“Auditing System Password Using LOphtCrack”

By:

-Vishal Kumar

(CEH, CHFI, CISE, MCP)

info@prohackers.in

Lab - 2

Auditing System Password Using LOphtCrack

L0phtCrack is password auditing tool that containsfeatures such as scheduling, hash extraction from 64-bit Windows version, multiprocessor algorithms, andnetwork monitoring and decoding. It can import andcrack UNIX password files from remote WindowsMachines.

Lab Scenario

Because security and compliance are high priorities for mostorganizations, Attacker’s on organization’s computer systems takemany different forms, such as spoofing, smurfing, and other typesor Denial of Service (DoS) attacks. These attacks are design toharm or interrupt the use of your operational systems.

Password cracking is term used to describe the penetration or anetwork, system, or resource with or without the use of tools tounlock a resource that has been secured with a password. In thislab, we will look at what password cracking is why attackers doit, how they archive their goal, and what do to protect yourself.

Lab Scenario

Through an examination of several scenarios, in this lab wedescribe some of the technique they deployed and the tool thataid them in their assault and how password crackers work bothinternally and externally to violate a companies' infrastructure.

To be an expert ethical hacker and penetration tester, you mustunderstand how to crack an administrator password. In this lab,we crack system user accounts using L0phtCrack.

Lab Objective

The objective of this lab is to help peoples learn how to:

• Use the L0phtCrack tool to attain user passwords that can beeasily cracked.

Overview of the Lab

In this lab, being a security auditor, you will be running theL0ptCrack tool by giving the remote machine’s administrator usercredentials, user account passwords that are cracked in shortamount of time are considered to be weak, and you need to takecertain measures to make them stronger.

Lab Task 01:- Install and configure L0phtCrack.

• Log On to the Windows Server 2008 virtual machine.

• Switch back to the host machine and navigate to the CEHv9 toolkit, and locate the folder L0phtcrack. Double-click on thelc6setup_v6.0.18.exe to install the L0phtCrack.

• Follow the steps and instruction in the installation wizard toinstall the application.

Note:- At the time of installation, Program Compatibility Assistant pop-up mayappear, click Close and continue the installation.

Lab Task 01:- Install and configure L0phtCrack.

• On the completion of theinstallation, launch L0phtCrackfrom Apps screen. If the Reminderpop-up prompts you can enter thekey, press OK to continue.

• The L0phtCrack Wizard appears,click Next. choose Retrieve from aremote machine in the GetEncrypted Password section, andclick Next.

Lab Task 01:- Install and configure L0phtCrack.

Tip:- LophtCrack has a built-in ability to import passwordsfrom remote windows, including 64-bit version of windows8.1, windows 7 and UNIX machine, without requiring a third-party utility.

Note:- you are setting this option forauditing password on a remotemachine.

• Click the Strong Password Auditradio button from the ChooseAuditing Method section, andclick Next.

Lab Task 01:- Install and configure L0phtCrack.

Tip:- LophtCrack offers remediation assistance to system administrator.

• In the Pick Reporting style section,click all the options and then clickNext.

Tip:- LophtCrack has real-time reporting that is displayed in a separate, tabbed interface.

• On configuring all options, click theFinish button in the Begin Auditingsection.

Lab Task 02:- Crack system password

• The L0phtcrack main windowappears, along with Importpop-up, as shown in thefollowing screenshot.

Lab Task 02:- Crack system password

• In the Import pop-up, selectRemote machine radio-buttonfrom the Import from section,and click Add....

Lab Task 02:- Crack system password

• The Add Machine to RemoteImport pop-up appears.Enter the IP address of thetarget machine (windowsserver 2008 virtual machine)in Machine field, choose theOperating System (in thiscase, Windows), and clickOK.

Lab Task 02:- Crack system password

• The Enter Credential windowappear, select User specificcredential for this machineoption, enter the admin usercredentials of windows server2008 virtual machine, enterthe domain as CEH.com, andthen click OK.

Lab Task 02:- Crack system password

• Select the targetmachine, and click OK.

Lab Task 02:- Crack system password

• The Processing pop-upappears, and L0phtCrackbegins to establish a remoteconnection to the targetmachine, as shown in thefollowing screenshot.

Lab Task 02:- Crack system password

• Once the processingcomplete, all the remoteuser are displayed, alongwith cracked password(which in this case areweak), as displayed in thebelow screenshot.

Lab Task 02:- Crack system password

Tip:- LophtCrack use Directory, Hybrid, Recomputed, and Brute-Force passwordauditing methods.

• So, you have successfully attained weakly configuredpasswords:

• As a security Auditor/Administrator, you need to enforcestrong password for user accounts, to avoid passwordbeing stolen.

Lab Analysis

Tool/Utility Information Collected/Objectives Achieved

L0phtCrack

IP Address Range/target:-192.168.0.101Scan Result:-•All user Password•Weak passwords

Feedback

Thanks for reading this presentation

Please give us your feedback at

info@prohackers.in

Your feedback is most valuable for us for improving the presentation

You can also suggest the topic on which you want the presentation

Website: www.prohackers.in

FB page: www.facebook.com/theprohackers2017

Join FB Group: www.facebook.com/groups/group.prohackers/

Watch us on: www.youtube.com//channel/UCcyYSi1sh1SmyMlGfB-Vq6A