Password Cracking

Darren's profile! Welcome !PhotosBlogListsMore

Tools

Help

< Previous Next >

September 28

Remote Access Password Sharing!

Windows has something called remote file sharing, which allows two different systems which are seperated to share files and printers. This is secured by a password which has to be entered each time a system requests a file.

There are two types of passwords in remote file sharing:

The Main Access Password: This password gives the client full access to all files and folders.
Specific File Or Folder Password: Speaks for its self.

Both of these passwords are encrypted by passing them through the same algorithm. I will show you how a hacker would usually try to crack this password.

Go to your control panel and look for network, make sure you have the file and printer sharing enabled, then reboot for the changes to take effect.

After restarting you must go to the control again and look for security. If everything is ok there should be a page called remote access. Make sure the password is erikaand then close it.

Then open your registry editor (start/run/type (regedit)/ok) and look for admin$, which will be found in:

HKEY_LOCAL_MACHINE\Microsoft\windows\current version\Network\LanMan\ADMIN$.

(if you want to crack the password of a specific folder search for the key whos name is the same as the name of the folder and change the ADMIN$ to that name)

In the right pane of the registry editor, there is a key called parm1enc, this contains the encrypted password. You just changed the password to erika, so the parm1enc will be 70 C8 04 ED 12 hex. This is the encrypted password, so in ASCII that is pÈ.í.

So after decryption the 70h represents e, but how will we do this ? 1st of all windows converts your password to uppercase , so the e will become E, which is

45h.

So, 70h :=45h

01110000 = 70h

???????? XOR key

--------

01000101 = 45h

OK let us do this :

01110000 = 70h

00110101 XOR key = 35h (=53 decimal)

--------

01000101 = 45h

Now lets test this: Change your password to 123, now the encrypted password will be 04 8A 7E, Ok, but we only need the 04h:

00000100 = 04h

00110101 FOUND XOR key

--------

00110001 = 31h

Now,get your ASCII table and look at 31h (49 Dec) got it ? thats the ASCII charactor 1. So now you can find the 1st charactor of the

password by useing 35h as the XOR key, but every charactor of the password uses another key,which means there are 8 different keys.

Im not going to show you how to get them, try to work it out yourself by following the same procedure as above: i will give you the keys ?

1st char; 35h
2nd char; 9Ah
3rd char; 4dh
4th char;   A6h
5th char;   53h
6th char;   A9h
7th char;   D4h
8th char;   6Ah

8:18 PM | Blog it | Computers and Internet

Comments

To add a comment, sign in with your Windows Live ID (if you use Hotmail, Messenger, or Xbox LIVE, you have a Windows Live ID). Sign in

Don't have a Windows Live ID? Sign up

Trackbacks

The trackback URL for this entry is:

http://nism-o.spaces.live.com/blog/cns!F484BCA9EE782E9!160.trak

Weblogs that reference this entry

None