APPLICATION

INSPECTION
CRACKING THE CODE: THE ART OF PASSWORD CRACKING
• Introduction
• Alternate Deployment Schemes
• Password OpSec
• John the Ripper
• Implementation
• Cracking Passwords: Incremental mode Cracking, Markov mode Cracking
 INTRODUCTION
• In today's digital age, passwords are a critical
component of cyber security. Passwords protect our
personal and sensitive information from falling into the
wrong hands. However, despite their importance,
passwords can be easily cracked by hackers who use
various techniques to gain unauthorized access to our
accounts.
• This is why understanding password cracking is crucial
for anyone who wants to stay safe online. By learning
about the methods used by hackers to crack passwords,
we can take steps to create stronger passwords and
better protect ourselves from cyber attacks.
ALTERNATE DEPLOYMENT SCHEMES

• Use a multifactor authentication mechanism whenever possible. It helps to protect your

phone in a secure manner like generating tokens or messages for authentication. ex:
mobile phones, web applications.
1.Oauth,http://oauth.net : It provides an open protocol for systems to share authorization
information securely. This is not an authentication mechanism but, it integrating different
services and manage sensitive info. It helps to avoid making mistakes.
2.OpenID,http://openid.net : It is a protocol ,lt verify user identities and get user profile
information for web apps. OpenID removes the need for the web app to receive, store &
manage passwords for its users.
• 3.PBKDF2,www.ietf.org/rfc/rfc2898.txt : The passwords need to be in a hashed manner
that’s resistent to bruteforce attacks. The PBKDF2 algorithm defines a system for
applying iterative hashes to input. It is strong because it is adaptable to various hash
functions(eg: MD5,SHA-1,SHA-512).
• 4.Secure Remote password,http://srp.standard.edu : It is a strong cryptographic protocol
for protecting passwords during authentication. It is designed to mitigate attacks based on
sniffing, intermediation and even compromise of server-side “verfiers”.
PASSWORD OPSEC

• We can follow some basic operations Security(OpSec) in choosing, managing and using passwords. The
principals are:
• 1.keep your system up to date
• 2.Do not use unique password of your primary e-mail account.Because Email accounts are a prime target for
theft.
• 3.Enable multifactor authentication whenever a web app offers support for it..
• 4.Avoid entering your credentials on public or shared computers.
• 5.Avoid authenticating to web apps when using public wifi.
• 6. Avoid any web site whose whose password recovery mechanism e-mails .
• 7.Choose a password that isn’t based on easily discoverable such as school names ,demographic details.
• 8.If use social media as the ID for other apps, follow same advice for your email password.
JOHN THE RIPPER

• John the ripper is one of the most versatile, fastest and popular password crackers
available.
• It supports password hashing schemes by many systems including unix, windows etc
• John cracking modes include specialized wordlists,the ability to customize the generation
of guesses based on character type and placement ,raw bruteforce(bruteforce is used to
crack passwords successfully)
• It runs on any operating system
IMPLEMENTATION
 CRACKING PASSWORDS

• John is compiled and awaits for cracking a password. It recognized from os files like /etc/shadow
or dumped by tools like pwdump.
• john supports 150 hashing algorithms. Find by using –test option.
• Ex: john’s ability to guess the correct format for password entries.

1.Create a text file with windows.txt contain an entry “Ged” and “Arha”. They represent passwords
taken from windows system.
2.Run windows.txt $./john windows.txt….In which, the bruteforce attack is very quickly identify
password for Arha account is “Tenar”.
3. $./john --list=formats
4. $./john --list=format-all-details
• Ex: Take a look at unix.txt with ged and arha
• $ ./john unix.txt

Loaded 2 password hashes with 2 different salts (sha512crypt [64/64])

Don’t be upset if it doesn’t shows for 2 hashes.
One password should have been cracked so far for see…$./john –show windows.txt
$cat john.pot(john.pot is a file)
By see the info of password cracked
$./john --format=nt2 –wordlist=password.lst windows.txt (loaded 2 passwords with no diff salts) guesses:
0
$./john --wordlist=password.lst unix.txt(loaded 2 passwords with 2 different salts) guesses: 0
 INCREMENTAL MODE CRACKING

• John’s incremental mode uses “charset” files and john.cof directives to control what kind of
guesses it performs(how many guesses and how long guesses will take to complete).
• John comes will several predefined incremental modes.
• Ex: we rename john.pot file with unix.txt and run a brute-force attack for passwords that have
only lowercase alphabetical characters. By default, the mode tries all combinations b/w one and
eight characters long.
• $mv john.pot john.pot.old
• $./john --incremental=Alpha unix.txt

For created custom file contains nine plaintexts and 50 unique characters.
• $./john --make-charset=custom.chr --pot=test.pot
MARKOV MODE CRACKING

• John’s improvements are, It adopts cracking techniques that rely on statistical

composition of cracked passwords to guide the generation of new guesses.
• Where as john’s incremental mode tries all eventual permutations of a charset file, Its
Markov mode tries a limited set of permutations based on “stats” file.
• Incremental mode is guaranteed to guess every combination .So, taking a very, very long
time to complete.
• Markov mode trades completeness for speed; It tries to guess very close to known
passwords. Use --Markov option to start this mode.
• $./john –Markov windows.txt
• Updating the stats file for Markov mode requires calc_stat command.
• $./calc_stat password.lst general.stats
• $cp stats orig.stats
• $cp general.stats stats
• (Higher numbers produce more guesses, and take more time; the maximum is 400)
• $./john –markov=300:0:0:5 windows.txt .Markov mode is most useful when targeting
long passwords.