Security Information and Review

Collection of security information and review

Posts Tagged 'password guessing'

Microsoft Windows Authentication Spoofing Attack

Author : Admin

The common way to attack Microsoft Windows Sytem is pass through the Windows File and Print Sharing Service, which operates over protocol called SMB ( Server Message Block ). SMB protocol listening on TCP port 445 and 139 ( also known as NetBIOS based service ). An attacker commonly attacked via password guessing on Microsoft Remote Procedure Call ( MSRPC ) listening on TCP port 135, Terminal Services on TCP port 3389 and other services.


In this discussion, we will describe how to attack MS Windows System via password guessing and assuming that SMB is accessible. The most effective method for breaking into a Windows System is remote share mounting such as IPC$ or C$. Combination username and password is used to connect to an enumerated share. We will use the net use command like this. … continue reading : Microsoft Windows Authentication Spoofing Attack.

4 July 2009 at 17:55 - Comments