EvilZone
Hacking and Security => Beginner's Corner => : white_noise February 25, 2015, 05:48:15 PM
-
I was thinking about this the other day and I'm just interested whether I got it right.
Is it?
- Get access to machine e.g. exploit
- find password file
- get password file off computer (ftp, tftp ?)
- crack password file
That's just my guess, let me know if that's right :)
-
For offline password cracking (say acquiring a SAM or passwd file), yeah, that is the rudimentary basics of the process.
There are other nuances to the process of password cracking... for instance, will you be bruteforcing (going through every possible sequence of viable digits until reaching the actual passwords), what type of cypher is it? will you be using rainbow tables? do you have a password list based on a targeted user profile? Have you intercepted other passwords/data via other means such as: packetsniffing, spyware, RAT, phishing/general social engineering, or some other surveillance method that can help you make more educated guesses and thus speed up the process?
Often times users will ignorantly use the same password over and over, and if not, the second most common method is using permutations of existing passwords/phrases which aids in creating targeted password files. If the user opts for using a passwordmanager/generator, you have a different problem set, with potentially a very big payoff.
This can be a very simple or very involved process depending on what direction you take it. But yeah, for the basics, you have the general idea...
BTW, you need to post an introduction before posting on other locations within the forum.
-
This probably isn't what you're looking for, but here you go: https://evilzone.org/tutorials/assumption-based-gpu-hash-cracking-theory/
-
Where I work, I often have to access people's accounts on their company owned computers (like if they leave/are fired, or if I need to do work on the system in general). In this case, I often will use password crackers to get me access to these accounts. I sometimes just ask the person to write down their password, but honestly it's more fun for me to crack it (plus it's good practice, as I already have authorization to access these computers).
So yes, while a lot of password crackers are used for less-than-legal means, they're actually very helpful for IT professionals, too. Hope this helped!
-
I was thinking about this the other day and I'm just interested whether I got it right.
Is it?
- Get access to machine e.g. exploit
- find password file
- get password file off computer (ftp, tftp ?)
- crack password file
That's just my guess, let me know if that's right :)
I understand your question, but I think it can actually happen in no particular order. Someone mentioned offline cracking. For example, if you were to exploit a local or remote file inclusion vulnerability and dump the hashes off the web server, you would then in essence 'find password file', 'get password file', 'crack password file', THEN finally 'Get access to machine'. But that's just a different way of looking at it. Hope I helped a bit.