itp125 - lab 3 - steganography and password cracking(1)

itp125 - lab 3 - steganography and password cracking(1) -...

Info iconThis preview shows page 1. Sign up to view the full content.

View Full Document Right Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: ITP 125 Lab 3 – Steganography & Password Cracking with Dictionaries Due: 10:59AM before the next lab (Tuesday/Thursday depending which one you’re registered in). Submission: email: chsio@usc.edu subject: ITP 125 – Lab 3 These are the things that should be included in the email: • • A image with the 127.0.0.1.ntlm.pwdump hidden within The password for the image Note: The subject must be typed exactly as shown or the filters will miss it. Creating a Administrator Account on Windows 7 1. Windows 7 USB/DVD Download Tool http://images2.store.microsoft.com/prod/clustera/framework/w7udt/1.0/en- us/Windows7- USB- DVD- tool.exe 2. Plug in your 4GB USB into the machines Note:be aware, that it will probably need to be formatted and clean 3. Select the “Source File:” from the following location: C:\ISO\Windows 7 Professional\en_windows_7_professional_x64_dvd_x15- 65805.iso 4. Press “Ok” and wait for it to be completed. 5. Insert the Windows 7 CD/USB into the machine and boot off that medium Note: You will be press F9 to enter the boot menu of the computer. This will be different from different computer, but in the lab all the machines will use F9 6. Select “Repair your computer”, it is a link of the bottom of the Window 7. Make of backup copy of the sethc.exe by doing the following: copy c:\windows\system32\sethc.exe c:\ 8. Replace the copy of sethc.exe in the system32 directory with cmd.exe by doing the following: copy /y c:\windows\system32\cmd.exe c:\windows\system32\sethc.exe 9. Restart the computer, and remove Windows 7 installation medium. Boot directly into the hard disk. At the Windows logon screen, press “Shift” 5- 8 times 10. When the command prompt appears, type the following at the command prompt: net user your_user_name new_password Note: Replace “your_user_name” with the username of your choice, and “new_password” with the password you desire. If you want to use the “net user” command for something different, check the following link: http://support.microsoft.com/kb/251394 12. Add your user into the local Administrators group by doing the following in the command prompt net localgroup Administrators your_user_name 13. 14. 15. 16. Note: Replace “your_user_name” with the username of your choice, and “new_password” with the password you desire. Log into the machine with the account you created, and download the following program http://swamp.foofus.net/fizzgig/fgdump/fgdump- 2.1.0- exeonly.zip Extract the file to the Desktop Right click on the fgdump.exe file and “Run as Administrator” Note: If you see the 127.0.0.1.pwdump file on the desktop, the command has finished, you can close the command prompt at that point. You now have a 127.0.0.1.pwdump in on the Desktop which stores the username and passwords that can be cracked later. To make it easy to crack the passwords later you need to do the following in the command prompt cd Desktop cut –d: - f4 127.0.0.1.pwdump > 127.0.0.1.ntlm.pwdump Hiding Data Using Steganography 1. Download Hide in Picture from the following http://sourceforge.net/projects/hide- in- picture/ Extract the contents to the desktop 2. Download a .bmp or .gif image from the Internet. Remember to get a picture that is larger than the file you wish to hide 3. Download a file that you wish to hide. It could be an image/txt/pdf/etc. 4. Open the Hide in Picture folder you extracted and open the file winhip_en.exe 5. Open the image that you downloaded 6. Goto Image à༎ Hide File… à༎ Select any file that you wish to hide 7. Enter a password for the hiding For the “Encryption Algorithm” use Rijindael (it is otherwise known as AES) 8. Save and close HIP and open the image to view using any image viewer o Can you see if the image has been altered 9. Open the picture again in HIP, and try to extract the file o Image à༎ Retrieve file… o Can you get the original file back? o Cracking Passwords With Dictionaries 1. Download and extract hashcat from the following http://hashcat.net/hashcat- gui/ 2. Download and extract a large dictionary from the following http://downloads.skullsecurity.org/passwords/rockyou.txt.bz2 3. Download a password hash list and save it to the desktop from the following http://www- scf.usc.edu/~chiso/itp.125/ntlm_win7_pw_dump_small 4. Startup hashcat using the 64- bit version ( hashcat- gui64.exe ) • When asked about which hardware device select CPU only 5. Press the Open button and select the hash file that you downloaded 6. Click on Add files… and select the dictionary that you downloaded 7. Under Hash Type: select NTLM 8. Check Write recovered hashes to file: and save this file to the desktop as recovered_hashes.txt 9. Press Start to see the passwords get broken Practical • • • • • Download a larger hash list from the following http://www- scf.usc.edu/~chiso/itp.125/ntlm_win7_pw_dump Break all the passwords and output the password to a file called decrypted_passwords Find an image that is can hold this file that is no more then 1MB in size Take the 127.0.0.1.ntlm.pwdump file that you obtained. Crack the passwords and include it in your submission. Using steganography, hide the cracked 127.0.0.1.pwdump within an image you downloaded. • Email this image and the password to the instructor ...
View Full Document

This note was uploaded on 03/25/2012 for the course ITP 125 taught by Professor Greenfield during the Fall '11 term at USC.

Ask a homework question - tutors are online