April 3, 2010 at 4:36 pm #4899
I am currently locked out of my computer. I’ve got my netbook connected to my wireless network. Is it possible to use Cain and Abel or Wireshark to pull my windows accounts off my desktop computer and crack them on my netbook? I know Cain allows you to crack Windows Logins that are on the machine Cain is currently running on but I know either Cain or Wireshark can crack Windows Logins on another machine wirelessly.
Can anyone help me?
April 3, 2010 at 5:39 pm #30848
Those tools won’t allow you to do that.
You can restart it, and boot some live distro and grab the SAM file(easy way), or
you can do this, connect to same network with different device, and find IP of your netbook, scan to see if any ports are open, run an msf, and exploit it, if its successful you can dump the hashes, and crack it to get the password.
how did you get locked out of your netbook anyway?
April 3, 2010 at 6:03 pm #30849
Locked out of desktop. I am on my netbook. I’ve had to put a password on it one weekend cuz of some of my cousins like looking through my computer. I don’t like that so I password protected it. I remembered the password that weekend but I never shut down or lock my computer so I forgot all about the password. So I was just wondering if it was possible to crack the password for my account using my netbook over my wireless internet.
Could you please explain the second method better? I’d like to learn how to do it this way. I’ve also had problems like this with my friends computer. He also got locked out of his computer. It was basically the same situation I’m in except he didn’t have a netbook or anything. So he had to pay someone to do it. So I’d appreciate it if you could help me out with this. Thanks
April 3, 2010 at 8:53 pm #30850
April 3, 2010 at 8:56 pm #30851
Thanks but I prefer to attempt to crack it wirelessly on my netbook.
April 3, 2010 at 9:11 pm #30852
i recommend konboot too. but if you must crack it wirelessly, do you have any experience with nmap or metasploit?
April 3, 2010 at 9:13 pm #30853KetchupParticipant
I am starting to smell something fishy here.
April 3, 2010 at 9:17 pm #30854
I’ve heard of metasploit. Apparently there was a way to crack accounts like I want to with it but I’ve heard it was recently patched? But please explain I’ll try my best to get it working.
April 3, 2010 at 9:31 pm #30855
April 3, 2010 at 9:39 pm #30856
What’s wrong with my story? I’m just trying to further my knowledge of wireless network cracking by asking these questions. However the story is true. I can’t remember the password on my desktop computer which I want to hack wirelessly. It’s more challenging and seems more fun. So don’t judge me by my story. I appreciate all help you guys have offered so far and would like it if you could continue to help me.
April 3, 2010 at 9:47 pm #30857
Sorry, I guess if I was in that situation, I would just want to get back into my machine ASAP and not make a challenge out of it…
You’re going to find that to be quite the task if the firewall is on. You’ll probably get stuck doing something like brute-forcing SMB (assuming you have file sharing enabled).
April 3, 2010 at 9:51 pm #30858
if i needed to get in machine quickly i would use konboot or something like that..
but if i wanted to further my knowledge i would write down password (just in case) and then try all the tricks.
April 3, 2010 at 10:00 pm #30859
Sure I could crack it and write down the password. Maybe I’ve even already done that. But that still won’t help me learning what I wanted to learn. Now I know my desktop is sharing a whole drive (External Drive) Which I can access from my netbook. But let’s say I wasn’t sharing anything at all. Could I still crack my accounts password?
Now I don’t know everything there is to know about all this cracking stuff yet but I’m willing to learn so bare with me if I say something stupid.
I know Cain and Abel can crack passwords as long as it has the hash for it to crack. So if I can get the hash of my accounts password via my netbook wirelessly I can crack the password. Easy as that. Except I need to figure out how to get the hash first right? And keep in mind I want to do this all wirelessly.
April 3, 2010 at 10:16 pm #30860KevParticipant
Sorry but you are not going to be able to accomplish what you are trying to do unless you can exploit the target system. If its not vulnerable to an exploit you are sol. Its ironic that home systems with fewer services running on them connected with a basic wireless router can “sometimes” be harder targets to exploit than over worked large corporate servers running too many outdated applications.
April 3, 2010 at 10:18 pm #30861
Alright. Well thanks for all the help then. I appreciate it.
April 3, 2010 at 10:29 pm #30862hayabusaParticipant
If your sole purpose it to get back into your machine, boot it to one of the Linux password removal / recovery CD’s. I understand ‘learning something new,’ but I usually setup my LAB to do that, not screw around on my desktop for which I ‘forgot’ the password conveniently, because I set one to keep prying eyes out. Personally, I’d prefer to get back in, and be done with it. If you’re capable and understanding enough to password protect your machine, because you think someone’s getting into it (not like it’s difficult, but seriously…,) then these requests sound a bit too mundane for your experience, particularly if you’re running around with a netbook and packet sniffers / CAIN. Sounds m ore to me like you’re working on accessing something that maybe you shouldn’t be.
*** One note, a little research would tell you that Wireshark is a packet / LAN sniffer. That’s it. It is NOT a cracking / hacking tool (isn’t written to be one,) and cracks NOTHING by itself, except for decoding encrypted traffic (IF you have access to the encryption keys, and provide them.) It’s purpose in life is Network traffic analysis and troubleshooting, although it can be used in conjunction with other things to accomplish more. ***
So yes, I’m sorry, but I tend to side with Ketchup’s gut instinct on this, and I’d agree that something sounds a little ‘off.’ Is it me, or does this sound like someone wants to access a neighborhood (or other) computer, which just happens to be on wireless…? Quite honestly, that’s what my gut is telling me, as well. I dunno, maybe it’s just me. (And I haven’t had my sushi yet, today…)
April 3, 2010 at 10:33 pm #30863Dengar13Participant
I am with you and Kethchup on this one. And once this knowledge is gained, I am betting that we will never see the OP again. We are not flaming you, but we have been around this forum long enough to know better.
I think the posters above have given you quite a bit of information that you can use for your scenario(s).
April 6, 2010 at 11:10 am #30864VertigoParticipant
There are myrriad of LM/NT password cracking toosl.
One of Them : Boot from 0phcrack Live CD and crack LM/NT hashed local admin passwords.
April 6, 2010 at 3:38 pm #30865rattisParticipant
I’m still a little too trusting. I did something similar in my lab recently (my lab is several virtual machines).
I set my target box’s password to something like Easy_Break_Oven, to play with a rainbow table tool on it. I didn’t bother to write down the password, was going to change it when I was done, and it was a few weeks before I got back to to it (curse work).
Although I just reset it with Trinity Rescue Kit. Which will give you experience with why physcial security is important.
Then you can set up a lab, and re-create the current conditions.
April 6, 2010 at 7:08 pm #30866IgnatiusParticipant
I did the same in a test lab a while ago so now I commit the unforgivable … I write the lab passwords down but then I lock them in a filing cabinet. Of course, I don’t write down my “real live system” passwords!
April 14, 2010 at 9:56 pm #30867jinwald12Participant
You must be logged in to reply to this topic.