You may have asked yourself, "How do hackers take my password, if the website owner can't?" The answer is simple. When a website stores your login password for the site, it is run through a cryptographic hash function before it enters the database (if the website isn't Sony).
So how are hackers getting these passwords?
When a website is breached and has their database stolen, the password hashes will be in there. A hacker will analyze the hashes, and see which hash type they are, and then bruteforce them. Bruteforcing is when you systematically cycle through each letter in a letterset until it matches a password. A letter set can be all lower-case, symbols, or anything the hacker wants. So the hacker bruteforces until they find a hash that matches yours, resulting in "guessing" your password.
Step 1 Cracking MD5 on Windows
On Windows, we're going to need to download and install Cain & Abel. Cain is part of the software suite, and is a AIO (All-In-One) Windows hacking tool. We will be using its bruteforce function to crack MD5 hashes.
Hash a Word
Let's hash the word "cowsay" using Miracle Salad's MD5 hash generator. We get the following as a result:
Bruteforce with Cain
I'm going to show you in a vTutorial how to crack the hash of the word "cowsay". Follow closely!
See how quick and easy that was? Load the hash, click dictionary attack, and wait. This was on a single core processor in a Virtual Machine, so imagine what it would be like on a powerful computer with GPU's.
Step 2 Cracking MD5 on Linux
On Linux, cracking hashes is a bit different. We will be using JTR (John the Ripper). Linux is a bit faster at cracking hashes, as you will see in the video a bit later.
- First, download JTR from here.
- Extract with tar zxvf john-1.7.8.tar.gz
- Navigate to the john directory
- Install with ./configure && make && sudo make install
Bruteforce with John
I'm going to crack the hash of the word "cowsay" again, but this time with JTR. Commands will be listed below, if you miss any.
- nano hash (inject hash into file and save)
- john --format=raw-md5 hash
- john --format=raw-md5 --show hash
Step 3 Protect Yourself from Password Cracking
Check out my previous guide on keeping passwords strong and safe. The same rules apply here. Keep your passwords longer than 12 characters, and use symbols. It greatly increases the time it takes to crack.
I hope you enjoyed this Null Byte. Jump in IRC if you need one-on-one advice!