.

Redirecting traffic

<<

hack_newbie

Newbie
Newbie

Posts: 9

Joined: Fri Jul 01, 2011 12:43 am

Post Tue Jan 24, 2012 3:19 am

Redirecting traffic

Hi all.

I have read that windows 2003 server supports LM authentication for backward compatibility with older windows machine. In my lab setup, i have windows 2003 server, backtrack r4, and windows 98 and windows xp. Now the communication is genuine between 2003 server and windows xp but i need to redirect 2003 authentication to windows 98 so that passwords are sent in lm hashes rather than ntlm. This is hypothetical at this point. Before actually doing this setup, i just need to know am i thinking in the right direction ? can i sniff lm hashes using this way ?
<<

millwalll

Post Tue Jan 24, 2012 5:14 am

Re: Redirecting traffic

What are you trying to do ? Why are you trying to sniff the hashes ? are you not better to just attack the machine direct and then dump the hashes for cracking ?
<<

Triban

User avatar

Hero Member
Hero Member

Posts: 620

Joined: Fri Feb 19, 2010 4:17 pm

Post Tue Jan 24, 2012 9:27 am

Re: Redirecting traffic

Agree with Jamie, if you find a Windows 98 system still in a production environment there are many things you can do to it that are probably much easier than having to dump hashes.  Shoot if password caching is enabled, I think Win98 stores them in plaintext. 

You're average environment will be Windows 2003, Windows XP SP2/SP3.  You will also see more Windows 2008 boxes.  What you should also try and add to the lab is a Windows 7 system.  Eventually enterprises will have to move to it and many are gearing up for that move.  They will either go physical migrations or possibly using VDI solutions so they can maintain their legacy apps on XP. 
Certs: GCWN
(@)Dewser
<<

hack_newbie

Newbie
Newbie

Posts: 9

Joined: Fri Jul 01, 2011 12:43 am

Post Wed Jan 25, 2012 2:10 am

Re: Redirecting traffic

Dear Sir,

Sorry i think i wasnt able to explain properly. I dont have any win98 in my environment. See my assumptions (based on my research)

1) Windows 2003 server and windows xp are genuine machines that need to perform authentication (most likely ntlm)
2) I introduce windows 98 in between as MITM.
3) Now when win2003 needs to perform authentication with windows xp like this
\\<windows-xp-ip>
i want to redirect traffic to windows 98 so that authentication is now forced to LM, so that i can sniff the passwords.

I hope its clear, kindly suggest now
<<

cd1zz

User avatar

Recruiters
Recruiters

Posts: 566

Joined: Sun Oct 03, 2010 9:01 pm

Post Wed Jan 25, 2012 9:33 am

Re: Redirecting traffic

Is this in your own lab? Are you just trying to sniff LM passwords? If so, why don't you just change the box to allow LM hashes? http://technet.microsoft.com/en-us/libr ... 8867(WS.10).aspx

If you're practicing port forwarding, just use something like this: http://www.quantumg.net/portforward.php
<<

hack_newbie

Newbie
Newbie

Posts: 9

Joined: Fri Jul 01, 2011 12:43 am

Post Thu Jan 26, 2012 1:37 am

Re: Redirecting traffic

Dear Sir,

Port redirection is for MITM machine. what i am thinking is, the machine in between should redirect the traffic to another malicious machine. The link you forwarded will redirect from the destination, not from the MITM machine. Kindly correct me if i am wrong

And yes this is for my lab setup

Return to OS

Who is online

Users browsing this forum: No registered users and 0 guests

.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software