Before proceeding to Password Cracking, you should know about three types of authentication factors:
Something I have, like username and password. Something I am, like biometrics Something I possess, like registered / allowed devices Password Cracking is the method of extracting the password to gain authorized access to the target system in the guise of a legitimate user. Usually, only the username and password authentication are configured but now, password authentication is the moving toward two-factor authentication or multiple-factor authentication which includes something you have such as username and password with the biometrics. Password cracking may be performed by social engineering attack or cracking through tempering the communication and stealing the stored information. Guessable password, short password, password with weak encryption, a password only containing numbers or alphabets can be cracked with ease. Having a strong lengthy and difficult password is always an offensive line of defense against these cracking attacks. Typically, as good password contains: -
Case Sensitive letters Special characters Numbers Lengthy password (typically more than 8 letters) Types of Password Attacks Password Attacks are classified into the following types: -
Non-Electronic Attacks Active Online Attacks Passive Online Attacks Default Password Offline Attack
Non-Electronic Attacks Non-Electronic attacks or Nontechnical Attacks are the attacks which do not require any type of technical understanding and knowledge. This is the type of attack that can be done by shoulder surfing, social engineering, and dumpster diving. For example, gathering username and password information by standing behind a target when he is logging in, interacting with sensitive information or else. By Shoulder surfing, passwords, account numbers, or other secret information can be gathered depending upon the carelessness of the target.
Active Online Attacks Active Online Attack includes different techniques that directly interact with the target for cracking the password. Active Online attacks include: -
Dictionary Attack In the Dictionary attack to perform password cracking, a password cracking application is used along with a dictionary file. This dictionary file contains entire dictionary or list of known and common words to attempt password recovery. This is the simplest type of password cracking, and usually, systems are not vulnerable to dictionary attacks if they use strong, unique and alphanumeric passwords.
Brute Force Attack Brute Force attack attempt to recover the password by trying every possible combination of characters. Each combination pattern is attempted until the password is accepted. Brute forcing is the common, and basic technique to uncover password.
Hash Injection In the Hash injection attack, hashing and other cryptography techniques knowledge is required. In this type of attack,
The attacker needs to extract users log on hashes, stores in Security Account Manager (SAM) By compromising a workstation, or a server by exploiting the vulnerabilities, attacker gain access to the Once it compromises the machine, it extracted the log-on hashes of valuable users and With the help of these extracted hashes, attacker logged on to the server like domain controller to exploit more
- Passive Online Attacks Passive online attacks are performed without interfering with the target. Importance of these attacks is because of extraction of the password without revealing the information as it obtains password without directly probing the target. The most common types of Passive Online Attacks are:
Wire Sniffing Wire Sniffing, packet Sniffing is a process of sniffing the packet using packet sniffing tools within a Local Area Network (LAN). By inspecting the Captured packets, sensitive information and password such as Telnet, FTP, SMTP, rlogin credentials can be extracted. There are different sniffing tools available which can collect the packets flowing across the LAN, independent of the type of information carrying. Some sniffers offer to filter to catch only certain types of packets.
Man-in-the-Middle Attack A man-in-the-middle attack is the type of attack in which attacker involves himself into the communication between other nodes. MITM attack can be explained as a user communicating with another user, or server and attacker insert himself in between the conversation by sniffing the packets and generating MITM or Replay traffic. The following are some utilities available for attempting Man-in-the-middle (MITM) attacks:
SSL Strip Burp Suite Browser Exploitation Framework (BeEF) Replay Attack In a Replay attack, Attacker capture packets using a packet sniffer tools. Once packets are captured, relevant information such as passwords is extracted. By generating replay traffic with the injection of extracted information, attacker gain access to the system
- Default Password Every new equipment is configured with a default password by the manufactures. It is recommended to change the default password to a unique, secret set of characters. An attacker using default passwords by searching through the official website of device manufacturer or through online tools for searching default passwords can attempt this type of attack. The following are the list of online tools available for searching default password.