Homework #4

Course Name: Digital Forensics

Password Cracking: Exercise#1

1. Understand how to password can be cracked. This means that any password is saved
as hash value, and you should describe what is the difference between Dictionary
attack and Brute Force attack.
2. Find free digital forensic tool that perform password cracking.

What to do?

Write a report of 4 pages that includes the following:

1. Brief introduction about the aforementioned two questions.

2. Carry out the following experiments and write down all steps:
a. Experiment #1: Describe how password cracking works as the following:
i. Using the following website, create encrypted value for one word
(for example "Digital Forensics"). The link is: https://encipher.it/.
Use a familiar password to you. Save the encrypted value in one file,
and call it "Encryption.txt".
ii. Select one free password cracking tool.
iii. Feed the selected tool by a set of possible passwords (for example:
password that are close to your familiar password). This list should
be in a file or you can insert it directly to the selected tool.
iv. Run the program to crack the "Encryption.txt", and show how the
tool crack the encrypted message.
b. Experiment #2: Describe how password cracking works as the following:
i. Using the following website, create hash value for one word (for
example "Hello"). The link is:
http://www.fileformat.info/tool/hash.htm. Save the hashed value in
one file, and call it "Passwordhash.txt"
ii. Select one free password cracking tool.
iii. Feed the selected tool by a set of possible passwords (for example:
"hi", "goodbye", "salam", and so on). This list should be in a file or
you can insert it directly to the selected tool.
iv. Run the program to crack the "passwordhash.txt", and show how
the tool extract the matching results.