Lab 7
Password Cracking Using RainbowCrack
Lab Scenario
Computer passwords are like locks on doors; they keep honest people honest. It someone wishes to gam access to your laptop or computer, a simple login password will not stop them. Most computer users do not realize how simple it is to access die login password for a computer, and end up leaving vulnerable data on their computer, unencrypted and easy to access. Are you curious how easy it is for someone to gain access to your computer? Windows is still the most popular operating system, and die method used to discover the login password is die easiest. A hacker uses password cracking utilities and cracks vour system. That is how simple it is for someone to hack your password. It requires no technical skills, nolaborious tasks, onlv simple words or ־ programs. in order to be an ethical hacker and penetration tester, you must understand how to crack administrator password. in tins lab we discuss how to crack guest users or administrator passwords using RainbowCrack.
Lab Objectives
The objective ot this lab is to help students to crack passwords to perform system password hacking.
Lab Environment
To earn־ out die lab, you need:
■ RainbowCrack Tool located at D:\CEH-T0 0 ls\CEHv8 Module 05 System Hacking\Rainbow Table Creation Tools\RainbowCrack
■ A computer running Window Server 2012
■ You can also download the latest version of RainbowCrack from the link h ttp ://proiect-ra111bowcrack.com/
■ If you decide to download die latest version, dien screenshots shown in die
lab nnght differ
■ Run diis tool 011 Windows Server 2012
■ Administrative privileges to mn diis program
Lab Duration
Tune: 10 Minutes
Overview of RainbowCrack
RainbowCrack is a computer program diat generates rainbow tables to be used in
password cracking. RainbowCrack differs from "conventional" bmte force crackers
in diat it uses large pre-computed tables called rainbow tables to reduce die lengdi of
time needed to crack a password.
Lab Task
1. Double-click die rcrack_gui.exe tile. The main window of RainbowCrack is
shown in the following figure.
 |
| FIGURE 7.1: RainbowCrack main window |
 |
| FIGURE 7.2: Adding Hash values |
i. Navigate to c:\hashes, and open die hashes.txt tile (which is already generated using Pwdump7 located at c:\hashes.txt 111 the previous Lab no:5) .
ii. Right-click, copy die hashes from hashes.txt tile.
iii. Paste into die Hash held, and give die comment (optional).
iV. Click OK.
 | ||
| FIGURE 7.3: Selecting the hashes | Ethical |
 |
| FIGURE 7.4: Adding Hashes |
 | ||
| FIGURE 7.5: Added hash show in window |
5. To add more hashes, repeat steps 2 & 3 (i,ii,iii,iv)
6. Added hashes are shown 111 the following figure.
 |
| FIGURE 7.6: Added Hashes in the window |
8. Browse die Rainbow Table diat is already generated 111 die previous lab, which is located at D:\CEH-Tools\CEHv8 Module 05 System Hacking\Rainbow Table Creation Tools\Winrtgen.
9. Click Open.
 |
| FIGURE 7.8: Added Hashes in the window |
 |
| FIGURE 7.9: Added Hashes in the window |
Analyze and document die results related to the lab exercise.
Questions
1. What kind of hashes does RainbowCrack support?
Không có nhận xét nào:
Đăng nhận xét