Cracking Passwords
o Password Types
o Types of Password Attacks
o Passive Online – Wire Sniffing
o Passive Online Attacks
o Active Online – Password Guessing
o Offline Attacks
• Dictionary Attack
• Hybrid Attack
• Brute-force Attack
• Pre-computed Hashes
o Non-Technical Attacks
o Password Mitigation
o Permanent Account Lockout – Employee Privilege Abuse
o Administrator Password Guessing
o Manual Password Cracking Algorithm
o Automatic Password Cracking Algorithm
o Performing Automated Password Guessing
o Tools
• NAT
• Smbbf (SMB Passive Brute Force Tool)
• SmbCrack Tool
• Legion
• LOphtcrack
o Microsoft Authentication - LM, NTLMv1, and NTLMv2
o Kerberos Authentication
o What is LAN Manager Hash?
o Salting
o Tools
• PWdump2 and Pwdump3
• Rainbowcrack
• KerbCrack
• NBTDeputy
• NetBIOS DoS Attack
• John the Ripper
o Password Sniffing
o How to Sniff SMB Credentials?
o Sniffing Hashes Using LophtCrack
o Tools
• ScoopLM
• SMB Replay Attacks
• Replay Attack Tool: SMBProxy
• Hacking Tool: SMB Grind
• Hacking Tool: SMBDie
o SMBRelay Weaknesses & Countermeasures
o Password Cracking Countermeasures
o LM Hash Backward Compatibility
o How to Disable LM HASH?
o Tools
• Password Brute-Force Estimate Tool
• Syskey Utility
Escalating Privileges
o Privilege Escalation
o Cracking NT/2000 Passwords
o Active@ Password Changer
o Change Recovery Console Password
o Privilege Escalation Tool: x.exe
Executing applications
o Tool:
• Psexec
• Remoexec
• Alchemy Remote Executor
• Keystroke Loggers
• E-mail Keylogger
• Spytector FTP Keylogger
• IKS Software Keylogger
• Ghost Keylogger
• Hardware Keylogger
• Keyboard Keylogger: KeyGhost Security Keyboard
• USB Keylogger:KeyGhost USB Keylogger
o What is Spyware?
o Tools
• Spyware: Spector
• Remote Spy
• eBlaster
• Stealth Voice Recorder
• Stealth Keylogger
• Stealth Website Logger
• Digi-Watcher Video Surveillance
• Desktop Spy Screen Capture Program
• Telephone Spy
• Print Monitor Spy Tool
• Perfect Keylogger
• Stealth Email Redirector
• Spy Software: Wiretap Professional
• Spy Software: FlexiSpy
• PC PhoneHome
o Keylogger Countermeasures
o Anti-Keylogger
o PrivacyKeyboard
Hiding Files
o Hacking Tool: RootKit
o Why Rootkits?
o Rootkits in Linux
o Detecting Rootkits
o Rootkit Detection Tools
• BlackLight from F-Secure Corp
• RootkitRevealer from Sysinternals
• Malicious Software Removal Tool from Microsoft Corp
o Sony Rootkit Case Study
o Planting the NT/2000 Rootkit
o Rootkits
• Fu
• AFX Rootkit 2005
• Nuclear
• Vanquish
o Rootkit Countermeasures
o Patchfinder2.0
o RootkitRevealer
o Creating Alternate Data Streams
o How to Create NTFS Streams?
o NTFS Stream Manipulation
o NTFS Streams Countermeasures
o NTFS Stream Detectors
• ADS Spy
• ADS Tools
o What is Steganography?
o Tools
• Merge Streams
• Invisible Folders
• Invisible Secrets 4
• Image Hide
• Stealth Files
• Steganography
• Masker Steganography Tool
• Hermetic Stego
• DCPP – Hide an Operating System
• Camera/Shy
• Mp3Stego
• Snow.exe
o Video Steganography
o Steganography Detection
o SIDS ( Stego intrusion detection system )
o High-Level View
o Tool : dskprobe.exe
Covering tracks
o Disabling Auditing
o Clearing the Event Log
o Tools
• elsave.exe
• Winzapper
• Evidence Eliminator
• Traceless
• Tracks Eraser Pro
• ZeroTracks
Source:
http://www.eccouncil.org/EC-Council%20Education/ceh-course-outline.htmDon
Other : Windows 7 Beta Available Tomorrow
OSCP - Offensive Security Certified Professional : Offensive Security Releases Sample Pen Testing Report
