Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest
Network Security Hacking
-
01-06-2007 12:07am#1
Comments
-
-
-
-
-
-
Advertisement
-
-
Also, rent Swordfish to learn how to do it at great speed.r3nu4l wrote:Rent the movies "Hackers" and "Wargames". Watch them with your friend and then social engineer the passwords from him. That's sure to work!
0 -
-
-
-
Advertisement
-
martin84 wrote:Another Network Project.
Yes, another network project. Im just so dedicated to my studies.
So, no help?0 -
-
iRock wrote:Yes, another network project. Im just so dedicated to my studies.
So, no help?
Some people might not want to discuss ways to break into a computer, even if they know how, or have done so in the past..i'll start anyway :P
correct me at any time..
If the SQL server is not running under the correct privileges to enable adding users to the administrators group, then you're going to need another exploit.
could be the case that the server is synchronised with other systems in a domain, so after you've added a user to the administrator group, it gets dropped back down to limited user soon afterwards.maybe you haven't added the user to administrators group,yet.
The VSC Volume Shadow Copy service will allow you to access any file on the system, so long as you're running with correct privileges of course.
if you want the SAM file from disk while the system is running, you can only access it through VSC or a RAW read of the disk.(NTBackup will work too, but only in GUI)
normally most people tell you to use bootup disk (NTFSDOS,linux,barpe..etc) thats ok if you have physical access and no administrator rights, but remotely, you'd use VSC, or try dumping from the registry by connecting to the SAM RPC service, or the task scheduler.
the SAM doesn't usually contain all username/hashes if a domain anyway.(don't forget Active Directory in domain)
there could be software running on the system that is vulnerable to some exploit.you'd have to search online.
if you've obtained the plaintext from cracking an admin account in the SAM, then you could get access that way.
Or if you've had no luck with cracking, you can try 'pass the hash' using a modified client (example SMB)
Even if the administrator chooses a password of 500 letters, it won't make much of a difference if an attacker gets the hash of it.
When authenticating with a remote system using NetBIOS (as example) the attacker would send the hash which would be compared with hash on the local system, if they're equal, you logon successfully.
kerberos can prevent this, but because its just a local system, LSASS will allow for it, AFAIK.0 -
Moderators, Recreation & Hobbies Moderators, Science, Health & Environment Moderators, Technology & Internet Moderators Posts: 93,857 Mod ✭✭✭✭
Join Date:Posts: 92095
no get sneakers insteadr3nu4l wrote:Rent the movies "Hackers" and "Wargames". Watch them with your friend and then social engineer the passwords from him. That's sure to work!
unless he's Russian, cos' they don't use prime numbers0 -
-
Advertisement