- 12th Jun 2019
- 00:54 am
Online password cracking refers to a process of bringing an attack to a computer system by hackers while the system is used by a legitimate user. What hacker to do is make an attempt by guessing login credentials. User’s credentials means a login id and a strong password for application authentication. An attacker makes an attempt to guess user's credentials by doing some reconnaissance for a web based application login page. Usually web page login pages are connected to the main server for example SSH or Telnet server or with a network service such as Lightweight Directory Access Protocol (LDAP), one of the mail protocols (SMTP, POP3, or IMAP), FTP, or one of many others. There are two possible modes of online password cracking. One is a dictionary attack and second is Brute force attack. A dictionary attack refers to a process of using a set of common password. The attacker uses one password at a time and the process goes on until the password matches or every password in list is used and not a single one matches. A brute force attack refers to a process of using all possible password of a character set. Attackers mainly use dictionary attack process for online password cracking. There are many online websites that provide common password lists for example 'rockyou.txt’ that has over 14 million passwords.
Using password system is most common form of web authentication. Users of computer system, bank accounts, ATMs and many more uses unique password and username to protect it from other users. An attacker mainly uses bigger computing resources such as (a botnet, supercomputer, GPU, ASIC, etc). Sometimes attackers don't need password. They just create a proxy server to bypass the main server or they can employ cookie method session ID, a Kerberos ticket method, or other resource that authenticates the legitimate user. Metasploit tool is one of the most commonly used tools nowadays to crack password by setting up a fake SMB server. Setting up a fake SMB server means if someone is trying to get access to the SMB server, their system will need to present their credentials in terms of their domain password hash. Large networks usually have a system that is connected to each computer system and the system always checks if the network is patched or secure. By setting fake SMB credentials, attackers can capture domain credentials of other users and can be authenticated against it. Metasploit tool can use cain and Abel or John the ripper software to capture hash. Setting up a fake SMB server is an auxiliary module process and the process is not an exploit or a payload.
The process is to set the module as JOHNPWFILE to a particular location by typing
msf>set JOHNPWFILE/root/domainhashes
Then the next task is to exploit
msf>exploit
By exploiting, it will create a fake SMB fake server and user’s credentials will be stored in the root directory in files begining with johnhashes.
Reflection:
According to me the online password cracking is the process which is not ought to be happened in that time where world is progressing towards the digitalisations. The online cracking can hamper the personal as well as the professional life. As per my knowledge most of the hacking has been done to steal the money from the bank and to steal the confidential information of the government or other organisation. I talked with several person who are suffered from this cracking and in social media perspective this issue is now in alarming rate. In my mind the one question is that is there any technology available to restrict this hacking process? To find my answer I searched several online journals and many different sites, videos, and books but still I think the process is irresistible in recent time also. Numbers of incidents are happening everyday and numbers of people are affecting through this process. In this portion basically two systems are used one is dictionary attack and another is brute force attack. The issue is that we need to find out the process to stop such illegal intervene. Government has been affected several times and financial sector also reported in a row. As I researched for this process I came to know that there are few basic steps available to be safe from such hacking. I always changing my password in 1moth interval and as per my research clicking unwanted link is the main source for the hackers to hack the process. I think that taking precaution and learning about it critically can help us to resist such hacking and protect our confidential information and money from the hackers.
Hacking the social media is another platform that hackers used most and also website hacking is another term that is beneficial for the hackers. In Russia such incident happened few years ago where Edward snowden hacked the confidential documents of NSA. Numbers of incidents are there but solution is not much to maintain the equilibrium.