Lab Exercise 1 – Password Cracking

Created by: Eng. Mohamed El-Sobki

1
Lab Exercise 1 – Password Cracking
Created by: Eng. Mohamed El-Sobki
 Introduction
Passwords have long been
regarded as the primary
means to safeguard
valuable data against
unauthorized access. They
are user-friendly and
straightforward, providing
a basic level of defense
against most hacking
attempts.
However, with the
advancement of
technology, the
conventional approach of
relying solely on passwords
for security appears to be
gradually losing its
effectiveness. Weak or
easily guessable passwords
can be exploited, and even
strong ones are not
immune to determined
hacker attacks.
So, how can you enhance
your protection against
password cracking? In this
article, we delve into the
increasingly critical realm
of password cracking in
cybersecurity and offer
valuable tips on preventing
password breaches.
Continue reading to
discover strategies for
rendering cracked
passwords a thing of the
past.
Lab Exercise 1 – Password Cracking
Created by: Eng. Mohamed El-Sobki
How Hackers Obtain Cracked Passwords:
In the realm of password cracking, most attackers
adhere to a simple rule: the easier, the better.
Their primary goal is to find the simplest, most
cost-effective, and stealthiest means to crack your
password.
Regrettably, attackers have at their disposal a
variety of tools designed for legitimate purposes
like password recovery and security testing, but
some individuals misuse these tools for malicious
intent. Here's a brief overview of some commonly
used password cracking software:
• Hashcat: Widely recognized as one of the
fastest password-cracking tools, Hashcat
supports multiple cracking methods.
Notably, it does not store cracked passwords
on its servers and is freely available.
• John the Ripper: John the Ripper is an open-
source, multi-platform password cracking
tool that's completely free. It boasts
compatibility with hundreds of hash and
cipher types, rendering it highly versatile.
• CrackStation: In contrast to the previously
mentioned software, CrackStation is a web-
based cracker without a standalone
program. It is capable of handling various
protocols but is limited to non-salted hashes
without additional random strings.
2
 Types of Password Cracking

In the realm of password cracking, attackers possess an advantage

due to the numerous approaches available to them. This diversity of
attack methods can catch most people off guard, as they may not
fully grasp the range of threats they face.
The majority of password cracking attacks fall into three primary
categories: password guessing attacks, social engineering attacks,
and hash-based attacks. Let's delve deeper into each of these attack
types:
1. Password Guessing Attacks
Contrary to the perception of highly sophisticated cyberattacks,
many cracked passwords result from attackers simply guessing the
password until they succeed. There are several forms of password
guessing attacks:

• Random Password Guessing − The most basic form of

password guessing, this is also the least effective method,
unless the victim is using a very common password or the
attacker knows a lot about the victim.
• Dictionary Attacks − A more advanced form of password
guessing attack, in which attackers use an automated
dictionary of words. The complexity of dictionary attacks
depends on whether attackers include numbers and characters
and whether they target specific word combinations.
• Brute Force Attacks − Brute force password guessing attacks
involve a systematic approach to every possible letter,
number, and word combination. The main advantage of this
attack is that the hacker is bound to hit the correct password
at some point. However, the flip side is that it might take
them a lot of time to generate all possible permutations.

3
Lab Exercise 1 – Password Cracking
Created by: Eng. Mohamed El-Sobki
 Types of Password Cracking
2. Social engineering encompasses a range of malicious activities
that manipulate human interactions through psychological
tactics. In social engineering attacks, hackers exploit human
psychology to deceive victims and obtain valuable sensitive
information. These attacks are often well-planned and may
involve extensive research on the victims. Common forms of
social engineering attacks include:

• Phishing: Arguably the best-known and most popular

technique, phishing involves tricking the target into
clicking a link or opening an attachment that includes
malware. There are many forms of phishing attacks
tailored to specific situations, including spear phishing,
whaling, smishing, and vishing.
• Password Reset Attacks: Another prevalent form of
social engineering attacks includes initiating forced
password changes by someone other than the end user.
Attackers manipulate a password reset link that points
to a domain they control.
• Shoulder Surfing: This is a very crude and antiquated
form of cracking passwords, but one that, unfortunately,
still works on some victims. The basis of the attack is
simple. The attacker physically observes the victim
inputting a password and then uses the obtained
identification data to carry out the attack.

3. Hash-Based Attacks
Hash-based attacks pose a significant threat as attackers can
target user/password databases, even offline. The two primary
types of hash-based attacks are:

• Rainbow Table Attack: Hackers first gain access to

leaked hashes and use the rainbow table to decrypt the
password hashes. As long as the hashes don’t have an
additional unique encoding for each password, the
hackers can then simply translate the encrypted
passwords into plaintext.
• Pass-the-Hash Attack: Pass-the-Hash attacks exploit
weaknesses in the authentication protocol. These types
of attacks are often used for Windows password cracks,
although they can also occur on other platforms.

4
Lab Exercise 1 – Password Cracking
Created by: Eng. Mohamed El-Sobki
 Linux Password Cracking Lab:
The shadow file contains the actual user encrypted password (hash) as shown
below the shadow file structure.

1. we can show the content of that file using the following command:

# cat /etc/shadow

2. install hashcat the cracking program by the following commands:

3.
# sudo apt update & apt upgrade
# sudo apt install hashcat

5
Lab Exercise 1 – Password Cracking
Created by: Eng. Mohamed El-Sobki
 Continued:
4. Install hashid tool to Check the different types of hashes in the shadow file.

5. Check the hash type by the following command:

6. Group the hashes in text file based on the type.

7. Start use hashcat tool based on hashes type The core syntax of hashcat is as
follows:

#hashcat -a <$attack mode> -m <$hash_algorithm> <$hash (stdin/file)> <$dictionary>

6
Lab Exercise 1 – Password Cracking
Created by: Eng. Mohamed El-Sobki
 Continued:
8. Hashing Algorithms: The modes can be found using hashcat ‐‐help (note:
hashcat cannot attack multiple hash types in a single session but there are other
tools that can).
For example, MD5 would be -m 0, SHA1 would be -m 100 and so on.

9. Attack Modes: This is the type of password attack you’d like to carry out.
Dictionary (referred to as ‘Straight’ in hashcat) is attack mode 0.

10. Let’s Crack !!

7
Lab Exercise 1 – Password Cracking
Created by: Eng. Mohamed El-Sobki
 Safeguard Your Passwords from Cracking

• Longer Passwords: Longer passwords are required, making the brute force
mechanism tougher to implement. Longer passwords and passphrases have
been demonstrated to boost security significantly. However, it is still critical to
avoid lengthier passwords that have previously been hacked or that feature
often in cracking dictionaries.
• No Personal Details: This password policy encourages users to establish
passwords that do not contain personal information. As previously said, most
users create passwords utilizing personal information such as hobbies,
nicknames, pet or family member names, etc. If a hacker has access to
personal information about a specific user (for example, via social media),
they will test password combinations based on this knowledge.
• Different Passwords for Different Accounts: Password regulations should
compel users to distinguish between security and convenience. Users should
be prohibited from using the same passwords for all services. Password
sharing between users – including those who work in the same department or
use the same equipment – should be avoided. A single breached password
doesn't affect your other accounts with this policy.
• Use Passphrases: Some password regulations necessitate the creation of a
passphrase rather than a password. While passes serve the same objective,
their length makes them more difficult to break. In addition to letters, a good
pass should include numbers and symbols. Passwords may be easier for users
to remember than passphrases. However, the latter is much more breach-
resistant.
• Two-Factor Authentication: Two-factor authentication(2FA) can help secure an
online account or even a smartphone. 2FA does this by asking the user to
provide two forms of information—a password or personal identification
number (PIN), a code texted to the user's smartphone, or a fingerprint—
before accessing whatever is secured. This helps discourage unauthorized
entries to an account without the original user's permission.

By following these guidelines, you can significantly reduce the risk of your
passwords being cracked.

8
Lab Exercise 1 – Password Cracking
Created by: Eng. Mohamed El-Sobki