Security Basics mailing list archives
Re: FW: Hydra or network logon cracker for Windows?
From: "Mister Dookie" <misterdookie () gmail com>
Date: Tue, 24 Oct 2006 12:56:27 -0400
Hello, Brutus, Cain & Abel, nor John The Ripper really qualify here. ENUM works really well on a single computer (as does NET USE) but iterating through a network of 150-200 computers with even a small password list (say 25-40) would take forever, especially if IPs are dynamic so you have to suffer through LIXUX/UNIX/APPLE machines on the network. In a perfect world, what I really need is a tool that will go out on a subnet (e.g. 192.168.123.1-254), identify what machines are running Microsoft Windows 2K/XP/Server, use NETBIOS/SMB to gather the logins for these boxes (e.g. Administrator, Guest, plus other user accounts) and QUICKLY test for blank passwords along with equally damaging passwords such as the company name and so forth. Is there a tool out there that kind of performs the above, or at least automates ENUM just a bit. Thanks, John On 10/24/06, Isaac Van Name <ivanname () southerlandsleep com> wrote:
IMO and any other network/systems administrator's opinion, letting people login as Administrator is most definitely a "battle worth fighting". If you're letting people log in as Administrator, your worries are well beyond that of a password issue (although I'd be especially worried about your Admin password, too). That being said, let's get on to the meat of the conversation. I use NetBrute as my bruteforce program of choice in a Windows environment. By providing the IP address and a network share on the computer (such as IPC$ or C$, etc.), you can dictate whether the program uses a dictionary attack (based upon a word list in a text file) or a brute force attack. Given that, if I were to test for your list of passwords on my network, I would just create a wordlist with the same structure as the defaults that come with the program, and just have it contain those words. Really, though, on a Windows network, you don't even have to use a password cracker to test for those passwords. You can just as simply use the Net Use command from the command line, script it in a batch file to iterate through your possible passwords, and have it dump the output of a plain Net Use command into a text file for each user. If it mapped the share, then they're using one of those passwords. Isaac Van Name Systems Administrator Southerland, Inc. ivanname () southerlandsleep com "What good would you do with an ignorant employee? Ignorance is grounds for dismissal..." - Mario Spinthiras Open Source developing at its finest: "Written in vim, W3C valid and UTF-8 encoded, for her pleasure." Disclaimer: This email is intended only to be used to feign intellectual mastery of a subject or superhuman command of the English language, when profanity is involved. By reading this email, you are agreeing to cease all correspondence with the sender upon realizing your own ignorance, and furthermore to refrain from taking legal action against said sender when your compounding ignorance crushes your inadequate self-esteem. Have a nice day. Original> -----Original Message----- Original> From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] Original> On Behalf Of Mister Dookie Original> Sent: Monday, October 23, 2006 10:53 AM Original> To: security-basics () securityfocus com Original> Subject: Hydra or network logon cracker for Windows? Original> Original> Hello list, Original> Original> I am looking for a way to test the computers on my network for weak Original> passwords. For instance, say I have the network (192.168.123.1-254) Original> for company "Tomcat" and I know most people either login as Original> "Administrator" (not the best I know but some battles are not worth Original> fighting) or the convention of LastName + First Initial. I just want Original> to be able to scan the network to make sure people aren't using the Original> company name or a simple derivation of the company name as their Original> password. Therefore, I just want to scan the user names on the network Original> against a small list of passwords like Tomcat, Tomcat1, TomCat, Original> TomCat1, tomcat, tomcat1 and so forth. If people are using the company Original> name as the password I can have them change it. That's all I want. Original> Original> Is there a good (hopefully freeware but doesn't have to be) program Original> out there to help me accomplish this task? Original> Original> Thanks, Original> John Original> Original> --------------------------------------------------------------------------- Original> This list is sponsored by: Norwich University Original> Original> EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE Original> The NSA has designated Norwich University a center of Academic Original> Excellence Original> in Information Security. Our program offers unparalleled Infosec Original> management Original> education and the case study affords you unmatched consulting Original> experience. Original> Using interactive e-Learning technology, you can earn this esteemed Original> degree, Original> without disrupting your career or home life. Original> Original> http://www.msia.norwich.edu/secfocus Original> --------------------------------------------------------------------------- Original>
--------------------------------------------------------------------------- This list is sponsored by: Norwich University EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINEThe NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life.
http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
Current thread:
- Hydra or network logon cracker for Windows? Mister Dookie (Oct 23)
- RE: Hydra or network logon cracker for Windows? Murda Mcloud (Oct 24)
- <Possible follow-ups>
- Re: Hydra or network logon cracker for Windows? trashcanmn (Oct 24)
- Re: FW: Hydra or network logon cracker for Windows? Mister Dookie (Oct 24)
- Re: FW: Hydra or network logon cracker for Windows? Chris Grieger (Oct 25)
- Re: FW: Hydra or network logon cracker for Windows? Brian Loe (Oct 25)
- Re: FW: Hydra or network logon cracker for Windows? Chris Grieger (Oct 25)
- FW: Hydra or network logon cracker for Windows? Isaac Van Name (Oct 24)