For lab 8 you will examine password cracking. . The strength of a password is determined by; Lets now look at a practical example. We will use three passwords namely For this example, we will use the password strength indicator of Cpanel when creating passwords. The images below show the password strengths of each of the above-listed passwords. This is a trial service and will work for you to look at the passwords. The higher the strength number, better the password. Lets suppose that we have to store our above passwords using md5 encryption. We will use an online to convert our passwords into md5 hashes. The table below shows the password hashes. password 5f4dcc3b5aa765d61d8327deb882cf99 1 password1 7c6a180b36896a0a8c02787eeafb0e4c 28 #password1$ 29e08fb7103c327d68327f23d8d9256c 60 We will now use to crack the above hashes. The images below show the password cracking results for the above passwords. As you can see from the above results, we managed to crack the first and second passwords that had lower strength numbers. We didnt manage to crack the third password which was longer, complex and unpredictable. It had a higher strength number. There are a number of . We will describe the most commonly used ones below; John the Ripper uses the command prompt to crack passwords. This makes it suitable for advanced users who are comfortable working with commands. It uses to wor
dlist to crack passwords. The program is free, but the word list has to be bought. It has free alternative word lists that you can use. Visit the product website for more information and how to use it. Cain & Abel runs on windows. It is used to recover passwords for user accounts, recovery of Microsoft Access passwords; networking sniffing, etc. Unlike John the Ripper, Cain & Abel uses a graphic user interface. It is very common among newbies and script kiddies because of its simplicity of use. Visit the product website for more information and how to use it. Ophcrack is a cross-platform Windows password cracker that uses rainbow tables to crack passwords. It runs on Windows, and Mac OS. It also has a module for brute force attacks among other features. Visit the product website for more information and how to use it. In this practical scenario, we are going to . . We will use the NTLM cracker tool in Cain and Abel to do that. Cain and Abel cracker can be used to crack passwords using; We will use the dictionary attack in this example. You will need to download the dictionary attack wordlist here . For your exercise, create a few acccounts on both Linux and Windows VMs. Using the most common passwords, use Cane and Abel to attempts cracks on the passwords of varying size and difficulty. Also, think about changing the common passwords to see the difference in time. Record your findings.