Lab 1
Extracting Administrator Passwords Using LCP
Link Control Protocol (LCP) is part of the Point-to-Point (PPP) protocol In PPP communications, both the sending and receiving devices send out LCP packets to determine specific information required for data transmission.
Lab Scenario
Hackers can break weak password storage mechanisms by using cracking methods that outline 111 this chapter. Many vendors and developers believe that passwords are safe from hackers if they don’t publish the source code for their encryption algorithms. After the code is cracked, it is soon distributed across the Internet and becomes public knowledge. Password-cracking utilities take advantage of weak password encryption. These utilities do the grunt work and can crack any password, given enough time and computing power. In order to be an expert ethical hacker and penetration tester, you must understand how to crack administrator passwords.
Lab Objectives
Tlie objective of tins lab is to help students learn how to crack administrator passwords for ethical purposes.
in this lab you will learn how to:
■ Use an LCP tool
■ Crack administrator passwords
Lab Environment
To carry out the lab you need:
■ LCP located at D:\CEH-Tools\CEHv8 Module 05 System Hacking\Password Cracking Tools\LCP
■ You can also download the latest version of LCP from the link http: / www.lcpsoft.com/engl1sh/1ndex.htm
■ If you decide to download the latest version, then screenshots shown in the lab might differ
■ Follow the wizard driven installation instructions
■ Run this tool 111 Windows Server 2012
■ Administrative privileges to run tools
■ TCP/IP settings correctly configured and an accessible DNS server
Lab Duration
Time: 10 Minutes
Overview of LCP
LCP program mainly audits user account passwords and recovers diem 111 Windows 2008 and 2003. General features of diis protocol are password recovery, brute force session distribution, account information importing, and hashing. It can be used to test password security, or to recover lost passwords. Tlie program can import from die local (or remote) computer, or by loading a SAM, LC, LCS, PwDump or Smtt tile. LCP supports dictionary attack, bmte lorce attack, as well as a hybrid ot dictionary and bmte torce attacks.
Lab Tasks
1. Launch the Start menu by hovering the mouse cursor 011 the lower-left corner of the desktop.
 |
| FIGURE 1.1: Windows Server 2012 — Desktop view |
 |
| FIGURE 1.2: Windows Server 2012 — Apps |
3. The LCP main window appears.
 |
| FIGURE 1.3: LCP main window |
4. From die menu bar, select Import and then Import from remote computer
 |
| FIGURE 1.4: Import die remote computer |
5. Select Computer name or IP address, select the Import type as Import from registry, and click OK.
 |
| FIGURE 1.5: Import from remote computer window |
6. The output window appears
 |
| FIGURE 1.6: Importing the User Names |
7. Now select any User Name and click the L1L4 Play button.
8. Tins action generates passwords.
 |
| FIGURE 1.7: LCP generates the password for the selected username |
Document all die IP addresses and passwords extracted for respective IP addresses. Use tins tool only for training purposes.
Questions
1. \Y11at is the main purpose of LCP?
2. How do von continue recovering passwords with LCP?
Không có nhận xét nào:
Đăng nhận xét