Windows password cracking

Http://www.hackest.cn/post/102/1/1/

Introduction

I have been wondering, in what way can I control the permissions that have been obtained for a long time? Webshell, Trojan, or even rootkit? The webshell trace is too obvious. Even a webshell with one sentence is easily cleared by the Administrator. Trojan horses are easy to be detected by experienced administrators. After all, there are still few Trojans that can be used in silent and colorless scenarios. In the early stage, we had to build a process by ourselves, and the process was over after the process was completed. Later we had a trojan injection process, and later we had a trojan started with a service, some of them are started by replacing some irrelevant system services ...... However, the above method is too concealed. No matter how perfect your backdoor is, no matter how easy your Trojan program is to be killed, you still cannot leave no trace.

Is there no way? Also, a famous saying from a predecessor (withered rose) woke up n nookies (such as my stream): I generally do not like to leave Trojans or backdoors on the server, I prefer to use the Administrator's access method to manage the server ). What is the administrator's access method? In other words, the administrator can access the server. If the terminal is 3389, We will access the terminal. Of course, the premise is to find a way to get the password of his administrator user; if the terminal is pcAnywhere, we can find a way to get his pcAnywhere password to enter. If he is Radmin into the server, we also need to find a way to get his Ramin password to enter. In this way, the concealment is greatly improved, and it is not so easy for bots to run away. If the password is the domain administrator password, if the password can be used to manage machines in the entire data center, if the password can be used to kill the Intranet, if this password can still be used to log on to his QQ! To be exaggerated, even if he reinstalls the system, he still uses the password. Then your zombie will be revived ...... It's terrible )! Go straight to the theme-Windows password cracking strategy. This article refers to system password cracking without physical access. If hackers are physically exposed to computers, there will be no system at all, and the operation will be simpler and faster.