|
|
|
21 Search Engine Terms Every Web Marketer Should Know Part 1.
1. Search Engine - Is a database of web sites that is ranked according to the computerized criteria that the programmers decide upon called an algorithm. Various search engines determine ranking on their own different factors of importance or...
5 Desktop Computer Hardware Myths Exposed
The big boys in the computer industry want you to continue
thinking the way you are. The major desktop computer
manufacturers thrive on consumers lack of knowledge and old
ideas about desktop computers and computer hardware to drive
sales of new...
Buying a computer? Ask these 3 questions!
1. Why do you need a computer? Whether you are a new user or advanced one, whether this is your first computer or second (or even third), be clear as to why you want a computer before you even think of buying one. How will you use your computer?...
Computer Rentals: The Best Classroom Computer Training Solution
For classroom training renting computers, sound systems and projectors from Rentacomputer.com is the easiest and most cost efficient way to coordinate corporate training initiatives with the least amount of headaches. Visit "The Rent Computer PC...
Get Ahead When You Build Your Own Computer
If you’ve been kicking around the idea of building your own computer, it actually isn’t a bad idea. It’s easier than you might think, and you can probably come out with a system that gives you more kick for your money, than you’d see in retail, or...
How To Backup Your Hard Drive
We all know that we should back up our system as soon as possible. But if you're like most of us, you will get to it tomorrow. The problem is that tomorrow rarely ever comes until you experience a serious computer failure and then it’s too late....
How to thwart the Barbarian Spyware!
Today,on most internet user's computers, we have the ability to employ software, along with our
intelligence, to prevent viruses and spyware.
To put this article into proper perspective, we'll use
Medieval defense tactics.
This is...
Password Security - How Secure are You?
Passwords - we use them every day, here in cyberland. They're used as the first step in identifying ourselves. Yes, we're allowed to logon to this network, because we have the pre-approved password. They're necessary for our online banking...
The history of computer
The early computers
The history of computer dates back a lot longer than the 1900s,
in fact computers have been around for over 5000 years.
In ancient time a "computer", (or "computor") was a person who
performed numerical...
Understanding Sleep and Hibernate Power Settings on your Computer
New computers come with two new power settings that may be
unfamiliar to many people. The settings known as "sleep" and
"hibernate" may sound fun and playful but can actually be
powerful tools to extend the life of your computer, give...
|
|
| |
|
|
|
|
|
|
Crack The Code - That's A Direct Challenge
You may reprint or publish this article free of charge as
long as the bylines are included.
Original URL (The Web version of the article)
------------
Crack The Code - That's A Direct Challenge
Title
-----
Crack The Code - That's A Direct Challenge
I Challenge You To Crack The Code
-----------------------------------------------
I had quite an interesting experience recently. I was hired
by a company to perform a vulnerability assessment and
penetration test on their network. During the initial
meeting, one of the key technical staff presented me with a
challenge; He handed over the NTLM hash of the domain
Administrator account and challenged me to decipher it.
He explained that the complexity and length of the password
would prevent me from deciphering it during the time allotted
for the project. He was actually quite confident in my
impending failure.
In most cases, this individual would have been right on the
mark. On the other hand, I'm not sure he expected to
challenge someone who has close associates with discretionary
time on some of the most powerful computers in the world.
6 Hours, 2 Servers, 64GB of Memory, and 32 Processors Later
and.....
--------------------------------------
It took just under six hours to decipher the password. Of
course, my 'associates' were using a program of my choice
on servers with 32 processors and 64GB of RAM a piece.
It's nice to have friends with access like this.
Especially in my line of work. Needless to say, my client
was shocked when I called him the next day and gave him
the password.
Let's Have Some Fun: A Challenge For You
----------------------------------------------
(In order for you to do this, you need to go to:
http://www.defendingthenet.com/NewsLetters/
CrackTheCode-ThatsADirectChallenge.htm)
Shortly after this experience, I started thinking about
writing an article about it. Then I thought to myself,
why write just an article? Why not come up with a challenge
for our readers?
Hidden in this article is information that will ultimately
provide you with a phrase that has been encrypted. You will
need to know a few pieces of general information such as,
where to find the hash in this article,
how to extract the hash from the article, what the password
is that will reveal the hash, and what type of hash is being
used! Still with me on this? You will need to do all this
before you can start cracking the encrypted phrase.
First, you need to find the hashed phrase located in this
article. I'll give you a hint; I recently wrote an article
about hiding messages in files. This article can be found
on the Defending The Net Newsletter Archive. It is also in
the www.CastleCops.com archive. Oh, and once you find where
the hash is you will need a password to extract it. This one
I am going to give away. The password to extract the hash
is 'letmein' (without the ' ' of course).
Then, you will need a tool that can easily handle
deciphering of the hash once you extract it from this
article. There are quite a few out there that will do the
job, however, I highly recommend using pnva naq noyr i2.69,
a publicly available security tool that no self respecting
security engineer should be without. You will also need to
know the type of hashing algorithm that was used. I decided
to use zrffntr qvtrfg svir because it is relatively
well-known. (Try saying that 13 times real fast!)
Conclusion
----------------
The first person to successfully unravel this riddle and
e-mail me at riddle@paralogic.net with the deciphered phrase,
along with a detailed description of how they accomplished
the task, will receive a 512MB, USB2.0 Jump Drive. As soon
as we receive this information we will post it on the main
page of www.defendingthenet.com and www.castlecops.com.
About the Author
About The Author
----------------
Darren Miller is an Information Security Consultant with
over sixteen years experience. He has written many
technology & security articles, some of which have been
published in nationally circulated magazines & periodicals.
Darren is a staff writer for www.defendingthenet.com
|
|
|
|
|
|