We slipped into the server room, popped open the DVD drive and booted from the Kali Live CD. Let’s say he has a Dell PowerEdge R920 running Windows Server 2012 R2. Or we can combine that with a brute force attack to create a hybrid attack.
If we have a dictionary list with millions of phrases we can use that. If the hash matches the one we captured with SAMdump2 then we know John The Ripper correctly guessed the password. John The Ripper tries to guess the password by hashing it and comparing hashes. We can use a tool such as SAMdump2 to capture the password hashes and team that with John the Ripper to crack the password. Windows stores plaintext passwords in a obfuscated format known as a hash. So you pop it in the CD tray, boot the PC off the CD, mount the file system, find the hash and dump it to a USB drive.
Since you read my 3 part introduction on Kali Linux, you have the Live CD in hand. Let’s say you use chicanery and charm to weasle your way into one of the cubicles on his floor. WE also also have someone click on a link and get access that way. Are you planning to penetrate his enterprise remotely or physically through social engineering? MAybe you hang out with a group of people on a smoke break and then tailgate the crowd into the elevator as they pass through the security turnstiles? Or maybe you can pose as a plumber or FedEx employee and dupe the receptionist into letting you inside? The first thing you need to do is figure out how you’re going to gain access to his corporation. After all, it’s not going to cost you anything to accept the challenge. With a smug smirk on his face, he stretches out his hand for the shake. But if you can’t break in you’ll have to give me bragging rights and every time you see me you’ll have to rhapsodize about my invulnerable network. In fact, I’m so sure you can’t break in that I’ll cut your company a check for $500,000 if you can breach my security controls. I have invested millions on cutting edge protection systems and I’m confident that my network is indomitable. I’ve hired the best security administrators. One day over drinks, in a moment of spontaneity, he looks you straight in the eye and challenges you to a duel. But he’s also full of hubris and lacks humility. He’s incredibly smart, talks faster than you can think and really understand technology. Now you’re friend has a kinetic personality. You decided to work in corporate america but he started his own software company in Silicon Valley. Here’s the deal: you both graduated with honors from ivy league schools but your careers bifurcated down different paths. I want you to imagine your best friend from college challenges you to a duel.
0 kommentar(er)
