Lab - Password Cracking

docx

School

University of Alabama *

*We aren’t endorsed by this school

Course

460

Subject

Information Systems

Date

Apr 3, 2024

Type

docx

Pages

11

Uploaded by CountWaterBuffaloPerson1691

Report
MIS 460 / MIS 561 Lab – Password Cracking Lab – Password Cracking The objectives of this lab are to: Understand the attributes of a strong password. Use tools to compromise a password. Understand how to use commonly applied patterns to make password-cracking more effective. Learn how to extract passwords from a Windows operating system. Understand the role hashing plays in password storage, transmission, and compromise. Some key terms: Hash – a hash function is any function that can be used to map data of an arbitrary size to fixed-size values (e.g., MD5, SHA256). Hashes are consistent. Hashing the same data yields the same results. Hashes are also one-way. Everyone 1. Copy files required for the lab (a) Download ONLY the password_files.zip folder in the Password Cracking Lab folder, from the student software folder in the Teams (Files -> Class Materials -> Student Resources -> software --> Lab – Password Cracking) (b) Drag the files from your host to the Kali desktop, then move them into ~/security (or whatever you named the applied cybersecurity folder)/ (c) If dragging is not successful, copy the lab folder to your security directory (c:\security for Windows hosts, /home/<user>/security for Mac/Linux). (d) If the shared folder is not available, in Kali, use the browser and navigate to https://box.ua.edu, then go to the shared student software folder and download the lab files to ~/security. Lab – Password cracking Page 1 of 11
MIS 460 / MIS 561 Lab – Password Cracking Mac and Windows Users with No GPU Only 1. Start John the Ripper (a) Click the Application button, type john, then click the john icon. (b) A terminal window opens. Take a screenshot. Sample Submission 2. Review the hackme.txt file (a) Using Kali, open the hackme.txt file with a text editor (double-click the file). (b) Figure 1 above displays a shadow file entry, similar to that is contained in the hackme.txt file. i. Item 1 - Username : A valid account name, which exists on the system. ii. Item 2 - Password : Your encrypted password is in hash format. The password should be minimum 15-20 characters long including special characters, digits, lower case alphabetic and more. Usually password format is set to $id$salt$hashed, The $id is the algorithm used On GNU/Linux as follows: A. $1$ is MD5 B. $2a$ is Blowfish C. $2y$ is Blowfish Lab – Password cracking Page 2 of 11 Figure 1: Shadow file entry example
MIS 460 / MIS 561 Lab – Password Cracking D. $5$ is SHA-256 E. $6$ is SHA-512 F. $y$ is yescrypt G. null is typically DES iii. Item 3 : Last password change (lastchanged) : The date of the last password change, expressed as the number of days since Jan 1, 1970 (Unix time). The value 0 has a special meaning, which is that the user should change her password the next time she will log in the system. An empty field means that password aging features are disabled. iv. Item 4 : Minimum : The minimum number of days required between password changes i.e. the number of days left before the user is allowed to change her password again. An empty field and value 0 mean that there are no minimum password age. v. Item 5 : Maximum : The maximum number of days the password is valid, after that user is forced to change her password again. vi. Item 6 : Warn : The number of days before password is to expire that user is warned that his/her password must be changed vii. Item 7 : Inactive : The number of days after password expires that account is disabled. viii. Item 8 : Expire : The date of expiration of the account, expressed as the number of days since Jan 1, 1970. (c) To see the Kali account shadow file entry, at a terminal window type sudo cat /etc/shadow and press ENTER. (d) For the screenshot, pipe the results and use a command that will limit the results to only the kali entry in the file. Sample Contents of the shadow file, Kali user entry (only). Must include the Kali prompt. Submission Lab – Password cracking Page 3 of 11
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
MIS 460 / MIS 561 Lab – Password Cracking Questions (e) Based on your screenshot, what is your username? kali (f) In the sample screenshot provided for you, on what date was the password last changed? August 8, 2022 (g) Provide the number and the date on which your password was last changed. 19620 days since last change, or September 20, 2023 (h) Based on the sample screenshot provided for you, what type of hashing algorithm is being used? yescrypt (i) What type of algorithm is being used in the hackme.txt file? DES (j) The password is hashed using the algorithm you indicated above. What does it mean to hash a password? (k) Are hashes reversible (e.g., can I reverse- engineer the hash to obtain the password)? Converting your password into a fixed length string using characters for security purposes. No, you cannot reverse hashes (l) How many passwords (rows) are in the hackme.txt file? 721 (m) What is the password hash for preardon? jVaNsHh6f0vPw 3. Perform a Brute Force Attack (a) Using Kali, open a terminal window, navigate to the folder containing the hackme.txt file (don’t open hackme.txt), then type john hackme.txt and press ENTER. Lab – Password cracking Page 4 of 11
MIS 460 / MIS 561 Lab – Password Cracking Sample Submission Capture at least nine cracked passwords and the “Proceeding with incremental: ASCII” phrase. What is preardon’s password? hammer What is ASCII? ASCII is a fundamental character encoding system and serves as the basis for encoding text in computers and communication systems What does “Proceeding with incremental: ASCII” mean? What is JTR doing at that point and going forward? The message means JTR is using an incremental cracking mode with the character set specified as "ASCII." JTR will continue testing all passwords until he is out of possibilities. 4. Perform a Dictionary Attack (a) JTR “remembers” what has been done. To clear it’s “memory”, in Kali terminal window, type rm ~/.john/john.* and press ENTER. To what does the ~ refer? a shorthand notation that represents the user's home directory. It's called a "tilde" character. Is .john a folder (directory) or a file? What is the impact of the “.”? .john is a directory. The “.” indicates that it is a hidden directory. What is the rm command and to which files will it apply? The rm command is used to remove/delete files. Lab – Password cracking Page 5 of 11
MIS 460 / MIS 561 Lab – Password Cracking (b) Examine the contents of the /usr/share/metasploit-framework/data/wordlists/password.lst file. (c) Copy the password.lst into your boyle1e_student_project_files folder (d) To perform the dictionary attack, using a terminal window in Kali, navigate to the boyle1e_student_project_files folder then type john -wordlist=password.lst hackme.txt and press ENTER. Windows Users with a GPU Only 1. Download Hashcat (a) On windows, Download and install Hashcat: https://hashcat.net/files/hashcat-6.2.6.7z (b) Unzip the Hashcat file using 7zip (c) Open command prompt and CD into the Hashcat folder (d) Test to make sure you can see your GPU and get the device ID by running hashcat.exe -I (If you want cracking to go faster install the NVIDIA CUDA Toolkit https://developer.nvidia.com/cuda- downloads. OpenCL (the default) is fine, but cracking will take longer. If you have an AMD GPU, the NVIDIA Toolkit is not an option.) 2. Review the hackme.txt file (a) Using Kali, open the hackme.txt file with a text editor (double-click the file). Lab – Password cracking Page 6 of 11
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
MIS 460 / MIS 561 Lab – Password Cracking (b) Figure 1 above displays a shadow file entry, similar to that is contained in the hackme.txt file. i. Item 1 - Username : A valid account name, which exist on the system. ii. Item 2 - Password : Your encrypted password is in hash format. The password should be minimum 15-20 characters long including special characters, digits, lower case alphabetic and more. Usually password format is set to $id$salt$hashed, The $id is the algorithm used On GNU/Linux as follows: A. $1$ is MD5 B. $2a$ is Blowfish C. $2y$ is Blowfish D. $5$ is SHA-256 E. $6$ is SHA-512 F. $y$ is yescrypt G. null is typically DES iii. Item 3 : Last password change (lastchanged) : The date of the last password change, expressed as the number of days since Jan 1, 1970 (Unix time). The value 0 has a special meaning, which is that the user should change her password the next time she will log in the system. An empty field means that password aging features are disabled. iv. Item 4 : Minimum : The minimum number of days required between password changes i.e. the number of days left before the user is allowed to change her password again. An empty field and value 0 mean that there are no minimum password age. v. Item 5 : Maximum : The maximum number of days the password is valid, after that user is forced to change her password again. vi. Item 6 : Warn : The number of days before password is to expire that user is warned that his/her password must be changed vii. Item 7 : Inactive : The number of days after password expires that account is disabled. Lab – Password cracking Page 7 of 11 Figure 2: Shadow file entry example
MIS 460 / MIS 561 Lab – Password Cracking viii. Item 8 : Expire : The date of expiration of the account, expressed as the number of days since Jan 1, 1970. (c) To see the Kali account shadow file entry, at a terminal window type sudo cat /etc/shadow and press ENTER. (d) For the screenshot, pipe the results and use a command that will limit the results to only the kali entry in the file. Sample Contents of the shadow file, Kali user entry (only). Must include the Kali prompt. Submission Questions (e) Based on your screenshot, what is your user name?+ (f) In the sample screenshot provided for you, on what date was the password last changed (hint: use unixtimestamp.com to help with conversion)? (g) Provide the number and the date on which your password was last changed. (h) Based on the sample screenshot provided for you, what type of hashing algorithm is being used? (i) What type of algorithm is being used in the hackme.txt file? (j) The password is hashed using the algorithm you indicated above. What does it mean to hash a password? Are hashes reversible (e.g., can I reverse-engineer the hash to obtain the password)? (k) How many passwords (rows) are in the hackme.txt file? Lab – Password cracking Page 8 of 11
MIS 460 / MIS 561 Lab – Password Cracking 3. Perform a Brute Force Attack (a) The number after the -d flag should be the device id number you retrieved above - mine was 1. (b) File paths matter in the command. I have a hashes folder with hackme.txt inside. Make sure you cd into Hashcat. Using Windows open command prompt and run hashcat -m 1500 -d 1 hashes\hackme.txt -a 3 ?l?l?l?l?l?l?l?l Lab – Password cracking Page 9 of 11
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
MIS 460 / MIS 561 Lab – Password Cracking Sample Submission Capture at least nine cracked passwords. You can screenshot the terminal output or the potfile. In the Hashcat command what is -m 1500 declaring? In the Hashcat command what is ?l?l?l?l?l?l?l?l doing and how long are the passwords it is brute forcing? 4. Perform a Dictionary Attack (a) Hashcat “remembers” what has been done. To clear it’s “memory”, in Hashcat find the hashcat.potfile and delete it or rename it. Only after you have taken the screen shot above! (b) Examine the contents of the password.lst file. (c) In Kali, Unzip the rockyou word list cd /usr/share/wordlists/ sudo gzip -d rockyou.txt.gz (d) Move the rockyou wordlist file to your windows desktop by utilizing the shared security folder: https://www.kali.org/docs/virtualization/install-vmware-guest-tools/#adding-support-for-shared- folders-when-using-ovt (e) Place the rockyou.txt file inside your hashcat folder. File paths matter in the command. I have a hashes folder with hackme.txt and a wordlists folder with rockyou.txt (f) To perform the dictionary attack, using a command prompt window run: hashcat -m 1500 -d 1 hashes\hackme.txt wordlists\rockyou.txt Lab – Password cracking Page 10 of 11
MIS 460 / MIS 561 Lab – Password Cracking Sample Submission Capture at least nine cracked passwords. You can screenshot the terminal output or the potfile. What password in my output is a keyboard walk pattern? Why is a keyboard walk pattern bad practice to use? Lab – Password cracking Page 11 of 11

Related Documents

MGMT 620 -Closing Project RIsk quiz .docx
Document 9.docx
SYstem administratioon technical questions.docx
Milestone 1 sci 220.docx
Why Won't They Use RPA (1).pdf
Research activies week 2.docx
Lab - Linux command line fundamentals.docx
Lab - Windows Command Line.docx
Untitled document (1).pdf
Primroses_nonengagement_canopies.docx
Learning Journal Unit 5.docx
Assignment 1 from Chapters 1 and 2.pdf