MrStuggles Posted November 18, 2014 Share Posted November 18, 2014 Hi there. I've been given an assignment at university to get into the administrator profile and leave a text file on the desktop to prove I was there. I have a list of users but all attempts to crack passwords has been unfruitful. I've been given a very restricted guest account so I am attempting to upgrade to another account to hopefully gain more info about the system. I am looking for advice about where to go from here/upgrade my guest account/get into a very difficult admin account. I'd also like to say that this is completely legal as I have been given this task from the university and it's over virtual machines. (Kali linux to XP). Quote Link to comment Share on other sites More sharing options...
cooper Posted November 18, 2014 Share Posted November 18, 2014 Since this is for school, they should've told you where to look and what to look for. Maybe you should start specifying the things you've tried so far? Quote Link to comment Share on other sites More sharing options...
MrStuggles Posted November 18, 2014 Author Share Posted November 18, 2014 Well I've got some vulnerabilities using Nessus. I've got users and their groups using rpcclient, I've tried cracking the password for the admin, and some select users. I was thinking of using some rainbow tables but time is a factor Quote Link to comment Share on other sites More sharing options...
digininja Posted November 18, 2014 Share Posted November 18, 2014 Terminology check, do you have password hashes to crack or are you trying to do an online brute force of user accounts? If the latter then rainbow tables aren't what you want. Take the Nessus issues, look in Metasploit for exploits for them and then see what you've got. If you want to know how to use Metasploit, watch the shows that Mubix did and search for Metasploit Unleashed. Please don't post "I've got these vulnerailities, how do I exploit them" as that would be us doing your homework for you. Asking for help on a specific issue is fine, just not on the whole thing. My guess is you've probably got MS08-067 or MS08-060, if they are in the Nessus list then a simple google search will show you how to proceed. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.