Results 1 to 5 of 5

Thread: Couple of Questions...

  1. #1
    Just burned his ISO
    Join Date
    Apr 2008
    Posts
    1

    Default Couple of Questions...

    First off, I am not familiar with most of the stuff regarding Linux, and metasploit so no flaming. In other words, I am new to this stuff...
    I have a couple of questions, if you can answer, I would appreciate it.

    Now my questions:

    Is it actually possible to use exploits available in metasploit to target xp machines which are fully patched and be successful? I mean things like a remote shell and stuff...

    Is Dictionary attack the only possible way to crack WPA? If it is, then isn't it a bit unreliable because you can use character like %&# with ˇŕ because then it will be impossible to crack, no?

    Thanks

  2. #2
    Jenkem Addict imported_wyze's Avatar
    Join Date
    Jul 2007
    Posts
    1,543

    Default

    !n00b_threat_level

    Read/Search/Self Educate
    dd if=/dev/swc666 of=/dev/wyze

  3. #3
    Senior Member Thorn's Avatar
    Join Date
    Jan 2010
    Location
    The Green Dome
    Posts
    1,509

    Default

    Quote Originally Posted by n.Tesla View Post
    Is Dictionary attack the only possible way to crack WPA? If it is, then isn't it a bit unreliable because you can use character like %&# with ˇŕ because then it will be impossible to crack, no?
    Yes, using a Dictionary/Rainbow attack is the only way to break WPA, and the technique is only good against weak passwords. Strong passwords make WPA essentially uncrackable. This is a good thing.

    This isn't just true of WPA. Many modern password schemes are only breakable by weak passwords. Realistically, you're never going to crack a random password/passphrase via a dictionary attack unless it's been used in something that is inherently weak, like WEP or LM.
    Thorn
    Stop the TSA now! Boycott the airlines.

  4. #4
    Very good friend of the forum hhmatt's Avatar
    Join Date
    Jan 2010
    Posts
    660

    Default

    Quote Originally Posted by Thorn View Post
    Yes, using a Dictionary/Rainbow attack is the only way to break WPA, and the technique is only good against weak passwords. Strong passwords make WPA essentially uncrackable. This is a good thing.
    Damn right.

    This isn't just true of WPA. Many modern password schemes are only breakable by weak passwords. Realistically, you're never going to crack a random password/passphrase via a dictionary attack unless it's been used in something that is inherently weak, like WEP or LM.
    Yes its really just the encryption implementation or the encryption itself that makes the password weak. There probably isn't much wrong with WEP's encryption its just implemented poorly.

    Don't LM hashes have to be sent through a rainbow table since you can't reverse engineer the entire hash? NTLM hashes can still be run through a rainbow table and be cracked its just a much larger table. There's a website that you can put hashes into and it will run the hash against the database and return your hashed password, I just forget the name of it offhand. This includes many different encryption schemes such as RC and MD as well.

    I guess a Brute force attack on random password's is your best bet next to rainbow tables but this all depends on the time you have to crack it. The longer the password the greater amount of time is required and it increases exponetially.

  5. #5
    Senior Member ShadowKill's Avatar
    Join Date
    Dec 2007
    Posts
    908

    Default

    Quote Originally Posted by n.Tesla View Post
    ....Is it actually possible to use exploits available in metasploit to target xp machines which are fully patched and be successful? I mean things like a remote shell and stuff....
    That's a pretty broad question but specifically, if the system is patched according to all of the exploits that metasploit utilizes then of course it won't work. You can, however, add your own exploits to metasploit if you know, or suspect, that the system you are targetting may be vulnerable to that specific exploit. This will take some coding knowledge, of Ruby and in general, but it is far from impossible.



    "The goal of every man should be to continue living even after he can no longer draw breath."

    ~ShadowKill

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •