie rental company that still uses carbon paper in its fax machine. Once the roll is used up they simply throw the entire roll in the dumpster. The information on that roll is priceless, including names, addresses, account numbers, phone numbers, how much they actually pay for their movies, and so forth. Another social engineering attack that also proves to be very successful is when an attacker dresses in the uniform of those personnel considered “honest” and “important” or even “expensive.” For example; an attacker purchases/steals the uniform of a carrier, telephone, or gas or electric employee and appears carrying boxes and/or clipboards, pens, tools, etc. and perhaps even an “official-looking” identification badge or a dolly carrying “equipment.” These attackers generally have unchallenged access throughout the building as employees tend to see “through” these types of people. When is the last time you challenged one of these personnel to verify their credentials? This attack is very risky as the attacker can now be personally identified should he or she get caught. Again, this attack is normally very successful so bear this in mind. Amarjit Singh ---Regards,
Amarjit Singh   |
|
PRACTICAL HACKING TECHNIQUES AND COUNTERMEASURES Posted: 09 Jul 2009 10:26 AM PDT Installing VMware Workstation The VMware Workstation application started in 1998 and has since then become the global leader in virtual infrastructure software for industry standard systems. VMware offers both Microsoft Windows and Linux versions Think of VMware software as a container that holds a separate (virtual) computer from the one it is installed on (the host ). As far as your host computer is concerned, each virtual computer is a separate computer entirely and is treated as such. VMware software also comes in other flavors, including GSX Server and ESX Server. The noticeable difference is that the GSX Server runs as an application on a host server and the ESX Server is its own operating system. VMware also offers another product called VMware P2V Assistant , which creates an image of a current physical computer and creates a virtual computer from that image. This can be very handy for testing purposes. To install VMware Workstation, follow these steps: 1. Double-click on the VMware-Workstation.exe file to start the installation process. 2. You will see the initial installation screen. 3. The Installation Wizard appears. Click Next 4. Accept the License Agreement . Click Next 5. Once the installation has completed, you are asked to enter your User Name, Company, and Serial Number . If you downloaded the demo version from VMware.com you will need to request that a serial number be e-mailed to you. Click Enter . (You can enter this information later but now is the best time.) 6. The installation is now completed. Click Finish. 7. You will now have a VMware Workstation icon on your desktop. Double-click the icon to start VMware Workstation.. Configuring Virtual Machines VMware Workstation is the application that hosts virtual computers. We will cover the correct installation of a virtual Microsoft Windows 2000 Workstation and Red Hat Linux computers Please remember that it is your responsibility to license any operating system you are using. Microsoft Windows is not free and does not have a demonstration version; therefore, you must have a valid license to install Windows even in a virtual environment. Linux is normally free for downloading and at the time of this writing is freely available at http://www.linuxiso.org. Installing a Virtual Windows 2000 Workstation Follow these steps: 1. From the VMware Workstation start screen, click New Virtual Machine. 2. This will start the New Virtual Machine Wizard . Click Next. 3. Accept the Typical configuration for the virtual machine. Click Next. 4. Accept the default of Microsoft Windows and select Windows 2000 Professional from the list of available operating systems. Click Next. 5. Accept the default network type of Use bridged networking . Click Next. *Note: This is one of the options that makes VMware Workstation interesting in that you control if your virtual computer gets its own IP address on the network (bridged) , must share the host IP address (NAT) , will establish a network between the host and virtual computer only (host-only) , or not have a network connection at all. A maximum of three virtual network cards can be installed on each virtual computer with independent settings for each. 6. Accept the default virtual Disk size (capacity) of 4.0 (GB). Click Finish. 7. The VMware Workstation application now has a tab called Windows 2000 Professional. 8. Click Edit virtual machine settings. This is the area where you can make any adjustments you need, such as increasing the amount of physical RAM on the host computer you want dedicated to the virtual machine, changing the hard disk size, or adding other hardware items. Once a virtual computer is running it must be shut down to change most of these settings, with the exceptions of disconnecting the CD-ROM or floppy drive during operation. 9. Insert the Microsoft Windows 2000 Workstation CD into the CD-ROM drive. Click Start this virtual machine or click the Play button on the toolbar. 10. The virtual computer will boot from the CD. Remember that as far as your host computer is concerned your virtual computer is completely separate from the host machine. The next screen you will see is a warning that you have a new or erased hard drive you are trying to install Windows on and it is a new virtual hard drive. 11. Accept the notice and press the C (Continue Setup) key. 12. After reading the License Agreement and accepting its terms, press the F8 (I agree) key. 13. Accept the default partition sizes for the hard drive. Press Enter. 14. Accept the default of formatting the hard drive with the NTFS file system. Press Enter. 16.The Windows files will now install on the virtual hard drive. 17. Once completed, the virtual computer will automatically reboot itself. 18.Windows components will continue to install. 19. Upon reboot you will need to complete the Network Identification Wizard 20. The next screen requires you to make a decision as to whether you want the same user automatically logging into Windows all the time or if you require each user to enter a username and password to log in. As I am security conscious, I always choose the latter. Congratulations, you have successfully installed a virtual Windows 2000 Workstation! Click Finish. *Note: Initially once you are logged into your virtual machine you will find that your mouse is locked into the virtual machine and you cannot get out to the host computer. To switch back to the host computer hold down the Ctrl key and press the Alt key OR press right Ctrl key. Then by clicking back into the virtual machine screen; the mouse again becomes active in the virtual machine. *Note: You do not use a physical CD when installing VMware Tools. The VMware software contains an ISO image that the guest machine interprets as a physical CD. Installing a Red Hat Version 8 Virtual Machine Follow these steps: 1. From the VMware Workstation starting screen click New Virtual Machine. 2. This will start the New Virtual Machine Wizard. Click Next. 3. Accept the Typical configuration for the virtual machine. Click Next. 4. Select Linux as the operating system and then select Red Hat Linux from the list of available operating systems. Click Next. 5. Accept the default Virtual machine name and Location. Click Next. 6. Depending on the media you are using you will either insert the Red Hat Linux version 8 CD 1 or the DVD into the CD-ROM or DVD drive. Click Start this virtual machine or click the Play button on the toolbar. 7. From the initial boot screen, type linux text and press the Enter key. 8. The Red Hat Linux installation process begins. Press the Enter key. 9. Select the mouse you are currently using on the host computer. Press the Tab key until Emulate 3 Buttons? is highlighted. Press the Spacebar to select, then press the Tab key until OK is highlighted. Press the Enter key. 10. Select Workstation as the installation type. Press the Tab key until OK is highlighted. Press the Enter key. 11. Accept the default of Autopartition. Press the Enter key on Autopartition. 12. You may receive a warning that reads “device sda being unreadable.” Remember as far as the host computer is concerned the virtual machine is completely separate from the host machine. Therefore, you are working with a completely “new” virtual hard drive. Press the Enter key to continue. 13. Accept the default to have Linux perform Automatic Partitioning to the new virtual hard drive. Press the Tab key until OK is highlighted. Press the Enter key. 14. Press the Tab key to highlight the Yes button. Press the Enter key to remove all Linux partitions. 15. Accept the default Use GRUB Boot Loader. Press the Tab key to highlight the OK button. Press the Enter key. 16. On the Boot Loader special options screen, press the Tab key to highlight the OK button. Press the Enter key. 17. Leave the Boot Loader Password blank for this installation. Press the Tab key to highlight the OK key. Press the Enter key. *Note: If you decide to use a Boot Loader Password, remember that all of Linux is case sensitive. 18. On the Network Configuration for eth0 screen you will need to decide whether to assign a static IP address or obtain an IP from a DHCP source. In this example, I left the default of dhcp. Press the Tab key to highlight the OK button. Press the Enter key. 19. On the Firewall Configuration screen, press the Tab key to highlight No Firewall. Press the Tab key to highlight the OK button. Press the Enter key on OK. 20. On the Language Support screen, press the Tab key to select any additional languages you need support for. Press the Enter key to highlight the additional languages. Press the Tab key to highlight the OK button. Press the Enter key. 21. The installation will now begin. 22. At the Video Card Configuration screen, press the Tab key to highlight the Skip X Configuration button. Press the Enter key. 23. At this point Red Hat Linux informs you that you have completed the installation. However, we will manually configure X. Press the Enter key on OK. *Note: The term X Windows refers to a graphical interface for Linux. If you prefer to work in command-line-only mode you can skip the X Windows configuration. Because of the way VMware Workstation operates the VMware Tools must be installed prior to configuring X Windows for Linux. 24. The new virtual machine will reboot. 25. Red Hat Linux version 8 will now boot up. Press the Enter key or wait 10 seconds for automatic booting. Amarjit Singh ---Regards,
Amarjit Singh   |
| You are subscribed to email updates from Learn Ethical Hacking & Get free hacking tools and softwares
To stop receiving these emails, you may unsubscribe now. | Email delivery powered by Google |
| Google Inc., 20 West Kinzie, Chicago IL USA 60610 | |
Reply all
Reply to author
Forward
0 new messages