This is my first post here and I am looking for some suggestions to complete an assignment for my Ethical Hacking and Network Defense class.
Our assignment is to retrieve the administrator password for a Windows XP machine on the local area network. Our instructor has suggested using a MITM attack. I am mostly clueless where to start, except that I've heard buzzwords about metasploit and various other white hat tools. If there is a good starter guide for using any of these tools, I am having some difficulty finding them.
Can anyone provide some good links to use BT4 in this fashion? Or, is there a previous forum post that I should be looking in for this information (couldn't find it via searching). Thanks in advance all!
Do your own homework. If you're clueless as to where to start, chances are, you haven't been paying attention previously in class.
A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.
Its been my experience having taken a number of IT classes over the years, that the tasks assigned to students usually cover skills taught during the course.
Consequently, I'd suggest going over your course notes and re-reading any assigned texts. The answer should be there somewhere, and if it isn't, you can also find it by reading up on the related subjects (man in the middle attacks, windows password storage and transfer, etc) and then using your new found knowledge to perform Google searches to lead you to ever more relevant information until you find what you are after. This will be valuable experience, because one of the things that you will require to progress in any sort of advanced education is the ability to research a given topic.
So in other words, do your own homework.
I suggest looking into ettercap and then looking into rainbow tables or dictionary attacks. Chances are that if it is a homework assignment that the password is under 7 char long. Any longer than that and it might go past the assignment due date to brute force. Remember most of these guys in here are pros and generaly tell you what to research than just give the answer to just a basic question. I suggest learn how ./arpspoof works which is very easy and get the basics of MITM attacks them move on to filtering traffic with ettercap. This will give you a good understanding of what is really going on. The knowledge is not in cracking the password but learning to find what you want on the line.
google IRONGEEK and watch his videos, may help you.