Hack-X-Crypt A Straight Forward Guide Towards Ethical Hacking And Cyber Security (2015)

PASSWORD CRACKING EXPLAINED

PASSWORD CRACKING

Password crackers are the most famous and elementary tools in the hacker’s toolbox. These have been around for some time and are fairly effective at “guessing” most users’ passwords, at least in part because most users do a very poor job of selecting secure passwords.

First of all if a hacker is going to crack your password then at the very first step they usually try some guesses to crack your password. They generally made it easy by social engineering. Hackers know that most users select simple passwords that are easy to remember. The top choices of the users are nearly always names that are personally meaningful to the user—first names of immediate family members leadthelist,followedby pet’s namesand favoritesporting teams. Password crackers may end up loading full English dictionaries, but they can hit a fair number of passwords with the contents of any popular baby name book. Other poor password selections include common numbers and numbers that follow a common format such as phone numbers and social security numbers.

Compounding the problem, many users set the same user name and password for all accounts, allowing hackers to have a field day with a single harvested password. That’s something to consider before you use the same password for Facebook as you use at school or at work.
The key to creating a good password is to create something that someone cannot guess or easily crack. Using your pet’s name therefore is not a good technique. Using your login name is also a bad technique because someone who knows your login (or your name, since many login names are simply variations on your surname), could easily break into your system.

Cracking passwords with hardcore tools

High-tech password cracking involves using a program that tries to guess a password by determining all possible password combinations. These high-tech methods are mostly automated after you access the computer and password database files.
The main password-cracking methods are dictionary attacks, bruteforce attacks, and rainbow attacks. You find out how each of these work in the following sections.

Password-cracking software:

You can try to crack your organization’s operating system and application passwords with various password-cracking tools:

Cain & Abel: Cain and Abel is a well-known password cracking tool that is capable of handling a variety of tasks. The most notable thing is that the tool is only available for Windows platforms. It can work as sniffer in the network, cracking encrypted passwords using the dictionary attack, brute force attacks, cryptanalysis attacks, revealing password boxes, uncovering cached passwords, decoding scrambled passwords, and analyzing routing protocols. It use to cracks LM and NT LanManager (NTLM) hashes, Windows RDP passwords, Cisco IOS and PIX hashes, VNC passwords, RADIUS hashes, and lots more. (Hashes are cryptographic representations of passwords.)

Brutus: Brutus is one of the most popular remote online password cracking tools. It claims to be the fastest and most flexible password cracking tool. This tool is free and is only available for Windows systems. It was released back in October 2000.

It supports HTTP (Basic Authentication), HTTP (HTML Form/CGI), POP3, FTP, SMB, Telnet and other types such as IMAP, NNTP, NetBus, etc. You can also create your own authentication types. This tool also supports multi-stage authentication engines and is able to connect 60 simultaneous targets. It also has resumed and load options. So, you can pause the attack process any time and then resume whenever you want to resume.

Elcomsoft Distributed Password Recovery:

(www.elcomsoft.com/edpr.html) cracks Windows, Microsoft Office, PGP, Adobe, iTunes, and numerous other passwords in a distributed fashion using up to 10,000 networked computers at one time. Plus, this tool uses the same graphics processing unit (GPU) video acceleration as the Elcomsoft Wireless Auditor tool, which allows for cracking speeds up to 50 times faster.

Elcomsoft System Recovery:(www.elcomsoft.com/esr.html) 
cracks Or resets Windows user passwords, sets administrative rights, and resets password expirations all from a bootable CD.

John the Ripper : - (www.openwall.com/john) John the Ripper is another well-known free open source password cracking tool for Linux, UNIX and Mac OS X. A Windows version is also available. This tool can detect weak passwords. A pro version of the tool is also available, which offers better features and native packages for target operating systems.

ophcrack :(http://ophcrack.sourceforge.net) cracks Windows User passwords using rainbow tables from a bootable CD. Rainbow tables are pre-calculated password hashes that can help speed up the cracking process.

Aircrack-NG : - (http://www.aircrack-ng.org/) Aircrack-NG is a WiFi password cracking tool that can crack WEP or WPA passwords. It analyzes wireless encrypted packets and then tries to crack passwords via its cracking algorithm. It is available for Linux and Windows systems. A live CD of Aircrack is also available.

Proactive System Password Recovery

:

(www.elcomsoft.com/pspr.
html) recovers practically any locally stored Windows password, such As logon passwords, WEP/WPA passphrases, SYSKEY passwords, and RAS/dialup/VPN passwords.

Rainbow Crack : - (http://project-rainbowcrack.com) Rainbow Crack is a hash cracker tool that uses a large-scale time-memory trade off process for faster password cracking than traditional brute force tools. Time-memory tradeoff is a computational process in which all plain text and hash pairs are calculated by using a selected hash algorithm. After computation, results are stored in the rainbow table. This process is very time consuming. But, once the table is ready, it can crack a password must faster than brute force tools.
You also do not need to generate rainbow tablets by yourselves. Developers of Rainbow Crack have also generated LM rainbow tables, NTLM rainbow tables, MD5 rainbow tables and Sha1 rainbow tables. Like Rainbow Crack, these tables are also available for free. You can download these tables and use for your password cracking processes.

pwdump3 :-(www.openwall.com/passwords/microsoftwindowsnt-2000-xp-2003-vista-7#pwdump) password hashes from the SAM (Security database.
extracts Accounts Windows Manager)

Password storage locations vary by operating system:
Windows usually stores passwords in these locations:

• Active Directory database file that’s stored locally or spread across domain controllers (ntds.dit)
Windows may also store passwords in a backup of the SAM file in the c:\winnt\repair or c:\windows\repair directory.

• Security Accounts Manager (SAM) database (c:\winnt\ system32\config) or (c:\windows\system32\config)

Some Windows applications store passwords in the Registry or as plaintext files on the hard drive! A simple registry or file-system search for “password” may uncover just what you’re looking for.

Linux and other UNIX variants typically store passwords in these files:
• /etc/passwd (readable by everyone)
• /etc/shadow (accessible by the system and the root account only)
• /.secure/etc/passwd (accessible by the system and the root account only)
• /etc/security/passwd (accessible by the system and the root account only)