I have edited and added material.

Slides:



Advertisements
Similar presentations
Password Cracking Lesson 10. Why crack passwords?
Advertisements

Operating Systems Security 1. The Boot Sequence The action of loading an operating system into memory from a powered-off state is known as booting or.
The Cain Tool Presented by: Sagar Chivate CS 685F.
Password CrackingSECURITY INNOVATION © Sidebar – Password Cracking We have discussed authentication mechanisms including authenticators. We also.
CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (7) AUTHENTICATION.
Anti-Hacker Tool Kit Password Cracking Brute-Force Tools Chapter 9
Password Attacks Mike. Guessing Default Passwords Many applications and operating systems include built-in default passwords. Lazy administrators Database.
CSCI 530 Lab Authentication. Authentication is verifying the identity of a particular person Example: Logging into a system Example: PGP – Digital Signature.
7-Access Control Fundamentals Dr. John P. Abraham Professor UTPA.
Windows Security Mechanisms Al Bento - University of Baltimore.
MS systems use one of the following: LanManager Hash (LM) LanManager Hash (LM) NT LanManager (NTLM) NT LanManager (NTLM) Cached passwords Cached passwords.
Chapter 4 Windows NT/2000 Overview. NT Concepts  Domains –A group of one or more NT machines that share an authentication database (SAM) –Single sign-on.
Windows This presentation is an amalgam of presentations by Mark Michael, Randy Marchany and Ed Skoudis. I have edited and added material. Dr. Stephen.
Chapter-4 Windows 2000 Professional Win2K Professional provides a very usable interface and was designed for use in the desktop PC. Microsoft server system.
The Truth About Protecting Passwords COEN 150: Intro to Information Security Mary Le Carol Reiley.
Chapter 4 System Hacking: Password Cracking, Escalating Privileges, & Hiding Files.
Time-Memory tradeoffs in password cracking 1. Basic Attacks Dictionary attack: –What if password is chosen well? Brute Force (online version): –Try all.
CIS 450 – Network Security Chapter 8 – Password Security.
Computer Security and Penetration Testing Chapter 16 Windows Vulnerabilities.
Mark Shtern. Passwords are the most common authentication method They are inherently insecure.
Breno de MedeirosFlorida State University Fall 2005 Windows servers The NT security model.
Network Security. Need for security  Connecting to the Internet is quickly becoming a necessity for companies/ individuals  Understand the security.
Module 1: Installing Microsoft Windows XP Professional.
Exercises Information Security Course Eric Laermans – Tom Dhaene.
NT SECURITY Introduction Security features of an operating system revolve around the principles of “Availability,” “Integrity,” and Confidentiality. For.
Identification and Authentication CS432 - Security in Computing Copyright © 2005,2010 by Scott Orr and the Trustees of Indiana University.
How Safe are They?. Overview Passwords Cracking Attack Avenues On-line Off-line Counter Measures.
Operating Systems Security 1. The Boot Sequence The action of loading an operating system into memory from a powered-off state is known as booting or.
1 CHAPTER 5 DIFFING. 2 What is Diffing? Practice of comparing two sets of data, before and after a changed has occurred Practice of comparing two sets.
McGraw-Hill/Irwin The Interactive Computing Series © 2002 The McGraw-Hill Companies, Inc. All rights reserved. Microsoft Access 2002 Using Access Tools.
CNIT 124: Advanced Ethical Hacking Ch 9: Password Attacks.
TCOM Information Assurance Management System Hacking.
STEP BY STEP INSTALLATION By Eng. BASSEM ALSAID. Step 1: Boot from windows server 2008 installation DVD, windows will load needed files for starting installation.
Password cracking Patrick Sparrow, Matt Prestifillipo, Bill Kazmierski.
System Hacking (Gaining Access) Additions to CEH ed 8, Rev 4 CS3695 – Network Vulnerability Assessment & Risk Mitigation–
CHAPTER 5 MANAGING USER ACCOUNTS & GROUPS. User Accounts Windows 95, 98 & Me do not need a user account like Windows XP Professional to access computer.
Password Security Module 8. Objectives Explain Authentication and Authorization Provide familiarity with how passwords are used Identify the importance.
CSCE 201 Identification and Authentication Fall 2015.
CSCI 530 Lab Passwords. Overview Authentication Passwords Hashing Breaking Passwords Dictionary Hybrid Brute-Force Rainbow Tables Detection.
Managing Users CSCI N321 – System and Network Administration Copyright © 2000, 2011 by Scott Orr and the Trustees of Indiana University.
CIS 450 – Network Security Chapter 10 – UNIX Password Crackers.
C Copyright © 2007, Oracle. All rights reserved. Security New Features.
 Encryption provides confidentiality  Information is unreadable to anyone without knowledge of the key  Hashing provides integrity  Verify the integrity.
Understanding Security Policies Lesson 3. Objectives.
Windows Vista Configuration MCTS : NTFS Security Features and File Sharing.
Password Cracking COEN 252 Computer Forensics. Social Engineering Perps trick Law enforcement, private investigators can ask. Look for clues: Passwords.
7/10/20161 Computer Security Protection in general purpose Operating Systems.
Security Risk Assessment Determine how important your computer is to your group ● Mission critical? ● Sensitive information? ● Expensive hardware? ● Service.
Hacking Windows.
Understanding Security Policies
Chapter Objectives In this chapter, you will learn:
Introduction to Operating Systems
Introduction to Operating Systems
Password Cracking Lesson 10.
Information Assurance Day Course
Security.
Lesson 14 Sharing Documents
PHP: Security issues FdSc Module 109 Server side scripting and
Chapter 3: Windows7 Part 3.
Lesson 16-Windows NT Security Issues
Protecting IT systems (2)
Microsoft Excel 2007 – Level 2
Florida State University
Security.
Greta Mameniskyte IV course 3rd group
Exercise: Hashing, Password security, And File Integrity
O.S. Security.
Computer Security Protection in general purpose Operating Systems
Network Penetration Testing & Defense
Presentation transcript:

I have edited and added material. Windows This presentation is an amalgam of presentations by Mark Michael, Randy Marchany and Ed Skoudis. I have edited and added material. Dr. Stephen C. Hayne

Windows Security Local Security Authority (LSA) Determines whether a logon attempt is valid Security Accounts Manager (SAM) Receives user logon information and checks it with its database to verify a correct username/password SAM Database Stores the LM and NT password hashes

Windows Passwords LM Password NT Password Used for backward compatibility Stores passwords in CAPS Much easier to crack than NT Hashes Password is not hashed or encrypted Broken up into 2 groups of 7 characters Usually gives away the NT password if cracked NT Password Used for compatibility with Windows NT/2000 systems Stores password exactly how they were entered by the user Uses a series of 2 one way hashes to hash the password Does not salt passwords like Unix

Windows “NT” Passwords Length Anywhere from 0 to 14 characters Characters All letters (upper and lowercase), numbers, and symbols are acceptable Stored in SAM database \WINNT\system32\config or \WINNT\repair … 

NT Passwords 1. Hashed using RSA MD4 function Not reversable! But can be replicated… 2. Hashed again using MS function into SAM Reversable and fairly simple 3. Encrypted using Syskey function Strong encryption of SAM on disk

LM Passwords VS. NT Passwords An 8 character LM password is 890 times easier to crack than an 8 character NT password A 14 character LM password is 450 trillion times easier to crack than a 14 character NT Password 450 trillion = 450,000,000,000,000

Windows Cracking Obtain copy of SAM and run 0phCrack BUT – can’t get “real” SAM because it is LOCKED! UNLESS, use NTFSDos, SAMDUMP or PWDUMP3 first…

NTFSDos and SAMDump SAMDump NTFSDos http://www.hackingexposed.com/links-cdrom/links-cdrom.html NTFSDos and SAMDump NTFSDos Utility that allows DOS to view NTFS partitions Can be placed on a boot disk and used to access files that can’t be accessed in Windows SAMDump Utility that “dumps” the password hashes in the SAM database Can be used to view the password hashes or to export them into a text file If Syskey is used, displayed hashes will be incorrect

PWDump3 A utility similar to SAMDump Grabs password hashes from memory instead of the SAM database Because of this, it will work with Syskey enabled Can only be used by the Administrator on each system

0phCrack Uses Dictionary, Hybrid, Brute Force and Rainbow Table attacks on password hashes Can get password from a local machine, a repair disk, a copied SAM file, or over a network (By sniffing packets) Can only be used by Administrators Uses a built in version of SAMDump or PWDump3 to access the password hashes from memory

Password Protection Remove permissions from the “repair” file http://www.ntbugtraq.com/default.asp?sid=1&pid=47&aid=15 Remove permissions from the “repair” file Audit Password Registry Keys Use a strong Admin password and DON’T share it! Integrate @#$%{|> characters – increases key space 100 times Possibly add characters from [Alt+###]

Un*x Cracking Obtain “John the Ripper” Run against /etc/passwd file

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.