m11-lab1

docx

School

Schoolcraft College *

*We aren’t endorsed by this school

Course

262

Subject

Information Systems

Date

Nov 24, 2024

Type

docx

Pages

8

Uploaded by DrRamMaster341

Report
M11 Lab 1 Worksheet Preparation Access and Log into NDG Online using the account you created in Module 0 and open the NDG Security+ V4 labs. As you complete the labs, refer to this assignment to provide the required information and answer questions. Locate and click on the link for No Lab: Launch Cyber Range Activities These activities will be slightly different than the prior labs in that the instructions for how to complete the activities will be documented here rather than in the area in the NDG Lab environment Part 1: Creating Users and Passwords 1. Click the Kali tab to access the Kali VM 2. Log in to the Kali VM as username kali , password kali 3. Click on the terminal icon located in the top menu bar
4. In the Terminal window, type the command cat /etc/group and take note of the existing groups on the system. 5. We will be creating the following new user accounts and groups to be used in the next portion of the activity Group: accounting Username Password gsmith 123456 tjones chicago 6. In the terminal window, type sudo groupadd accounting to create the accounting group. When prompted for the password, enter kali 7. In the terminal window, type sudo useradd gsmith -g accounting 8. In the terminal window, type sudo useradd tjones -g accounting 9. Use the cat /etc/passwd command to view the /etc/passwd file and ensure the users were created successfully The new users will be shown at the bottom of the command output.
10. Use the sudo cat /etc/shadow command to view the /etc/shadow file and observe the values next to the users you created at the bottom of the command output: These values indicate that there is currently no password information stored in this file for the users we created because no passwords were assigned to them yet. 11. Use the following commands to set passwords for the users we created to the values in the table listed previously in the lab. sudo passwd gsmith sudo passwd tjones
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
12. Use the sudo cat /etc/shadow command to view the /etc/shadow file and note that there are now hashed password values associated with the accounts we created. Take a screenshot of the entire terminal showing the results and insert it below (2 points) Part 2: Cracking User Passwords 1. Type sudo gzip -d /usr/share/wordlists/rockyou.txt.gz to prepare a file containing millions of common passwords. This file will be used to crack the passwords set in Part 1. 2. Type ls /usr/share/wordlists to verify the rockyou.txt file is shown in this directory (note: the “l” in the ls is a lowercase “L”) 3. We will be using John the Ripper along with this wordlist to crack the passwords for the users we created in Part 1. At the terminal, type john -help to view the available options that can be used with John the Ripper.
4. Type the following command to combine the /etc/passwd and /etc/shadow files into one text file. John the Ripper will use this file when attempting to crack the user passwords. sudo unshadow /etc/passwd /etc/shadow > usersandpasswords.txt 5. Run John the Ripper against the usersandpasswords.txt file using the wordlist we prepared in the prior steps. john --format=crypt --wordlist=/usr/share/wordlists/rockyou.txt usersandpasswords.txt This tells John the Ripper to calculate hashed values of each entry in the specified wordlist against the hashed passwords contained in usersandpasswords.txt file we created by combining the /etc/passwd and /etc/shadow files. For the current scenario, this process can take a few minutes for the cracked passwords to display in the command output.
6. When the cracked passwords both of the users we created earlier are displayed on your screen, take a screenshot of the entire terminal showing the results and insert it below (2 points) If John the Ripper is still running after displaying the passwords for our users, press Ctrl+c by holding the Ctrl button and then pressing C on your keyboard to cancel the current process. 7. John the Ripper also stores passwords that have been previously cracked so you can view them at a later time. Type the following command to view the passwords we cracked in the previous step: john –-show usersandpasswords.txt Take a screenshot of the entire terminal showing the results and insert it below (2 points)
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
Reflection Note: It may be helpful to refer back to the lab instructions or your screenshots to answer the following questions. 1. In many Linux distributions, file system permissions to /etc/shadow are limited to the root user only. a. How does this relate to recommendations for hardening systems? (2 points) Click or tap here to enter text. b. List one other system hardening recommendation that would be potentially effective against the password attacks used in this lab. (2 points) Click or tap here to enter text. 2. The tools used to crack passwords in this lab all utilized word list files that included a mix of potential passwords and dictionary words. a. This can be a slow process in the case an attacker is using a large word list with thousands or millions of entries. What can an attacker use instead to speed this process up? (2 points) Click or tap here to enter text. b. Indicate three different requirements for passwords you could recommend to better protect against the attacks utilized in this lab, and how they could help. (3 points) i. Click or tap here to enter text. ii. Click or tap here to enter text. iii. Click or tap here to enter text.
3. In this lab you used security tools to crack password hashes. Whether a target system is running Windows or Linux, this process typically requires access to the target system and the ability to run software designed to obtain the hashed password values. Read I can get and crack your password hashes from email from CSO Online and answer the following questions. a. How did the attacker obtain the password hash from the author’s Windows system? (2 points) Click or tap here to enter text. b. Did the attack described in the article require access to the targeted system? (2 points) Click or tap here to enter text. c. Provide at least one example of both a system and email protection from the module that could be effective at stopping an attack like this – and why. (4 points) i. Click or tap here to enter text. ii. Click or tap here to enter text.

Related Documents

Week 6 CYBS 2010 Assignment.docx
disscusion 1 .docx
CIS207L_5.2_Technical_Presentation_Talking_Points.docx
Discussion Response.docx
survey questions.docx
CS 2.docx
Assignment..edited.docx
Week 5 arch22.docx
Exercise 12.docx
scribd.vdownloaders.com_autoevaluacion-n03-revision-del-intento3.pdf
5668513 Washington DC Metro Rail System.docx
Reflection on Milestone 2 Project.edited.docx