Password Cracking Techniques and Remote Desktop Access Setup

Slide Note
Embed
Share

Explore various password cracking methods such as offline and online techniques using tools like Hydra, alongside setting up remote desktop access on Windows VMs to gain remote control over services. Learn about preparing Windows VMs, disabling firewalls, and enabling remote desktop assistance for effective penetration testing and exploitation in a secure environment.

wmck
wmck Follow

Uploaded on Sep 15, 2024 | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. Download presentation by click this link. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

E N D

Presentation Transcript

  1. Penetration Testing Exploiting I: Password Cracking CIS 6395, Incident Response Technologies Fall 2021, Dr. Cliff Zou czou@cs.ucf.edu

  2. Acknowledgement Content from the book: The Basics of Hacking and Penetration Testing: Ethical Hacking and Penetration Testing Made Easy , Second Edition

  3. Prepare Windows VM On Windows VM (all Win VM from Microsoft): Username: IEUser Password: Passw0rd! You can change the account password in control panel user account section Create another target account for exploitation Such as account: cis6395 Give it a simple password for password cracking exploitation Such as: abc123, 1234, 1024, abc123, secret, hello, 111111 ..

  4. Prepare Windows VM In Windows 7 and up VM, by default many services (including Ping) are blocked by Firewall Disable firewall will allow others to ping the VM You can use nmap scan to show the difference

  5. Prepare Windows VM In Windows VM, you can enable remote desktop assistance In Win7 VM, right-click computer properties remote settings Use the allow any computer connecting with remote desktop (don t select the NLA authentication one) We can use nmap scan to show this Then, if we know an account name/password on the Windows, we can remote log in it. Add the cis6395 account to the remote desktop user list Right click my computer Click properties remote tab select remote users add , and then enter the username in the field box

  6. Prepare Windows VM When enabling remote desktop on Win VM, disable the NLA authentication https://docs.microsoft.com/en-us/windows-server/remote/remote-desktop- services/clients/remote-desktop-allow-access On your Kali Linux VM: Suppose your Win VM IP is: 192.168.0.101 On Kali: #rdesktop 192.168.0.101 You will be able to see the GUI of Windows! For Win VM, you need to logout any user account on the Win in order for the rdesktop to login without further asking permission!

  7. Hydra: Remote Online Password Cracking Password Cracking: Offline password cracking Online password cracking Hydra is included in Kali Linux Give it a discovered user name, give it a password dictionary, hydra could be very effective to find out an account password Goal: Gain access to remote services opened on some machines SSH: by Unix or Mac OS; VNC (virtual network computing): Linux Remote desktop: by Windows OS Password dictionary included in Kali Linux: A dictionary directory: /usr/share/wordlists/ John the Ripper: /usr/share/john/password.lst (a small list)

  8. Hydra: Remote Online Password Cracking Suppose the Win VM remote desktop is open, and has IP of 192.168.0.101, we attack the account cis6395 : #hydra -t 1 -V -l cis6395 -P /usr/share/john/password.lst 192.168.0.101 rdp -t 1: only use one connection (no parallel sessions since rdp does not like concurrent connection requests) -V: show each attempt -l: usename -P: password list file rdp: service name (remote desktop, tcp 3389) Note: We need to make the Win target logging out all user accounts in order for this rdesktop to work!

  9. Hydra: Remote Online Password Cracking Let us try to do password cracking for the Metasploitable Linux VM It has SSH server, so let us try ssh login crack First, you need to create a user account with a weak password sudo useradd cis6395 to create the user account sudo passwd cis6395 to create the password for this account It will create an account cis6395 with the password of 1234 #hydra -t 4 -V -l cis6395 -P /usr/share/john/password.lst 192.168.1.7 ssh Assuming the metasploitable Linux VM has IP of 192.168.1.7 Hydra will try 4 password guessing in parallel at one time

  10. Ncrack: Remote Online Password Cracking #ncrack -v --user cis6395 -P ./password.lst -g CL=5 10.0.2.5:22 The port number to attack is specified after the target IP The CL=5 option is to limit the parallel connection # to be 5 Use CTRL-C to stop it trying more passwords after finding the correct one It does not show the process of passwords attempted but failed, so be patient with the list

  11. Hydra and Ncrack: Remote Online Password Cracking A Youtube tutorial on using hydra in Kali: https://www.youtube.com/watch?v=D2-Eq12hZ1o Another webpage shows how to use a few more password crackers: https://hackertarget.com/brute-forcing-passwords-with- ncrack-hydra-and-medusa/

  12. User Password Selection against Password Cracking Password dictionary included in Kali Linux: A dictionary directory: /usr/share/wordlists/ A big notorious password dictionary list: rockyou.txt The original file is rockyou.txt.gz, you need to unzip it by command $gunzip rockyou.txt.gz John the Ripper: /usr/share/john/password.lst (a small list) If you are IT security staff: Ask each of your employee checking his/her own password against the above password list $ cat rockyou.txt |grep user_password Or, $grep user_password rockyou.txt If above command returns results, then the user s password exists in the password list and should never be used!

Related


Getting Started with GitHub Desktop for Version Control

Getting Started with GitHub Desktop for Version Control

avagrace
Cybersecurity Best Practices for Password Protection and Incident Response

Cybersecurity Best Practices for Password Protection and Incident Response

aarav
Comprehensive Remote Access Guide for Secure Resource Access Portal

Comprehensive Remote Access Guide for Secure Resource Access Portal

newbern_a
Windows Desktop Customization and Start Menu Guide

Windows Desktop Customization and Start Menu Guide

churchman_b
IT Support Services

IT Support Services

theodora
Introduction to Adobe PageMaker 7.0 - Desktop Publishing Software

Introduction to Adobe PageMaker 7.0 - Desktop Publishing Software

kyro
Introduction to Adobe PageMaker: Desktop Publishing and Design

Introduction to Adobe PageMaker: Desktop Publishing and Design

alvin
Mastering Desktop Receiving in PeopleSoft eProcurement

Mastering Desktop Receiving in PeopleSoft eProcurement

antonia
Remote Exam Administration and Support Information

Remote Exam Administration and Support Information

brecken
DIT Demo Remote Access Guidelines for Working from Home

DIT Demo Remote Access Guidelines for Working from Home

adel
Understanding Stress Corrosion Cracking and Corrosion Fatigue in Materials Engineering

Understanding Stress Corrosion Cracking and Corrosion Fatigue in Materials Engineering

acran
Enhancing Pavement Performance with Tiered Superpave Specifications

Enhancing Pavement Performance with Tiered Superpave Specifications

taio933
2022 Thales Access Management Index

2022 Thales Access Management Index

star
Understanding Man-in-the-Middle Attacks and Network Security Threats

Understanding Man-in-the-Middle Attacks and Network Security Threats

crash
Understanding Remote Sensing Sensor Resolutions & Colour Composite

Understanding Remote Sensing Sensor Resolutions & Colour Composite

halle
Remote Connection Guidelines for EP Network Access

Remote Connection Guidelines for EP Network Access

lando
Getting Started with Zoom: Desktop Setup Steps

Getting Started with Zoom: Desktop Setup Steps

waldeck_h
Understanding Device Settings and Strong Passwords for Digital Citizenship

Understanding Device Settings and Strong Passwords for Digital Citizenship

urban
Guide to Logging in and Setting Up Core-CT for the First Time

Guide to Logging in and Setting Up Core-CT for the First Time

alligood_l
Strengthen Your Digital Literacy with Strong Password Strategies

Strengthen Your Digital Literacy with Strong Password Strategies

eleonora
Safely Logging Password-Derived Measurements for Web Login Systems

Safely Logging Password-Derived Measurements for Web Login Systems

mar_ech
Promote Feature Adoption with Self-Service Password Reset Posters

Promote Feature Adoption with Self-Service Password Reset Posters

aster
Financial Setup and Maintenance Overview

Financial Setup and Maintenance Overview

thatcher
Technology Considerations for Remote and Virtual Hearings Implementation

Technology Considerations for Remote and Virtual Hearings Implementation

hollie

More Related Content

Remote Diagnostic Assessment Explained by Clinical Neuropsychologist
Remote Diagnostic Assessment Explained by Clinical Neuropsychologist
Step-by-Step Guide to Creating a Wikipedia Account
Step-by-Step Guide to Creating a Wikipedia Account
Maximizing Your Microsoft Teams Experience: Web vs Desktop Versions, Features, and Installation Guide
Maximizing Your Microsoft Teams Experience: Web vs Desktop Versions, Features, and Installation Guide
Automating Your Browser and Desktop Apps Using Python
Automating Your Browser and Desktop Apps Using Python
Comprehensive SEO Workflow Process for Effective Website Optimization
Comprehensive SEO Workflow Process for Effective Website Optimization
Complete Stony Brook University Student Profile Setup Guide
Complete Stony Brook University Student Profile Setup Guide
HCBS Advisory Committee August 2023 Summary
HCBS Advisory Committee August 2023 Summary
Accessing MCC Portal Guidelines
Accessing MCC Portal Guidelines
VMware Horizon VDI at Robert Wood Johnson Medical School: Key Features and Architecture Overview
VMware Horizon VDI at Robert Wood Johnson Medical School: Key Features and Architecture Overview
Understanding Icons, Files, Folders, and Shortcuts on Your Desktop
Understanding Icons, Files, Folders, and Shortcuts on Your Desktop
Creating QR Codes for Desktop Computers, Android, and iOS Devices
Creating QR Codes for Desktop Computers, Android, and iOS Devices
Power Automate Desktop
Power Automate Desktop
Effortless Citation Management with Mendeley Desktop
Effortless Citation Management with Mendeley Desktop
Strategies for Workstation Hardware: Insights from John Beckett
Strategies for Workstation Hardware: Insights from John Beckett
Obtaining RINEX Data Files from MaineDOT CORS
Obtaining RINEX Data Files from MaineDOT CORS
Enhanced Type II Testing Setup for NR eMIMO Performance Evaluation
Enhanced Type II Testing Setup for NR eMIMO Performance Evaluation
Step-by-Step Guide to Register and Login for WBG Edcast Grow Learn Connect Courses
Step-by-Step Guide to Register and Login for WBG Edcast Grow Learn Connect Courses
Networking Setup Overview for FAS2620 and FAS2240 Systems
Networking Setup Overview for FAS2620 and FAS2240 Systems
Comprehensive Setup and Configuration Guide for Office Management Software
Comprehensive Setup and Configuration Guide for Office Management Software
Price Book Setup Refresher Training Agenda
Price Book Setup Refresher Training Agenda
Guide to Logging in to SIRA UW with MAPFRE Credentials
Guide to Logging in to SIRA UW with MAPFRE Credentials
Progress on IEEE 802.11 Multi-link Setup
Progress on IEEE 802.11 Multi-link Setup
Recovering Console Password for Cisco ASR5000/5500 - Step-by-Step Guide
Recovering Console Password for Cisco ASR5000/5500 - Step-by-Step Guide
Understanding Outside Broadcast Operations
Understanding Outside Broadcast Operations