How to crack passwords easily (Part-1)
Passwords are the most widely used form of authentication throughout the world. A username and password are used on computer systems, bank accounts, ATM’s, and more. The ability to crack passwords is an essential skill for hackers. So here we will see how to crack passwords by brute forcing.
In brute forcing we basically try different passwords or usernames on any account or file, and if anyone matches then we can log into victim’s account/file.
There are many tools present inside kali linux through which you can perform brute forcing. You just have to make a good password or username list and put it inside the tool.
Brute forcing depends on how the victim is and how tough his/her password is, That’s why social engineering is important here as we can get some hint regarding to victim’s password. To learn social engineering see our what is social engineering section.
Although some passwords are very easy to crack, some are very difficult. In those cases, the hacker can either employ greater computing resources (a botnet, supercomputer, GPU, ASIC, etc.), or they can look to obtain the password in other ways.
Brute force speed depends on the tool that you are using and also on your computer as if you have a good GPU then speed will be increased. Sometime it take 2-3 weeks to crack a password as you have to try on different word lists but if you have done your social engineering part very good then you can complete this task in 1-2 days also.
You can crack passwords of social media like instagram, twitter, facebook, etc and password of any file, windows passwords and a lot more with the help of brute forcing.
Many times attacks like phishing is much faster than this, but still this helps a lot in many cases. So take a look and learn to do brute forcing.
In general, passwords are not stored in clear text. As a rule, passwords are stored as hashes. Hashes are one-way encryption that are unique for a given input. These systems very often use MD5 or SHA1 to hash the passwords.
In the Windows operating system, passwords on the local system are stored in the SAM file, while Linux stores them in the /etc/shadow file. These files are accessible only by someone with root/sysadmin privileges. In both cases, you can use a service or file that has root/sysadmin privileges to grab the password file (e.g. DLL injection with samdump.dll in Windows).
How to make wordlist
You can make a wordlist which includes some common passwords or some information like victim’s birthdate, girlfriend/boyfriend name, pet name, etc. Making a good and precise password list is very important as it will reduce your time.
cupp is a very good tool to make wordlist. You can download it from github. cupp will ask you information like birthdate of victim, pet name and some other commonly used things and automatically make a password list with all possible combinations.
Similarly a good wordlist rockyou.txt is present inside kali linux. You can find that inside cd /usr/share/wordlists. Firstly you have to unzip it then you can use that. It is a very long password list which contains commonly used passwords. But don’t depend on rockyou only because it’s much better to produce wordlist according to your victim.
Similarly crunch is also a good tool to make wordlist. It is present inside kali linux.
Tools for brute forcing
1. John the ripper – John the Ripper is probably the world’s best known password cracking tool. It is strictly command line and strictly for Linux. Its lack of a GUI makes a bit more challenging to use, but it is also why it is such a fast password cracker. The main benefit of it is that it has a default password and usernames list present.
2. THC- Hydra – THC-Hydra is probably the most widely used online hacking tool. It is capable of cracking web form authentication, and when used in conjunction with other tools such as Tamper Data, it can be a powerful and effective tool for cracking nearly every type of online password authentication mechanism.
3. Aircrack-ng – Aircrack-ng is a network software suite consisting of a detector, packet sniffer, WEP and WPA/WPA2-PSK cracker and analysis tool for 802.11wireless LANs. It works with any wireless network interface controller whose driver supports raw monitoring mode and can sniff 802.11a, 802.11b and 802.11g traffic. The program runs under Linux, FreeBSD, macOS, OpenBSD, and Windows; the Linux version is packaged for OpenWrt and has also been ported to the Android, Zaurus PDA and Maemo platforms; and a proof of concept port has been made to the iPhone.
4. Cain and abel – Cain & Abel is a password recovery tool for Microsoft Operating Systems. It allows easy recovery of various kinds of passwords by sniffing the network, cracking encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, recovering wireless network keys, revealing password boxes, uncovering cached passwords and analyzing routing protocols.