Jump to content


Recommended Posts

Hi there. I've been given an assignment at university to get into the administrator profile and leave a text file on the desktop to prove I was there. I have a list of users but all attempts to crack passwords has been unfruitful. I've been given a very restricted guest account so I am attempting to upgrade to another account to hopefully gain more info about the system.

I am looking for advice about where to go from here/upgrade my guest account/get into a very difficult admin account. I'd also like to say that this is completely legal as I have been given this task from the university and it's over virtual machines. (Kali linux to XP).

Link to comment
Share on other sites

Terminology check, do you have password hashes to crack or are you trying to do an online brute force of user accounts? If the latter then rainbow tables aren't what you want.

Take the Nessus issues, look in Metasploit for exploits for them and then see what you've got. If you want to know how to use Metasploit, watch the shows that Mubix did and search for Metasploit Unleashed. Please don't post "I've got these vulnerailities, how do I exploit them" as that would be us doing your homework for you. Asking for help on a specific issue is fine, just not on the whole thing.

My guess is you've probably got MS08-067 or MS08-060, if they are in the Nessus list then a simple google search will show you how to proceed.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...