Re: Password Audit

[Chao Mu <chao.mu () minorcrash com>]

> Depending on what passwords you are trying to audit, dump the hashes
> and crack them offline. Let John rip through all the dictionaries
I agree with Rob here. If you bruteforce online, you are going to bog
down the network and (as said) potentially lock users out of their
accounts. An offline attack will of course be faster; John is
intelligent when it comes to cracking (NT)LM hashes and Bruteforcing
SMB online is painfully slow.

Do the windows computers belong to one or more domains?

On Tue, Dec 7, 2010 at 11:24 AM, Rob Fuller <mubix () room362 com> wrote:
> This really should be one of those few times to go outside of
> Metasploit. The SMBLogin module, depending on how many passwords you
> try and the threshold you set it may lock out the users.
>
> Depending on what passwords you are trying to audit, dump the hashes
> and crack them offline. Let John rip through all the dictionaries that
> are stored on SkullSecurity [1], and then let John rip in just brute
> force mode for about 24 hours. The result of both of those should get
> you to an awesome baseline.
>
> [1] http://www.skullsecurity.org/wiki/index.php/Passwords
>
> --
> Rob Fuller | Mubix
> Certified Checkbox Unchecker
> Room362.com | Hak5.org
>
>
>
> On Tue, Dec 7, 2010 at 9:14 AM, Peter Fraser <petros.fraser () gmail com> wrote:
> > Hi All
> > I want to do a password audit on my network to make sure users are
> > using fairly complex passwords. Is there a way I can do that in
> > Metasploit? I wasn't able to find the info I needed so far so even a
> > link to where I can find the info would be much appreciated.
> >
> > Thanks.
> > _______________________________________________
> > https://mail.metasploit.com/mailman/listinfo/framework
> _______________________________________________
> https://mail.metasploit.com/mailman/listinfo/framework
_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework