Tag: password

Posted on

Download Wordlist for dictionary attack

Crackstation wordlist is one of the most (if not the most) comprehensive wordlist which can be used for the purpose of dictionary -attack on passwords.

The wordlist comes in two flavors:

  1. Full wordlist (GZIP-compressed (level 9). 4.2 GiB compressed. 15 GiB uncompressed)
  2. Human-password only wordlist (GZIP-compressed. 247 MiB compressed. 684 MiB uncompressed)

Personally, I’ve already downloaded the full wordlist via torrent, and tested it against few PDF files (using pdfcrack) and UNIX password cracking (using John), all my test cases were successful. In my opinion, the wordlist is comprehensive for my need.

Since it looked like it took a significant effort to compile this wordlist, I rather advocate those who are interested to donate/buy the wordlist from: https://crackstation.net/buy-crackstation-wordlist-password-cracking-dictionary.htm

Posted on

Cracking PDF file with PDFCrack in Linux

I’ve come across an PDF which was sent to my email from an automated banking system. Unfortunately, the PDF file is encrypted and I’ve no way of knowing the password (or actually I’ve forgotten the password).

Fortunately, my Ubuntu box comes with application which allows me to crack the PDF file within a reasonable time.

Using ‘pdfcrack’ to crack PDF file

You need to install pdfcrack to crack pdf file. In Ubuntu/Debian system, you simply need to run

sudo apt-get -y install pdfcrack

Then for actual cracking, you can run

pdfcrack -n5 -m10 encrypted.pdf

Where -n [minimum length] to brute-force, and -m [maximum length] to brute-force.

pdfcrack can also accept a file input containing list of words (dictionary attack). For dictionary-attack just run

pdfcrack --wordlist=dictionary.txt encrypted.pdf
Posted on

How to crack SHA1, MD5 and Windows NTLM password hash using Rainbow tables in Linux

Rainbow tables is a form of attack method used to crack stored cryptographic hashes commonly used as passwords in various application.

It is similar to brute-force and dictionary attack that it will try to compare the resulting hash with the hash it attempts to crack, except in Rainbow tables, the possible matching hashes are all precomputed before hand, and it uses reduction function to double the lookup speeds at the expense of the storage space (time vs space trade off).

Project Rainbow-Crack offer downloadable binaries (free but not opensource) for GNU / Linux and Microsoft Windows operating system. The application package comes with several tools that can help in generating (rtgen), sorting (rtsort) and cracking (rcrack) sha1,md5 and NTLM hashes.

How to use rtgen, rtsort and rcrack ?
First before starting to crack sha1 hashes, we need to generate rainbow table with rtgen.
rtgen

rtgen sha1 loweralpha-numeric 1 8 0 5000 6553600 0

Usage:
rtgen <hash type> <loweralpha | loweralpha-numeric | numeric | mixalpha-numeric| alpha-numeric> <min length> <max length> <table_index> <chain_len> <chain_num> <part_index>

rtsort
Then we need to use rtsort to sort the rainbow tables generated by rtgen.

rtsort *.rt

rcrack
Finally run rcrack to crack the hashes

rcrack *.rt -l hash1.txt

or


rcrack *.rt -h af8978b1797b72acfff9595a5a2a373ec3d9106d

crack process

For more examples to generate and use rainbow tables, please refer to Project Rainbow-Table Example

Posted on

Debian: Force users to use more secure login password with pam_cracklib

One of the factor that makes your system easily crackable is the weak password. PAM cracklib forces users to choose stronger password by analyzing the password strength, length and entropy.

To enable pam_cracklib in Debian / Ubuntu operating system, you need to install libpam_cracklib:

sudo apt-get install libpam_cracklib

Then edit the “/etc/pam.d/common-password” file using your favorite editor. Then, add and uncomment the following line at the end of the file.

password required pam_cracklib.so retry=3 minlen=6 difok=3

difok determines the number of same characters that allowed to be present in the old and new passwords.