Hacking tool : Doing a password hack
Now that we have talked a bit about the reasons why and sometimes how the
hacker is able to do a password hack, it is now time to work on doing the attack
yourself. We are going to use the pwdump3 tool to help us get any hashed
passwords that come from the database of Security Accounts Manager Then we
can use John the Ripper because it works well on both Windows and Linux
passwords, which will give you access to most of the passwords that you are
looking for.
You will need to go through a slightly different process based on whether you are
working with the Linux system or the Windows system. In order to use these two
programs to hack into a Windows system, use these steps.
● Go to your computer and then open up the C drive. Create a directory
and make sure that you call it “passwords”
● You will need to make sure that your computer has a decompression
tool installed. A good option is WinZip. If you don’t have a program like
this on your computer, you should download and install it.
● Now it is time to download and install John the Ripper and pwdump3.
They need to be extracted into the passwords directory that you make
earlier.
● Type in the command “c : passwordspwdump3 > cracked.txt”
● The output that you will get will be the Windows Security Accounts
Manager password hashes. These will all be captured inside the .txt file.
● Now you can type in the command “c: passwordsjohn cracked.txt”
● This is going to have John the Ripper against all the password hashes
and your output will be the user passwords that were cracked.
● This method can be easy to work with and is pretty simple but the
process will take you a bit of time, depending on how many people are on
the system and how complex their passwords are.
The process to do this on a Linux system is going to be a bit different. The steps
that you need to take care of cracking passwords with a Linux system include:
● Download all the source files on Linux.
● When these are ready, you should type in the command [root@local host
yourcurrentfilename ] #tar –zxf john – 1.7.9.tar.gz
● This is going to extract the program while also helping you to create a
brand new /src directory.
● Once the /src directory is ready, type in the command “make generic”
● Now you can be in the /run directory so type in the command
“/unshadow/etc/passwd/etc/shadow > cracked.txt.● From here, the unshadow program is going to merge the passwords and
the shadow files and then will input them into the .txt file.
● Now you can type in the command /john cracked.txt
● This is going to help you to launch the cracking process. This one will
take you a bit of time, but you should end up with the same kind of output
that you got when using the procedure in Windows.
It is so important to make sure that you are creating strong passwords and that the
other people on your network are doing the same thing. These passwords can help
you to keep the system safe and secure, but you have to make sure that the hackers
are not able to figure out what those passwords are. Make the passwords strong,
don’t share them with other people or use the same one on more than one account,
and change them occasionally. These tips will help you to keep the hackers out of
your accounts.
hacker is able to do a password hack, it is now time to work on doing the attack
yourself. We are going to use the pwdump3 tool to help us get any hashed
passwords that come from the database of Security Accounts Manager Then we
can use John the Ripper because it works well on both Windows and Linux
passwords, which will give you access to most of the passwords that you are
looking for.
You will need to go through a slightly different process based on whether you are
working with the Linux system or the Windows system. In order to use these two
programs to hack into a Windows system, use these steps.
● Go to your computer and then open up the C drive. Create a directory
and make sure that you call it “passwords”
● You will need to make sure that your computer has a decompression
tool installed. A good option is WinZip. If you don’t have a program like
this on your computer, you should download and install it.
● Now it is time to download and install John the Ripper and pwdump3.
They need to be extracted into the passwords directory that you make
earlier.
● Type in the command “c : passwordspwdump3 > cracked.txt”
● The output that you will get will be the Windows Security Accounts
Manager password hashes. These will all be captured inside the .txt file.
● Now you can type in the command “c: passwordsjohn cracked.txt”
● This is going to have John the Ripper against all the password hashes
and your output will be the user passwords that were cracked.
● This method can be easy to work with and is pretty simple but the
process will take you a bit of time, depending on how many people are on
the system and how complex their passwords are.
The process to do this on a Linux system is going to be a bit different. The steps
that you need to take care of cracking passwords with a Linux system include:
● Download all the source files on Linux.
● When these are ready, you should type in the command [root@local host
yourcurrentfilename ] #tar –zxf john – 1.7.9.tar.gz
● This is going to extract the program while also helping you to create a
brand new /src directory.
● Once the /src directory is ready, type in the command “make generic”
● Now you can be in the /run directory so type in the command
“/unshadow/etc/passwd/etc/shadow > cracked.txt.● From here, the unshadow program is going to merge the passwords and
the shadow files and then will input them into the .txt file.
● Now you can type in the command /john cracked.txt
● This is going to help you to launch the cracking process. This one will
take you a bit of time, but you should end up with the same kind of output
that you got when using the procedure in Windows.
It is so important to make sure that you are creating strong passwords and that the
other people on your network are doing the same thing. These passwords can help
you to keep the system safe and secure, but you have to make sure that the hackers
are not able to figure out what those passwords are. Make the passwords strong,
don’t share them with other people or use the same one on more than one account,
and change them occasionally. These tips will help you to keep the hackers out of
your accounts.
