Hihihi.. I was trying testing a server which holds the username and password for all the employees. Try to guess what server it is?
I got the administrators password by doing some sort of social engineering called shoulder surfing. Never thought it was so easy.. hihihi
Then trying to dump the password hashes remotely from my computer, but did'nt get any result... I wonder why.. so I do a little auditing and found that the remote registry service is disabled on the target machine.
Having admin access to that machine is like winning a RM 10,000 lottery. I disabled the infamous china bear anti virus services (because this anti virus block my process of dumping the password hashes) - guess aunty virus will certainly know the 'china bear' hihihi.
Using the fgdump utility, i managed to get all the users passwords.. oh my god.. there's 3228 users..
Actually I'm just doing a POC on password handling.. Remember, password is like a toothbrush, never share it with others :)
I got the administrators password by doing some sort of social engineering called shoulder surfing. Never thought it was so easy.. hihihi
Then trying to dump the password hashes remotely from my computer, but did'nt get any result... I wonder why.. so I do a little auditing and found that the remote registry service is disabled on the target machine.
Having admin access to that machine is like winning a RM 10,000 lottery. I disabled the infamous china bear anti virus services (because this anti virus block my process of dumping the password hashes) - guess aunty virus will certainly know the 'china bear' hihihi.
Using the fgdump utility, i managed to get all the users passwords.. oh my god.. there's 3228 users..
Actually I'm just doing a POC on password handling.. Remember, password is like a toothbrush, never share it with others :)
4 comments:
usen ajar aku gaks....
ya ilmu klu bawak mati rugi....klu d kebangkan menjadi2 kembang semagkuknya
ct.. leh ajer nak ajar ko.. insya allah tada hal punya.. ko tgk yan skang ni.. dah bertambah kembang hasil dari ilmu yang dikembangkan :P
Hmm.. aku ada plan nak buat web site personal ni.. ingat dlm tu nak letak tutorial2 security dlm bahasa melayu..