Submit Search
Upload
Holland safenet livehack hid usb pineapple_cain_oph_with_video
•
Download as PPTX, PDF
•
0 likes
•
793 views
R
robbuddingh
Follow
Life Hacking presentation Roy Gray, Safenet
Read less
Read more
Technology
Report
Share
Report
Share
1 of 36
Download now
Recommended
Home Automation Benchmarking Report
Home Automation Benchmarking Report
Synack
Configuring asa site to-site vp ns
Configuring asa site to-site vp ns
chiensy
All about routers
All about routers
agwanna
Ceh v5 module 21 cryptography
Ceh v5 module 21 cryptography
Vi Tính Hoàng Nam
Network Security
Network Security
DURYODHAN MAHAPATRA
Anton Chuvakin on Honeypots
Anton Chuvakin on Honeypots
Anton Chuvakin
OWASP Cambridge Chapter Meeting 13/12/2016
OWASP Cambridge Chapter Meeting 13/12/2016
joebursell
Dror-Crazy_toaster
Dror-Crazy_toaster
guest66dc5f
Recommended
Home Automation Benchmarking Report
Home Automation Benchmarking Report
Synack
Configuring asa site to-site vp ns
Configuring asa site to-site vp ns
chiensy
All about routers
All about routers
agwanna
Ceh v5 module 21 cryptography
Ceh v5 module 21 cryptography
Vi Tính Hoàng Nam
Network Security
Network Security
DURYODHAN MAHAPATRA
Anton Chuvakin on Honeypots
Anton Chuvakin on Honeypots
Anton Chuvakin
OWASP Cambridge Chapter Meeting 13/12/2016
OWASP Cambridge Chapter Meeting 13/12/2016
joebursell
Dror-Crazy_toaster
Dror-Crazy_toaster
guest66dc5f
[2.2] Hacking Internet of Things devices - Ivan Novikov
[2.2] Hacking Internet of Things devices - Ivan Novikov
OWASP Russia
Exploiting WiFi Security
Exploiting WiFi Security
Hariraj Rathod
Network Security fundamentals
Network Security fundamentals
Tariq kanher
Wireless security
Wireless security
Aurobindo Nayak
Reconnaissance & Scanning
Reconnaissance & Scanning
amiable_indian
Threat Con 2021: What's Hitting my Honeypots
Threat Con 2021: What's Hitting my Honeypots
APNIC
Ceh v8 labs module 15 hacking wireless networks
Ceh v8 labs module 15 hacking wireless networks
Mehrdad Jingoism
The Top 10/20 Internet Security Vulnerabilities – A Primer
The Top 10/20 Internet Security Vulnerabilities – A Primer
amiable_indian
Network security
Network security
syed mehdi raza
The state of wireless security
The state of wireless security
Filip Waeytens
Критически опасные уязвимости в популярных 3G- и 4G-модемах или как построить...
Критически опасные уязвимости в популярных 3G- и 4G-модемах или как построить...
Positive Hack Days
Bh fed-03-kaminsky
Bh fed-03-kaminsky
Dan Kaminsky
Kipp Berdiansky on Tcp syn flooding and ip spoofing attacks
Kipp Berdiansky on Tcp syn flooding and ip spoofing attacks
Kipp Berdiansky
Hack wifi password using kali linux
Hack wifi password using kali linux
Helder Oliveira
Internet census 2012
Internet census 2012
Giuliano Tavaroli
Aircrack
Aircrack
MuhammadHanzalah6
Open vpn feature_on_yealink_ip_phones_v80_60(1)
Open vpn feature_on_yealink_ip_phones_v80_60(1)
maunicmer
How Hack WiFi through Aircrack-ng in Kali Linux Cyber Security
How Hack WiFi through Aircrack-ng in Kali Linux Cyber Security
Ahmad Yar
An Approach to for Improving the Efficiency of IDS System Using Honeypot
An Approach to for Improving the Efficiency of IDS System Using Honeypot
Editor Jacotech
DEF CON 23: Internet of Things: Hacking 14 Devices
DEF CON 23: Internet of Things: Hacking 14 Devices
Synack
Airheads dallas 2011 wireless security
Airheads dallas 2011 wireless security
Aruba, a Hewlett Packard Enterprise company
2012 ah vegas wlan security fundamentals
2012 ah vegas wlan security fundamentals
Aruba, a Hewlett Packard Enterprise company
More Related Content
What's hot
[2.2] Hacking Internet of Things devices - Ivan Novikov
[2.2] Hacking Internet of Things devices - Ivan Novikov
OWASP Russia
Exploiting WiFi Security
Exploiting WiFi Security
Hariraj Rathod
Network Security fundamentals
Network Security fundamentals
Tariq kanher
Wireless security
Wireless security
Aurobindo Nayak
Reconnaissance & Scanning
Reconnaissance & Scanning
amiable_indian
Threat Con 2021: What's Hitting my Honeypots
Threat Con 2021: What's Hitting my Honeypots
APNIC
Ceh v8 labs module 15 hacking wireless networks
Ceh v8 labs module 15 hacking wireless networks
Mehrdad Jingoism
The Top 10/20 Internet Security Vulnerabilities – A Primer
The Top 10/20 Internet Security Vulnerabilities – A Primer
amiable_indian
Network security
Network security
syed mehdi raza
The state of wireless security
The state of wireless security
Filip Waeytens
Критически опасные уязвимости в популярных 3G- и 4G-модемах или как построить...
Критически опасные уязвимости в популярных 3G- и 4G-модемах или как построить...
Positive Hack Days
Bh fed-03-kaminsky
Bh fed-03-kaminsky
Dan Kaminsky
Kipp Berdiansky on Tcp syn flooding and ip spoofing attacks
Kipp Berdiansky on Tcp syn flooding and ip spoofing attacks
Kipp Berdiansky
Hack wifi password using kali linux
Hack wifi password using kali linux
Helder Oliveira
Internet census 2012
Internet census 2012
Giuliano Tavaroli
Aircrack
Aircrack
MuhammadHanzalah6
Open vpn feature_on_yealink_ip_phones_v80_60(1)
Open vpn feature_on_yealink_ip_phones_v80_60(1)
maunicmer
How Hack WiFi through Aircrack-ng in Kali Linux Cyber Security
How Hack WiFi through Aircrack-ng in Kali Linux Cyber Security
Ahmad Yar
An Approach to for Improving the Efficiency of IDS System Using Honeypot
An Approach to for Improving the Efficiency of IDS System Using Honeypot
Editor Jacotech
What's hot
(19)
[2.2] Hacking Internet of Things devices - Ivan Novikov
[2.2] Hacking Internet of Things devices - Ivan Novikov
Exploiting WiFi Security
Exploiting WiFi Security
Network Security fundamentals
Network Security fundamentals
Wireless security
Wireless security
Reconnaissance & Scanning
Reconnaissance & Scanning
Threat Con 2021: What's Hitting my Honeypots
Threat Con 2021: What's Hitting my Honeypots
Ceh v8 labs module 15 hacking wireless networks
Ceh v8 labs module 15 hacking wireless networks
The Top 10/20 Internet Security Vulnerabilities – A Primer
The Top 10/20 Internet Security Vulnerabilities – A Primer
Network security
Network security
The state of wireless security
The state of wireless security
Критически опасные уязвимости в популярных 3G- и 4G-модемах или как построить...
Критически опасные уязвимости в популярных 3G- и 4G-модемах или как построить...
Bh fed-03-kaminsky
Bh fed-03-kaminsky
Kipp Berdiansky on Tcp syn flooding and ip spoofing attacks
Kipp Berdiansky on Tcp syn flooding and ip spoofing attacks
Hack wifi password using kali linux
Hack wifi password using kali linux
Internet census 2012
Internet census 2012
Aircrack
Aircrack
Open vpn feature_on_yealink_ip_phones_v80_60(1)
Open vpn feature_on_yealink_ip_phones_v80_60(1)
How Hack WiFi through Aircrack-ng in Kali Linux Cyber Security
How Hack WiFi through Aircrack-ng in Kali Linux Cyber Security
An Approach to for Improving the Efficiency of IDS System Using Honeypot
An Approach to for Improving the Efficiency of IDS System Using Honeypot
Similar to Holland safenet livehack hid usb pineapple_cain_oph_with_video
DEF CON 23: Internet of Things: Hacking 14 Devices
DEF CON 23: Internet of Things: Hacking 14 Devices
Synack
Airheads dallas 2011 wireless security
Airheads dallas 2011 wireless security
Aruba, a Hewlett Packard Enterprise company
2012 ah vegas wlan security fundamentals
2012 ah vegas wlan security fundamentals
Aruba, a Hewlett Packard Enterprise company
Security Handbook
Security Handbook
Anthony Hasse
Cisco Connect Halifax 2018 Anatomy of attack
Cisco Connect Halifax 2018 Anatomy of attack
Cisco Canada
Firewall
Firewall
Angga Racing
10 Wireless Home Network Security Tips
10 Wireless Home Network Security Tips
PECB
FBI & Secret Service- Business Email Compromise Workshop
FBI & Secret Service- Business Email Compromise Workshop
Ernest Staats
Comptia Security+ Exam Notes
Comptia Security+ Exam Notes
Vijayanand Yadla
Securing Network Access with Open Source solutions
Securing Network Access with Open Source solutions
Nick Owen
Sectools
Sectools
securedome
aaa
aaa
hungnhatban
Research Inventy : International Journal of Engineering and Science
Research Inventy : International Journal of Engineering and Science
inventy
Ending the Tyranny of Expensive Security Tools
Ending the Tyranny of Expensive Security Tools
SolarWinds
Ending the Tyranny of Expensive Security Tools
Ending the Tyranny of Expensive Security Tools
Michele Chubirka
voip_en
voip_en
Pierpaolo Palazzoli
A modern approach to safeguarding your ICS and SCADA systems
A modern approach to safeguarding your ICS and SCADA systems
Alane Moran
Security intermediate practical cryptography_certs_and 802.1_x_rich langston...
Security intermediate practical cryptography_certs_and 802.1_x_rich langston...
Aruba, a Hewlett Packard Enterprise company
Wireless Pentesting: It's more than cracking WEP
Wireless Pentesting: It's more than cracking WEP
Joe McCray
Wireless hacking
Wireless hacking
arushi bhatnagar
Similar to Holland safenet livehack hid usb pineapple_cain_oph_with_video
(20)
DEF CON 23: Internet of Things: Hacking 14 Devices
DEF CON 23: Internet of Things: Hacking 14 Devices
Airheads dallas 2011 wireless security
Airheads dallas 2011 wireless security
2012 ah vegas wlan security fundamentals
2012 ah vegas wlan security fundamentals
Security Handbook
Security Handbook
Cisco Connect Halifax 2018 Anatomy of attack
Cisco Connect Halifax 2018 Anatomy of attack
Firewall
Firewall
10 Wireless Home Network Security Tips
10 Wireless Home Network Security Tips
FBI & Secret Service- Business Email Compromise Workshop
FBI & Secret Service- Business Email Compromise Workshop
Comptia Security+ Exam Notes
Comptia Security+ Exam Notes
Securing Network Access with Open Source solutions
Securing Network Access with Open Source solutions
Sectools
Sectools
aaa
aaa
Research Inventy : International Journal of Engineering and Science
Research Inventy : International Journal of Engineering and Science
Ending the Tyranny of Expensive Security Tools
Ending the Tyranny of Expensive Security Tools
Ending the Tyranny of Expensive Security Tools
Ending the Tyranny of Expensive Security Tools
voip_en
voip_en
A modern approach to safeguarding your ICS and SCADA systems
A modern approach to safeguarding your ICS and SCADA systems
Security intermediate practical cryptography_certs_and 802.1_x_rich langston...
Security intermediate practical cryptography_certs_and 802.1_x_rich langston...
Wireless Pentesting: It's more than cracking WEP
Wireless Pentesting: It's more than cracking WEP
Wireless hacking
Wireless hacking
Recently uploaded
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
LoriGlavin3
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
Kalema Edgar
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdf
MounikaPolabathina
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
Alan Dix
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
DianaGray10
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
Lonnie McRorey
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
BookNet Canada
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
Dubai Multi Commodity Centre
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
LoriGlavin3
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
LoriGlavin3
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
LoriGlavin3
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
LoriGlavin3
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
Dilum Bandara
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
LoriGlavin3
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
UiPathCommunity
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
LoriGlavin3
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
Commit University
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
Stephanie Beckett
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
Alfredo García Lavilla
How to write a Business Continuity Plan
How to write a Business Continuity Plan
Databarracks
Recently uploaded
(20)
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdf
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
How to write a Business Continuity Plan
How to write a Business Continuity Plan
Holland safenet livehack hid usb pineapple_cain_oph_with_video
1.
Insert Your Name Insert
Your Title Insert Date New World – New Security BYOD…. & some cool h@ck1ng gadgets / tools…. Roy Gray CISSP-CCIE-CCNA-CEH-CHFI roy.gray@safenet-inc.com © SafeNet Confidential and Proprietary
2.
2© SafeNet Confidential
and Proprietary Who We Are Trusted to protect the world’s most sensitive data for the world’s most trusted brands. We protect the most money that moves in the world, $1 trillion daily. We protect the most digital identities in the world. We protect the most classified information in the world. FOUNDED 1983 REVENUE ~500m EMPLOYEES +1,500 In 25 countries OWENERSHIP Private GLOBAL FOOTPRINT +25,000 Customers in 100 countries ACCREDITED Products certified to the highest security standard
3.
3© SafeNet Confidential
and Proprietary -Disclaimer -Local Laws -USB HID Device -Cool Wi-Fi story -Wi-Fi MITM Experiment….Want to take part? -Example ―cracking‖ sites -Cain & Able ARP MITMA -Cain & Able Brute Force -Cain & Able R$A Calculator -OPH Rainbow tables
4.
4© SafeNet Confidential
and Proprietary Legal Disclaimer Hacking without permission may result in a prison sentence – do not try any of these techniques at home *See Hacking Law’s from CEH* Do send me a postcard though and tell me which one you used!
5.
5© SafeNet Confidential
and Proprietary
6.
6© SafeNet Confidential
and Proprietary +
7.
USB HID- Scripting
101 7© SafeNet Confidential and Proprietary As Storage As Keyboard
8.
8© SafeNet Confidential
and Proprietary Script Encode Payload USB HID- Keyboard Scripting For Fun
9.
9© SafeNet Confidential
and Proprietary USB HID- Keyboard Scripting Not For Fun Script Encode Payload
10.
10© SafeNet Confidential
and Proprietary USB HID- Keyboard Scripting Not For Fun
11.
11© SafeNet Confidential
and Proprietary Imagine you are Chuck, a Wi-Fi penetration tester at ACME Corp., sitting at the cafeteria. Busy office workers that BYOD, are eating, socializing and using the Internet from their laptops, smartphones and tablets. Alice is sitting across from you pulling a tablet from her purse. She intends to connect to the wireless, and surf during lunch. The tablet, waking up, transmits Wi-Fi probe requests looking for preferred networks.
12.
12© SafeNet Confidential
and Proprietary Since Alice has connected to ACME Corp. wireless from her tablet in the past it remembers the network name (SSID) and looks for it periodically in this fashion. If the network is within range it will receive a probe response to its probe request. The probe responses provides Alice’s tablet with the necessary information it needs to associate with ACME Corp. network. Since this process happens automatically for every network Alice frequently connects to, both on her tablet and laptop she isn’t inconvenienced by choice when getting online at the office, home, cafes or even airplanes! Probe responses Probe requests
13.
13© SafeNet Confidential
and Proprietary Chuck (that’s you!) has a Wi-Fi Pen testing device in his bag. The device is constantly listening for probes requests. When it hears the probe request for the ACME Corp. network from Alice’s tablet it responds with an appropriately crafted probe response. This informs Alice’s tablet that the device is in fact the ACME Corp. wireless network. Of course this is a lie that Alice’s tablet will believe. This simple yet effective lie is responsible for the device’s code name ―Jasager‖ –German for ―The Yes Sayer‖ or ―The Yes Man‖.
14.
14© SafeNet Confidential
and Proprietary Once Alice’s tablet receives the probe response from Chuck’s device they begin the process of associating, and within moments her tablet has obtained an IP address this the Pen test device’s DHCP server. The Pen test device’s DHCP server provides Alice’s tablet with not only an IP address, but DNS and routing information necessary to get her online. Chuck has the Pen test device ―dialled-up‖ to the internet via a pre -configured USB Modem, the default gateway used by Alice’s tablet will be the IP of the Pen test device. Probe responses Probe requests
15.
15© SafeNet Confidential
and Proprietary Now that Chuck’s internet enabled device has made friends with Alice’s tablet she is free to browse the web and Chuck is free to eavesdrop and even change the web she sees. Using man in the middle tools, Chuck is able to watch what web sites Alice visits (url snarf). Since Chuck is particularly mischievous he prefers to change what servers Alice connects to when looking up a website (dns spoof)—thus replacing would be kitten videos with ones of puppies. Oh the horrors!...
16.
16© SafeNet Confidential
and Proprietary Chuck is even capable of saving Alice’s browsing sessions to disk for later analysis (tcpdump), intercept secure communications (sslstrip), or inject malicious code on to websites (ettercap-ng). Alternatively if Chuck chooses not to provide internet access at all the device will still be an effective wireless auditing tool. By enabling DNS spoof Chuck is able to redirect Alice’s browsing session from legitimate websites to the device’s built in web server, which may host a number of phishing sites, password harvesting or malware.
17.
17© SafeNet Confidential
and Proprietary Since Chuck can’t stay at the ACME Corp. cafeteria all day, he considers leaving his device on site. The device is concealed in a case with a battery pack, hidden in plain sight.
18.
18© SafeNet Confidential
and Proprietary In this case Chuck is able to remotely manage the device a few ways. If no internet access is being provided Chuck must be within range of the device wireless network in order to connect to the management SSID. If internet access is provided, Chuck can configure a persistent SSH tunnel. With an SSH or VPN tunnel enabled, internet traffic from the device connected client routes through the tunnel endpoint – typically a virtual private server. From this VPS Chuck may also extend the man in the middle attack.
19.
19© SafeNet Confidential
and Proprietary www Probe requests Proberequests
20.
20 Wi-Fi MITM Experiment
: mk4 karma, urlsnarf, dns spoof , facebook/twitter phishing phishing site
21.
21 Cell phone tracking
device….send pic…see gps,txt,calls,email….
22.
22© SafeNet Confidential
and Proprietary Hacking Gadgets…..who needs them….when..
23.
23© SafeNet Confidential
and Proprietary Hacking Gadgets…..who needs them….when..
24.
24© SafeNet Confidential
and Proprietary Hacking Gadgets…..who needs them….when..
25.
25© SafeNet Confidential
and Proprietary The Weapons – Hands On Cain & Abel is a password recovery tool for Microsoft Operating Systems. It allows easy recovery of various kind of passwords by: -Sniffing the network -Cracking encrypted passwords using Dictionary -Brute-Force and Cryptanalysis attacks -Recording VoIP conversations -Decoding scrambled passwords -Recovering wireless network keys -Revealing password boxes -Uncovering cached passwords -Analyzing routing protocols….and more.
26.
26© SafeNet Confidential
and Proprietary Cain & Abel has been developed in the hope that it will be useful for network administrators, teachers, security consultants/professionals, forensic staff, security software vendors, professional penetration tester and everyone else that plans to use it for ethical reasons. The latest version is faster and contains a lot of new features like APR (Arp Poison Routing) which enables sniffing on switched LANs and Man-in-the-Middle attacks. The sniffer in this version can also analyze encrypted protocols such as SSH-1 and HTTPS, and contains filters to capture credentials from a wide range of authentication mechanisms. The new version also includes routing protocols authentication monitors & routes extractors, dictionary & brute-force crackers for all common hashing algorithms & for several specific authentications, password/hash calculators, cryptanalysis attacks, password decoders & some not so common utilities related to network and system security. The Weapons – Hands On
27.
27© SafeNet Confidential
and Proprietary -Added support for Windows 2008 Terminal Server in APR-RDP sniffer filter. - Added Abel64.exe and Abel64.dll to support hashes extraction on x64 OS. - Added x64 operating systems support in NTLM hashes Dumper, MS-CACHE hashes Dumper, LSA Secrets Dumper, Wireless Password Decoder, Credential Manager Password Decoder, DialUp Password Decoder. - Added Windows Live Mail (Windows 7) Password Decoder for POP3, IMAP, NNTP, SMTP and LDAP accounts. - Fixed a bug of RSA SecurID Calculator within XML import function. - Fixed a bug in all APR-SSL based sniffer filters to avoid 100% CPU utilization while forwarding data. - Executables rebuilt with Visual Studio 2008. **Be very aware of versions with screenscrape / backdoors, not downloaded from the correct source. The Weapons – Hands On
28.
28© SafeNet Confidential
and Proprietary ARP Poison Select interface - Scan for hosts - Poison ARP Table - Look for PW’s Brute Force R$A Calculator…and more Lets take it for a ―Test Drive‖ Industry Example: The Weapons – Hands On
29.
29© SafeNet Confidential
and Proprietary Ophcrack is an open source (GPL licensed) program that cracks Windows passwords by using LM hashes through rainbow tables. The program includes the ability to import the hashes from a variety of formats, including dumping directly from the SAM files of Windows. It is claimed that these tables can crack 99.9% of alphanumeric passwords of up to 14 characters in usually a few minutes. A rainbow table is a lookup table offering a time-memory tradeoff used in recovering the plaintext password from a password hash generated by a hash function, often a cryptographic hash function. A common application is to make attacks against hashed passwords feasible. The Weapons – Hands On
30.
30© SafeNet Confidential
and Proprietary XP Rainbow Tables Example: The Weapons – Hands On
31.
31© SafeNet Confidential
and Proprietary Vista / Win 7 Rainbow Tables Example: The Weapons – Hands On
32.
32© SafeNet Confidential
and Proprietary Example using a XP VM Length = 14 Predefined Charset : Base64 = Decimal + Lowercase + Uppercase + Special Characters < 4min CRACKED! The Weapons – Hands On
33.
33© SafeNet Confidential
and Proprietary Lets take it for a ―Test Drive‖ In Under 4min The Weapons – Hands On
34.
34© SafeNet Confidential
and Proprietary CAIN vs OPHCRACK The Weapons – Hands On
35.
35© SafeNet Confidential
and Proprietary CAIN vs OPHCRACK The Weapons – Hands On
36.
36© SafeNet Confidential
and Proprietary
Download now