|
Title: Is windows xp sp4 still risky ? Post by: hack_newbie on October 02, 2011, 09:32:23 AM Hi all.
I have done some research on my own but wasnt successful. i am just getting started with security stuff in terms of system hacking. I am a network engineer (cisco based) and have a good knowledge of networks and related protocols. What currently interests me, is windows xp (with sp4 and other patches uptodate) is still exploitable. Can we still use pass the hash attack to exploit the machine ? I know i should have tried it first but just wanted to get some feedback from you guys :-) If i asked something stupid then please pardon me and correct me Title: Re: Is windows xp sp4 still risky ? Post by: impelse on October 02, 2011, 10:41:12 AM The OS could be fully protected but what about the application that the computer has, those could be exploited like adobe, msql, mysql, etc, etc
Title: Re: Is windows xp sp4 still risky ? Post by: hack_newbie on October 02, 2011, 11:09:28 AM Yes that could be one way of doing it. But i just wanted to know about the OS itself, is it currently unexploitable ?
Title: Re: Is windows xp sp4 still risky ? Post by: cd1zz on October 02, 2011, 07:44:32 PM There is no such thing as XP SP4.
XP SP3 has a EOL in April 2014 I believe. And yes, of course it is still vulnerable. Title: Re: Is windows xp sp4 still risky ? Post by: hayabusa on October 02, 2011, 08:10:09 PM I saw the mention of SP4, and more or less ignored this one. If someone doesn't even know SP4 doesn't exist (or do the research to find out,) it's not worth the time to respond, IMHO.
Regarding that EOL, though, we ALL know there will still be plenty of attack surface, of XP, even after that date, as businesses just don't care, sometimes. Good security posture would suggest staying on a current, patched OS, but I speak for many pentesters who know, for fact, that it's just not followed, religiously, if it's even in many companies' plans, at all. Title: Re: Is windows xp sp4 still risky ? Post by: cd1zz on October 02, 2011, 08:16:13 PM Welcome to the power industry in the US where NT 4 is prevalent. Seriously.
Vendors who deploy XP are "cutting edge." Seriously :) Don't get me started. Title: Re: Is windows xp sp4 still risky ? Post by: hayabusa on October 02, 2011, 08:44:12 PM <nod> Trust me... I agree AND fully understand. I supported some 'power industry' clients a few years back.
Always amazed at the lack of forethought and security smarts, on all fronts. Title: Re: Is windows xp sp4 still risky ? Post by: cd1zz on October 02, 2011, 09:01:12 PM It's a battle I fight daily. Power systems were developed for reliability and safety, not to be secure. Then this cool thing called Ethernet showed up that required no skill to configure....fast forward 20 years and now there's just alot more of it except the business people now want data from the control systems to make decisions..... No problem "just plug that in over there" LOL
Title: Re: Is windows xp sp4 still risky ? Post by: hayabusa on October 02, 2011, 09:22:31 PM Add remote access and regulatory monitoring to that mix, followed, as you noted, by extreme lack of security planning on even a basic OS level, and you have your work cut out for you. I feel your pain. :-(
Title: Re: Is windows xp sp4 still risky ? Post by: impelse on October 02, 2011, 09:46:53 PM Plus some customers said: "we are to small to be hacked or nobody is interested in out information" also "Too much security, we do not need it, relax the sucurity"
Title: Re: Is windows xp sp4 still risky ? Post by: lorddicranius on October 02, 2011, 11:52:44 PM Welcome to the power industry in the US where NT 4 is prevalent. Seriously. The US Navy ship I separated from in 2006 was still using NT 4 as well. They upgraded about a year later though, to Windows 2000. "we are to small to be hacked or nobody is interested in out information" also "Too much security, we do not need it, relax the sucurity" I'm in this very situation at the moment. It's quite frustrating to say the least. Title: Re: Is windows xp sp4 still risky ? Post by: hack_newbie on October 03, 2011, 12:05:04 AM I am very sorry. It wasnt a typo but i remembered sp3 as sp4, my bad. Sorry for my stupid mistake.
Basically what i wanted to ask is, with firewall enabled, and all the updates released so far XP, is pass the hash attack still successful. At my home pc, i tried using VMs but it didnt work. So is my pc secure OS wise in terms of pass the hash attack ? has anyone tried with all the patches installed ? I am asking this to make sure i didnt made any mistake while doing the attack. Need your confirmation in this My apologies again for sp4 confusion Title: Re: Is windows xp sp4 still risky ? Post by: hayabusa on October 03, 2011, 06:00:37 AM Perhaps Google on "pass the hash xp sp3" It yields a pretty decent set of results...
I know I've used it successfully, post-SP3. Title: Re: Is windows xp sp4 still risky ? Post by: ziggy_567 on October 03, 2011, 07:44:37 AM "Pass-the-hash" has absolutely nothing to do with a patch.
It has to do with the way the password hash is stored locally on a machine. Even if you configure the system to store the hash in NTLMv2 but don't change the password, you are still vulnerable. Patching is only a small part of securing a system... Title: Re: Is windows xp sp4 still risky ? Post by: hayabusa on October 03, 2011, 07:49:16 AM @ziggy_567 - there are reasons I suggested Google to hack_newbie... ;)
Title: Re: Is windows xp sp4 still risky ? Post by: 3xban on October 03, 2011, 11:27:54 AM We should just start telling people that everyday you leave NT, 2000 and XP running, a kitten is killed. oo or maybe a boy in a third world country is sent to college to prep for that C level position.
Title: Re: Is windows xp sp4 still risky ? Post by: hayabusa on October 03, 2011, 11:50:10 AM ;D
HAHAHAHA! That's awesome!
Powered by SMF 1.1.18 |
SMF © 2013, Simple Machines
Joomla Bridge by JoomlaHacks.com |