Editing
Main Page
(section)
Jump to navigation
Jump to search
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
== Solve Password Cracking Questions? == Password Cracking can be accomplished by comparing stored passwords to a word list or by using techniques to generate credentials. Passwords are most likely encrypted before being saved as hashes. Hash functions are mathematical functions that convert random-length inputs into encrypted fixed-length of outputs. Brute-force and dictionary attacks are the two most used techniques to determine valid passwords but are not limited to other methods like Rainbow attack, Malware, Phishing, Guessing, etc. The tool that we are going to use for password cracking is "John the Ripper", which uses a dictionary list (wordlist) approach. [For more info https://www.openwall.com/john/] John the Ripper is already loaded with its default wordlist and can be found on this location /usr/share/john/password.lst Also, rockyou.txt is another big wordlist collection, that can be downloaded and is pre-loaded in Kali Linux on this location /usr/share/wordlists as rockyou.txt.gz which will be on a compressed file. To extract use this command: sudo gunzip rockyou.txt.gz [[File:pcrack_2.jpg]] Once we got the password hashes, first of all, we have to save it as a hash file on our Linux machine using a text editor (I prefer nano) or even use the GUI interface for that. [[File:GUI_hash.jpg]] Let’s say we made a password hash file as "hashlist.txt" and then we use our wordlist(s) and application “john” to crack the hash file. The method we are going to use: john hashlist.txt --wordlist = [wordlist path] john hashlist.txt -- wordlist = [wordlist path] --format = [different encryption formats] Step1: To install: sudo apt install john [[File:pcrack_1.jpg]] Step2: john hashlist.txt --wordlist=/usr/share/john/password.lst [[File:pcrack_3.jpg]] or, john hashlist.txt --wordlist=/usr/share/john/password.lst --format=sha512crypt [[File:pcrack_5.jpg]] Step3: To see the cracked password: john -- show [hash filename] john --show hashlist.txt [[File:pcrack_6.jpg]] ===Cipher Decoding=== Cipher is another way of encoding / decoding messages. A cipher uses an algorithm to convert plaintext to ciphertext. While it modifies and hides the plaintext, it has no sense on its own. For example, I was given an encoded message XZHSR-HLCRA-17491. To decode this message, go to this site: http://rumkin.com/tools/cipher/ You can see a list of tools/methods to use on the left-hand side. [[File:cipher01.jpg]] Then keep using one of these above-mentioned methods to find the correct answer. [[File:cipher00.jpg]] Here I have used a Tool called “Atbash Cipher” and decoded the correct answer as CASHI-SOXIZ-17491
Summary:
Please note that all contributions to WikiName may be edited, altered, or removed by other contributors. If you do not want your writing to be edited mercilessly, then do not submit it here.
You are also promising us that you wrote this yourself, or copied it from a public domain or similar free resource (see
WikiName:Copyrights
for details).
Do not submit copyrighted work without permission!
Cancel
Editing help
(opens in new window)
Navigation menu
Personal tools
Not logged in
Talk
Contributions
Create account
Log in
Namespaces
Main Page
Discussion
English
Views
Read
Edit
Edit source
View history
More
Search
Navigation
Main page
Recent changes
Random page
Help about MediaWiki
Tools
What links here
Related changes
Special pages
Page information