From: Jason Mayer (slamboy@gmail.com)
Date: Sat Feb 11 2006 - 15:12:31 EST
Hi! I've been reading this mailing list for a long time, and I'velearned a lot of theoretical stuff regarding a pen-test. I've beentaking cisco classes for a bit, and while in class a couple of weeksago the instructor mentioned that the Cisco enable secret passwordhashes were pretty much unbreakable. Well, knowing what I know, Iloaded up cain and abel and showed him and the class how that wasn'tcompletely true and that strong passwords were still required (Idemonstrated the amount of time it takes to brute force the passwordhashes and whatnot with alphanumeric vs alphanumeric+symbols).
Ever since then, I've been getting requests to demonstrate otherthings. Last week, I was asked to demonstrate how to get ntlmpassword hashes and then break them, so I showed the class pwdump2(although in the end I used cain&abel to crack the passwords). Today,the teacher asked if it was possible to intercept and read inplaintext https info. I did some searches in the archives and found areference to odysseus as a MITM proxy. I didn't find any informationin the help files of odysseus regarding the usage of this programthough, so I come to you all for help. If anyone could suggest a MITMprogram to capture https: traffic I'd appreciate it.
I have the perfect learning environment here, with switches/routersand multiple pcs. Since all my knowledge is theoretical, I'd like toget in some practical experience (while educating future networkadmins). Any other things you think I should check into would beawesome. Thanks!
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:30 EDT