TDS-TIVOLI EXAM (000-928) DUMP

IBM 000-928


000-928 IBM Tivoli Directory Server V6.1

Implementation

Practice Test

Version 3.0


QUESTION NO: 1

What makes up the LDAP schema?

A. only a person's name and phone numbers

B. definitions ofobjectclasses and attributes

C. a person's name and applications to be accessed

D. a list of other IBM Tivoli Directory Server V6.1 servers in the customer environment

Answer: B

QUESTION NO: 2

Which type of class is the top-most (top) object class in the LDAP schema?

The SSL layer Hacking-The Middle Man Attack

In todays time one of the most successful way of gaining information such as passwords,user ids etc in LAN (local area network) is through man in the middle attacks . Let me not go into deep into Man in the middle attacks, just try do some googling but in simple words it can be explained as attacker or a hacker listening to all the information sent in between the client and the server .To prevent these kind of attacks Email providers started using Hypertext Transfer Protocol Secure (HTTPS) It is a combination of the Hypertext Transfer Protocol(HTTP) with SSL (Secure socket layer )protocol to provide encrypted communication between the client and the server .So when a hacker caries out a Mimt attack the victim is cautioned with a invalid SSL Certificate



In this tutorial I will teach how to carry out a successful Mitm attack

Concept :-

We Know that HTTP (Hypertext Transfer Protocol )simply sends all the information through plain text .So if we make the victim use HTTP instead of HTTPS to connect sites like Gmail , Pay pal. we will be able to carry out a successful Mitm attack with out causing any suspicion To do this we are going to use a tool called SSL strip



Thing we Need

1. SSL strip: You can search Google for SSL strip it comes both in windows and Linux versions . I will be using the windows version in this tutorial

2. Ettercap to carry out mitm attacks

Demonstration :-

1. Open SSL strip and fill in all the required information for arpsoof, network ,ssl strip, change data .If you don’t know what to enter simply click auto check . remember to check if HTTPS to HTTP is included in Change data , finally click ok

2. Now select the victim’s IP and click open

3. Now open ettercap go to sniff -unsniffed sniffing and select your network interface and click ok 

4. Now select hosts-scan hosts .Once scanning is completed .Open host list from hosts tab .Now select the IP address of the router as target 1 and the victims IP as target 2

5. Now select mitm-arp poisoning and click ok as shown

6. Finally select start-start sniffing .Now when the victim logs into gmail he will be using HTTP and not HTTPS Hence we are able to get the User id ,passwords as shown below

Counter measures:

1. whenever you perform an online transaction such as Credit card payment, Bank login or Email login always ensure that you Use HTTPS

2. Always check the SSL certificate before doing an online transaction

About The Author

This article is writen by John Bekhan, , If you are interested in writting a guest post on MAYANKTECH, You are most welcome to mail me.I will publish it with your Name and Fame!!

Crack Windows Administrator Passwords in a Minute

I always find troubles with working at ease  in schools ,college just as it needed  to log in with admin privileges to do various things

There are many way to crack passwords. But in this tutorial I will explain a very basic method using a single tool to crack windows password . This might come handy in places like schools ,collages where you cant use your live Linux cds , usb ..etc because your being watched

Things we need :

1. Pwdump or Fgdump to extract password hashes

In this tutorial I will be using Pwdump

Extracting Password hashes :-

1. Open My computer and go to C:\Windows\system32 . now place the Pwdump file which we download earlier

2. Now open command prompt and navigate to C:\Windows\system32 \Pwdump

Using cd command and click enter

Example :-

Cd C:\Windows\system32 \Pwdump


3. Now you can see a list of Pwdump commands as shown

4. Now enter pwdump - localhost >>“ destination of output file “ (for 32 computers) and pwdump -x localhost >> “destination out put file “(for 64 bit computers )


Example :-

Cd C:\Windows\system32 \Pwdump localhost >> C:\hashes.txt

Cd C:\Windows\system32 \Pwdump -x localhost >> C:\hashes.txt

MAYANKTECH.CO.NR

5. Now open  the Out put  file  you can see the names of the different  users with password hashes Now copy the hashes  corresponding to the admin account

Cracking The Hashes

Considering that we are in school/collage were we cant use tools to crack passwords so as an alternative we are using online password cracking sites

1. Go to online password cracking sites like www.cracker.offensive-security.com , www.onlinehashcrack.com and paste the hash select hash type as LM and click decode

2.By this way we are able to crack windows password using a single tool

Note:- If your not able to crack password hashes online use tools like john the ripper to crack password hashes . You can even copy the hashes and decoded it in your house

Watch n enjoy ICC World cup live

Mayank's
Todays Hack:
------------------
Watch n enjoy ICC World cup live.. even at your lowest net speed on your pc

http://cricfire28.blogspot.com/2010/10/live-cricket-video-server-3.html
...
or alternative try these
Extracover.net
Crictime.com
Webcric.com
Cricfire.com
and 4 any channel like Star plus,MTV etc
then goto:
http://www.peepat.com/tv/cnbc_awaaz_19.aspx
enjoy frenz
@www.mayanktech.co.nr 4 such updates

Free Tata Docomo GPRS

Here is the settings for Free Tata Docomo GPRS on your Mobile:

Apn: TATA.DOCOMO.DIVE.IN
Ip-Address: 10.124.94.7
Port: 8080