Documentos de Académico
Documentos de Profesional
Documentos de Cultura
Password Cracking
[Applying Linux Tools]
Prepared By:
Ali Al Kaf | Talal Al Ismail
Abstract
This research will discuss some of the techniques used in password cracking. As
we know most of people use passwords as first line of defense, which mean passwords
need to be strong and unbreakable. However, this study will show some tools that used
in cracking passwords like John the Ripper, some back track tools to crack ZIP and RAR
file passwords. Moreover, many of the Password Cracking tools are readily available
from the Internet and can be downloaded for free. Our conclusion, given the heightened
risk of cyber-attacks today, users should also change their passwords every thirty days
or so.
Introduction
In today’s world of security with the huge development in technology, password
security is one of the priorities for all authentication-based protected systems, as we
know most of people and organization they depend on password to secure there
important data, files, emails and even when they want to login to a computer in home or
office you need user name and password. In addition, most of computer users have more
than one account in different things like online banking account, email account, and any
online transaction like buying or selling need some kind of security, which is a password
from this we can understand that passwords are really important thing to secure and it
should have a really strong mechanism to insure using passwords are useful and secure
in the same time. However, there are many type of password encryption like md5 in
Linux systems and (DES) windows.
On the other hand, this report will show some kind of password cracking
techniques, there is no standard formula for cracking a password, and different methods
used depending on the types of passwords you want to crack. However, there are four
main categories for password cranking. First, brute-force password crack involves
trying every possible password combination until you find the one that works. Although
this concept seems simple enough, it can be quite difficult. Second, dictionary attack is
usually the fastest way to break into a machine. A dictionary file (a text file full of
dictionary words) is loaded into a cracking application, which is run against user
accounts located by the application. Third, Hybrid attack another well-known form of
attack is the hybrid attack. A hybrid attack will add numbers or symbols to the search
words to successfully crack a password. Many people change their passwords by simply
adding a number to the end of their current password. Therefore, this type of attack is
the most versatile; while it takes longer than a standard dictionary attack it does not
take as long as a brute force attack. Finally, the entire password attacking techniques
needs time to give a result sometimes they take from minutes to weeks or more
depending on the length of the password and the encrypting type.
However, password hacking does not depend just on software but also on people
because when computer users put weak passwords they make themselves as a good
target for hackers, encryption is really good technique but it depends on the length of
the password and what it contain, which mean people should have an idea about weak
and strong passwords to avoid being victims of password cracking.
Related work
Prior to starting the work, as a group we gathered all the information that would
provide us with help and specified the tools to be used in this research. Among the
different distributions of LINUX two of them have been selected BT4 and Fedora 13.
After that, we downloaded and installed all the previously mentioned tools and
operating systems. Finally, it was really necessary to learn how to use these tools and
experience with it.
Cain and Abel is a password recovery tool that enables network administrators to
test network security, or home users to recover a variety of stored network passwords.
The software reports sniffing and recovery of most popular protocols, including FTP,
SMTP, POP3, HTTP, mySQL, ICQ, Telnet and others. It can also recover passwords hidden
behind asterisk (***), stored in VNC profiles, SQL Server Enterprise Manager, Remote
Desktop connections and wireless connections. Other features include LSA Secrets
Dumper, Protected Storage password revealer, network enumeration, VoIP filtering and
more.
Usage:
Used in generating an MD5 hash. From the main interface go to Tools > Hash
Calculator and write the text you need to hash then press calculate.
John the Ripper is a fast password cracker, currently available for many flavors of
Unix, Windows, DOS, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix
passwords. It supports several crypt(3) password hash types commonly found on Unix
systems, as well as Windows LM hashes. On top of this, many other hash types are added
with contributed patches, and some are added in John the Ripper Pro.
Usage:
We will crack the password of the existing user account using JTR. In Fedora 13,
open the terminal and become root. After installing JTR, you need to use the unshadow
command to combine the /etc/passwd and /etc/shadow files so John can use them and
save the output file in a specific file of your choice.
Start cracking using this command, it will take its own time:
# john /tmp/pass.db
In this part, use Cain & Abel to create an MD5 hashed text and save it in a text file, and in
BT4 use JTR in decrypting the hashed file.
Usage:
# john
# ./john --format=raw-MD5 /root/md5.txt
RarCrack 1
RarCrack is a program that uses brute force algorithm to find and recover the
correct password for compressed archive in .rar (WinRAR), .7z (7-Zip) and .zip (WinZip)
format in any POSIX compatible operating system.
Usage:
In order to crack a password of .zip or .rar file, create one and save it in a file of your
choice; then, use RarCrack in revealing that password. In BT4, go to K menu > privilege
escalation > password attack > offline attack > RarCrak a new terminal will appear
which allow you to try these commands.
Start cracking zip file using this command, it will take its own time:
Start cracking .rar file using this command, it will take its own time:
# ./rarcrack –type rar –treads 8 /root/test.rar
PDFCrack
Usage:
In order to crack a password of a protected PDF file, create one save it in a file of
your choice; then, use PDFCrack in revealing that password. In BT4, open the terminal
and install PDF crack.
Start cracking using this command, it will take its own time:
# pdfcrack /root/crack.pdf
Discussion
1. http://office.microsoft.com/en-us/office-2003-resource-kit/important-
aspects-of-password-and-encryption-protection-HA001140311.aspx
Intro
3. http://www.sans.org/reading_room/whitepapers/tools/password-
cracking-l0phtcrack-30_957
4. http://s2.ist.psu.edu/ist451/451-Lab1_s06.pdf
5. http://www.mydigitallife.info/2009/01/06/how-to-recover-rar-7z-and-
zip-password-with-rarcrack-in-linux/
6. http://pdfcrack.sourceforge.net/
7. www.oxid.it/cain.html
8. http://www.cyberciti.biz/faq/unix-linux-password-cracking-john-the-
ripper/