This kind of traffic hijacking is the result of an ARP Poison attack and also a prerequisite to achieve a “Man-in-the-Middle” condition between victim hosts. Manipulating ARP caches of two hosts, it is possible to change the normal direction of traffic between them. On the contrary if the ARP-IP entry for the destination host is already present in the ARP cache of the source host, that entry will be used without generating ARP traffic. Because this packet is sent in broadcast it will reach every host in a subnet however only the host with the IP address specified in the request will reply its MAC to the source host. If not, it broadcasts an ARP Request to the entire network asking the MAC of the destination host. The source host looks at its ARP table to see if there is a MAC address corresponding to the destination host IP address. On an Ethernet/IP network when two hosts want to communicate to each other they must know each others MAC addresses. This kind of attack is based on the manipulation of host’s ARP caches.
SCAN FOR MAC ADDRESS USING CAIN AND ABEL PASSWORD
However, working with the application, rainbow tables and password generators can help your narrow down to reasonable time frames to get the job done. If you see this, then you should rethink the need for this account. Anyway, based on the other passwords and those accounts with an “*” in the <8 field on how many characters to specify in the password length pull down box.
If not see if you can find a repeating structure that is based on the number 7. This is also due to the nature of NT versus NTLM and the method that NT used to store passwords. Another note is that sometimes you will see a “?” or several “?” and then some numbers or letters. This is because that is due nature of LM hashes and the way that they are stored.
SCAN FOR MAC ADDRESS USING CAIN AND ABEL CRACKED
Select all of the un cracked accounts and follow the previous steps and select Brute Force (LM). The goal is to use the least amount of characters and symbols to get the account that you need. As you will see, the addition of a single character or symbol can take you from hours to days or even years to crack a password.
How about numbers? A lot of all upper case of all lower case? Use what you see to help you determine what parameters to include when you are bruting. First do you see any special characters in any of the passwords cracked. Look closely at all of the passwords that you have cracked and look for patterns. Here is the first time that you will actually have to use your brain Bruting can be extremely time consuming. Repeat the same process for selecting the accounts.
0 kommentar(er)
