Offline password attacks
Unlike online password attacks, the hashes of the user passwords are available for offline password attacks. A cryptographic hash function represents a one-way function, where data of any size is mapped to data with a fixed size. So reconstructing a password based on a hash means finding a password that was mapped to the same hash by the hash function.
The success of such an attack thus depends on three factors. On the attacker’s side, the more processing power he or she has, the more hashes of possible passwords can be generated in a fixed amount of time. This is of course relevant to the password strength and the hash function used. Normally, cryptographically secure hash functions are used for authentication, as with these it is practically impossible to find a collision, among other things. A collision in this context means the mapping of two strings to the same hash value.
Hashes can be cracked with the hashcat tool, for example. hashcat supports several hash functions such as MD5, SHA1 and SHA2 (→man hashcat).
Kimberley Hudson is a software developer at Dubius Payment Ltd. and responsible for managing the company’s blog. She needs administrative rights to do so, which is why her access data is of interest to us as attackers. Using the following /etc/shadow entry, we can guess how she handles passwords:
khudson:$6$41zPfrpb$ipcj7mB9nPLllAWz/Lrr97cIfPUocPUl4fACWWww0qp7puEhPfpG.3QPh6WBwIlIhtWZN4rrit4qbZpkk28pn1:17476:0:99999:7:::
Sub Articles
Pentest Training
Take a look at the pentest training chapters and learn penetration testing:
- Preface
- Introduction
- Legal Framework
- Hacking vs. Penetration Testing
- Classification
- Meaningfulness of Penetration Tests
- Penetration Testing Standards
- The Hacking Guide
- Hacking I: Scanning networks
- Hacking II: Password attacks
- Hacking III: Web application attacks
- Hacking IV: Privilege Escalation
- Hacking V: Tunnelling Techniques
- Hacking VI: Vulnerability scanner and penetration testing frameworks
- Demonstration of a Penetration Test
- Risk Assessment of Identified Vulnerabilities
- Structure of Documentation and Reporting
- Insider stories: Tales from Dubius Payment Ltd.
binsec academy GmbH - Online IT Security Training with Practical Focus
binsec academy GmbH is provider of online IT security training, offering practical, lab-based courses for professionals. The academy provides hands-on training in areas such as penetration testing and secure software development. Participants gain practical experience through realistic lab environments, including simulations of company networks and applications. Courses are available in multiple programming languages and align with standards like OWASP Top 10 and PCI DSS. Upon successful completion, participants receive certifications such as the Binsec Academy Certified Pentest Professional (BACPP) and Binsec Academy Certified Secure Coding Professional (BACSCP), demonstrating their ability to identify and remediate security vulnerabilities.
Goto binsec acadmy GmbH
binsec GmbH – Experts in Penetration Testing
binsec GmbH is a German IT security company focused on professional penetration testing. With over 10 years of experience, the team conducts in-depth penetration tests on networks, web applications, APIs, and mobile apps. Certified experts systematically identify and document security vulnerabilities to support organizations in improving their security and meeting compliance requirements.
Goto binsec GmbH