Hi friends, In some engagements, we can have a physical access to a Windows machine. So, today I'll try to simulate that situation on VMware virtual environment: cracking a Windows 7 password with Kali Linux live CD/DVD. I have to say clearly that I'll show how to crack the password, not change or reset or disable it. I'll use the Windows 7 VMware image from Microsoft website to show you the steps below. Please download the virtual machine if you want: link . Because the above Windows 7 is a 32 bit machine, we have to use the 32 bit Kali Linux. 1. Change the setting of the Windows 7 to use the Kali Linux 32 bit ISO file and choose "Connect at power on": 2. Power on the machine to firmware --> change the boot order --> Save change and reboot: 3. Now, we can boot the machine by Kali Linux, let's browse to the folder Windows\System32\config and open a terminal from that location: 4. From that terminal, fire up ophcrack -->
Hi friends, This post will be short because the vulnerability is very clear and straightforward. As you may know, on my 2nd post on Metasploitable 2 hacking , I used Nessus to confirm the vulnerability found by Nmap. The scan results from Nessus are very interesting! So let's just start by looking at the first one: Bind Shell Backdoor Detection. The detail of this vulnerability says very clear that the Metasploitable 2 machine's shell is listening on port 1524. So let's try to use netcat to connect to port 1524. That's easy, right? We also can see the connection from Kali to Metasploitable 2 on port 1524. Let's move to another way.