Lisa explore the various types of password cracking techniques. Explore how black hat hackers try to gain access to a system. Understand the process for guessing a password though reconnaissance and information gathering on a target. Compare the steps and efficiency of brute force, hybrid, and dictionary attacks.
- [Voiceover] Although there are various types of password cracking techniques, guessing a password is pretty much the most efficient and can be done if someone uses an easy to remember password such as a pet's name, or has even left the default value. Perhaps during the information gathering phase, you've learned their pet's name and that would be something you could try. I'm at this website, Password Random, which here we can see a list of common passwords that you might try.
In fact, they've even put the md5 hash value in it as well. In addition, default passwords are left on a device or application many times and here we see that there is a list of default passwords, and again, we might try these. I'll scroll down, take a look at for example, Apache. Here we can see the different versions of Apache and the different user ID's and passwords. This is especially true when it comes to home, or small office home routers, but could be applied to a company as well.
In fact, in a recent news article, it states that over 60% of confirmed data breaches involved using weak, default, or stolen passwords. Even with security education and training, many employees still can't recognize a phishing attempt. A dictionary attack uses a list of words, perhaps the most common passwords. I'm in Wire Shark and here I have a capture that is trying to gain access into an FTP server.
I'll simply right click, follow the TCP stream, and here we can see someone attempting to get in using an invalid password. I'll close that. Then we'll put in a more specific filter, which actually gives me all the password attempts. Looking over on the right-hand side, we can see that someone has attempted to use a number of different passwords, invalid, one after another, in order to gain access into the FTP server.
A brute force attack uses software to try every possible combination of characters and generate a massive amount of consecutive guesses in order to gain the password. A hybrid attack combines a dictionary attack with a brute force attack. When looking at work effort, we can understand that weak passwords can be cracked in seconds. Now strong passwords, they might take hours, or never be cracked. When a great deal of computational effort is required, you might try to use a distributed network architecture.
This can be used to reduce the time to break a password, as it employs multiple computers to divide the workload. There are a number of popular password cracking tools. L0phtCrack, this offers a 15-day trial but ultimately this is a commercial cool. Ophtcrack is open source and supports rainbow tables. John the Ripper is a command line tool and can run on multiple different platforms. Cain and Abel is a password recovery tool for Microsoft operating systems.
Cain and Abel is loaded with features such as password sniffing, cracking passwords, and capturing voiceover IP conversations. Password crackers do have a methodology. When I create a password, I need to create a strong password. So for example, I might use the word pool ball, but substitute with characters such as zeros, exclamation points, and at symbols. Although this password meets complexity requirements, we can see a pattern.
Now a classic brute force attempt will try all patterns such as A, A, A, A, A, B, bat, cat, dat, fat, pat, et cetera. However, some password crackers have built in statistical modeling, based on a mathematical system known as Markov chaining, which will guess what the next conceivable character that might appear in a password. So again, looking at our password pool ball, it might try P, and then an O, or possibly a zero, because it's predictable.
The bottom line is, in order to foil password cracking attempts, make your password complex, but not predictable.
These tutorials, along with the other courses featured in the Ethical Hacking series, will prepare students to pass the Certified Ethical Hacker exam and start a career in this in-demand field. Find out more about the exam at https://www.eccouncil.org/programs/certified-ethical-hacker-ceh/.
- Acquiring passwords
- Generating rainbow tables
- Understanding where passwords are stored
- Defending against privilege escalation
- Understanding spyware
- Protecting against keylogging
- Detecting steganography
- How hackers cover their tracks