New forum theme up and running!
Originally posted by TrevlacIf WINDOWSSYSTEM32CONFIGSYSTEM is missing then you are screwed. That file, along with the WINDOWSSYSTEM32CONFIGSAM file will allow someone to use something like SamInside to create a password hash file that Cain and Abel can brute force or dictionary attack.If you were playing Diablo II, what happened is that someone did something to you, no joke. Because that "system" file is in CONSTANT use by Windows. Windows would never let a program on your machine try to delete it. But someone else with Linux or maybe a script kiddie with Windows could have done it. They possible booted to Linux and got on your hard drive then did:bkhive /mnt/hda1/WINDOWS/system32/config/system key.txtsamdump2 /mnt/hda1/WINDOWS/system32/config/SAM key.txt > pass.txttouch hash.md5md5sum pass.txt > hash.md5md5sum -c hash.md5rm /mnt/hda1/WINDOWS/system32/config/systemrm /mnt/hda1/WINDOWS/system32/config/SAMREBOOT in Windowsopen Cainadd pass.txt to the "cracker" listrun a dictinary or bute-force against itremotely log in to your administrator account on your computerWhat that would do is, take the hash from every password on your machine (windows uses md5 encryption) and he'd be able to break it (eventually) and basicly hack you to peices.I had to do this at Oklahoma State University yesterday. The Cyber Security Invitational (CSI) was a state competition for Cyber Security and Forensics. In the forensics, we had to do get in to the admin account on a machine with only a linux live boot. After the whole competition, I won 1st place. I need to take a pic of my medal...NOW, to protect against this, ONLY play games like D2 where everyone in a wnnabe hacker os a script kiddie, you have to MAKE SURE you have a firewall, and I seriously reccomend getting a Netgear or Linksys router.
Originally posted by SaintLuciferOfTKquote:Originally posted by TrevlacIf WINDOWSSYSTEM32CONFIGSYSTEM is missing then you are screwed. That file, along with the WINDOWSSYSTEM32CONFIGSAM file will allow someone to use something like SamInside to create a password hash file that Cain and Abel can brute force or dictionary attack.If you were playing Diablo II, what happened is that someone did something to you, no joke. Because that "system" file is in CONSTANT use by Windows. Windows would never let a program on your machine try to delete it. But someone else with Linux or maybe a script kiddie with Windows could have done it. They possible booted to Linux and got on your hard drive then did:bkhive /mnt/hda1/WINDOWS/system32/config/system key.txtsamdump2 /mnt/hda1/WINDOWS/system32/config/SAM key.txt > pass.txttouch hash.md5md5sum pass.txt > hash.md5md5sum -c hash.md5rm /mnt/hda1/WINDOWS/system32/config/systemrm /mnt/hda1/WINDOWS/system32/config/SAMREBOOT in Windowsopen Cainadd pass.txt to the "cracker" listrun a dictinary or bute-force against itremotely log in to your administrator account on your computerWhat that would do is, take the hash from every password on your machine (windows uses md5 encryption) and he'd be able to break it (eventually) and basicly hack you to peices.I had to do this at Oklahoma State University yesterday. The Cyber Security Invitational (CSI) was a state competition for Cyber Security and Forensics. In the forensics, we had to do get in to the admin account on a machine with only a linux live boot. After the whole competition, I won 1st place. I need to take a pic of my medal...NOW, to protect against this, ONLY play games like D2 where everyone in a wnnabe hacker os a script kiddie, you have to MAKE SURE you have a firewall, and I seriously reccomend getting a Netgear or Linksys router. You won first place? Do you want a ******* medal too? A ******* statue in your honour ************?
