1. Gain access to the system

1. Perform Active Online Attack to Crack the System’s Password using Responder

LLMNR is layer 2 UDP 5355. netbios-ns port 137

LLMNR (link local multicast name resolution) and NBT-NS (netbios namer service) are used to performe name resolution on the local link.

Responder is LLMNR, NBT-NS, MDNS poisoner. By default the tool only responds to SMB.

check the interfaces

Now run responder on the interface.

Now when a user on the LAN try to access the unavailable share, responder will capture the hash.

logs are stored in /usr/share/responder folder. We will have a hash. Now crack it with John.

on ubuntu you can install john as

2. Audit system passwords using Lophtcrack

windows tool. Can crack other password on remote machine if you know a single account utilizing SMB. Use password auditing. use password auditing wizard.

L0phtCrackl0phtcrack.gitlab.io

3. Find Vulnerabilities on exploit sites

LogoOffSec’s Exploit Database Archivewww.exploit-db.com

4. Gain Access to a Remote System using Reverse Shell Generator

create msfvenom payload

using apache to transfer the file

Now run msfconsole

set the payload type, port and IP and visit the IP to download the executable. Run it you will get the shell

You can run the following commands in meterpreter.

upload file through meterpreter

the powersploit priv escaltion script./usr/share/windows-resources/powersploit

Now get shell

Now execute the script

Now exit it and to get a VNC from meterpreter use the following command.

LogoOnline - Reverse Shell Generatorwww.revshells.com
Also try different shells from rev shells

5. Gain access to a system using armitage

GUI based msf

Now run armitage from Applications menu. Run intense scan. and then we can create a payload according to our target.

Once the victim opens the payload, we get the session.

6. Gain access to system using Ninja Jonin

Ninja is installed on target and Jonin on attacker machine.

LogoGitHub - ErAz7/Ninja: A general-purpose fully customizable software to control a remote computer behind any NAT, Firewall and proxy. Providing secure shell access, file transfer and shell stream (stream shell output from remote to a local file). Ninja has no prerequisites, you can just download the release and use it right away!GitHub

We need to edit its config file to change the ip and port.

Open the Jonin listenere. it will catch the sessions.

7. Buffer Overflow

LogoSimple Stack Based Buffer Overflow Tutorial for Vulnserver · The Grey Cornerthegreycorner.com
LogoBuffer Overflow | Pentesting Quick Reference OSCP and Beyondnotes.cavementech.com
Follow the detailed tutorial

Tools required

LogoGitHub - stephenbradshaw/vulnserver: Vulnerable server used for learning software exploitationGitHub
https://debugger.immunityinc.com/debugger.immunityinc.com

8. System Password hacking

LogoExam Prep & Training for CEH Practical (Unofficial Course)Udemy
CEH Practical Course
PreviousModule 6. System HackingNext2. Privilege Escalation

Last updated

Was this helpful?