Saturday, 26 July 2014

Wifi Password using Command Line Windows

Imagine a scenario where you get access to remote machine command prompt, and you want to retrieve WiFi Password so that you can connect to WiFi Network and perform your further penetration testing...

Yes, you can enumerate WiFi profiles and retrieve their passwords in Clear Text through windows commands.

   Command : "netsh wlan show profiles"

   Command : "netsh show profiles samsung key=clear"


These are very small things, But really powerful when you are working on penetration testing assignments, of course this is all scenario based hacking, hope this is helpful.


Friday, 25 July 2014

Sniffing RDP Session Keystrokes with Cain & Able

Cain & Able is very easy to use tool for ARP Poisoning Attack, and at the same time it is powerful.

It has ability to do Man-In-The Middle against the RDP “Remote Desktop Protocol” using which attacker can actually sniff Keystrokes being typed in RDP session, and believe me this can be used in most of real environment while doing Penetration testing

Although ARP Generates lot of traffic, it is worth if you can get hold of credentials ;) in some cases.

Below screenshot shows option where you will find ARP RDP Session details.

   Once captured RDP Session, you can look for "Key released" and in below screenshot you can find
   "cd \" command is executed in RDP session.

Imagine if someone is trying to Log in to other machine from RDP using SMB....or SSH ;)

Hope this helps.