Join Malcolm Shore for an in-depth discussion in this video Using the system functions, part of Penetration Testing Essential Training.
- [Instructor] Let's take a look at one of the functions that we may find useful, the crypt function. This takes a password and provides back its password hash. On Linux systems, we also use what's known as a salt value. This is consistent for the system but may differ between systems, and it's a two-character value. We'll use MS for this. First of all, I have to import the crypt library.
From there I can call the crypt function with a password and the salt, and that returns the hash. We can use this function in a small password cracker program to recover a password by checking it against a dictionary of expected passwords. Let's also pass the hash as a parameter to the Python call. We can do this by referring to the call argument value argv, which is in the sys library. I've got a dictionary called dict.txt which I can read in.
The dictionary file just contains potential passwords. I've written a small password cracker which uses the crypt function. We can see here that we're opening the file dict.txt and then reading each line which contains a password to check. We're then calling crypt with our salt to calculate the hash value and then checking it against the command line hash value. If they match, we print the password and exit the program. Note we have to use the strip function to remove the new line character that exists when we use readline.
Okay, let's run this with the hash value we found earlier when we called crypt. And we recover the password.
Cybersecurity expert Malcolm Shore reviews popular pen testing tools, as well as the Bash and Python scripting skills required to be able to acquire, modify, and re-use exploit code. He also provides a refresher on Kali Linux and introduces techniques for testing web services. At the end of this course, you'll be prepared to take more advanced training, and to pursue the popular Offensive Security Certified Professional (OSCP) certification.
- Pen testing overview
- Pen testing tools
- Bash scripting
- Python scripting
- Kali and Metasploit
- Web testing
- Finding exploit code