The elusive art of password-cracking has enticed many a mortal! Everyone has, at one point or the other, contemplated cracking someone’s password to get access to their private information. Whenever people hear the term ‘hacking’, the first thing that comes to their mind is ‘cracking passwords’. A lot of people think that password-cracking is the very definition of hacking. Some people think that password-cracking is the same as stealthily looking at someone type their password. I hate to burst your bubble, but that’s not password-cracking. What exactly is it then? How do we do it?
Let’s start from the beginning, shall we?
Password cracking refers to the process of getting the original password from the scrambled data stored on the machine or transmitted on the network. Now what’s the most obvious way of doing this? The first thing that comes to mind is that we can try out all possible combinations. One of them has to be right! This technique is called brute-force cracking. The drawback is that it consumes a lot of time. An improvement over this would be to first try those passwords which are more likely to succeed. For example, a lot of people use English words in their passwords. These passwords are easier to crack. This technique is called dictionary attack. If you don’t get the password using this method, then you have to go back to the brute-force approach.
Modern systems are smart. They don’t store the passwords in plain text. What if someone just breaks into the system? To put a second layer of security, they use cryptographic hashes to store the passwords. These hashes basically scramble your password so that even if someone sees it, they should not be able to recover the password. Some of the popular hashes are MD5 and SHA family. I have discussed more about cryptographic hashes in this blog post.
How strong is your password?
Do you remember seeing those password guidelines on websites whenever you create an account? Those guidelines are meant to increase the strength of your password. Password strength refers to how much your password can resist a brute-force attack. If someone were to brute-force your password, how long would it take them to break it? An obvious thing to do would be to make your password lengthy. This would mean that the attacker will need more time to arrive at your password. Second thing is to make it complex by involving variety of characters. Third thing is to not use direct English words. It would be easier for the attacker to guess.
How do you actually crack a password?
There are softwares available to break passwords. Some of the popular ones are Cain and Abel, John the Ripper, L0phtCrack, RainbowCrack, DSniff etc. These softwares employ different techniques to crack a password. A common approach is to use rainbow tables to recover the passwords. Rainbow tables are precomputed tables for reversing cryptographic hash functions. If the password scrambling scheme uses a salt, then this kind of attack would be infeasible. Another common technique to get someone’s password is to use a keylogger. A keylogger tracks the keyboard input. So if you can install the keylogger on someone’s machine without their knowledge, you can easily get their password. The installation of keylogger has to be sneaky. There are many ways to do it. Other techniques include phishing, social engineering, exposing the vulnerabilities of the crypto scheme being employed and many more.
It’s an art.
Password cracking is more of an art than a science. There is no fixed way to crack someone’s password. It depends on where you are and how sneaky you have to be. You have to get creative! Usually websites limit the number of wrong passwords you can enter. In this case, you have to obtain the hash first and then try to break it. If you want to break into someone’s computer, it’s easier to just install a keylogger onto their machine remotely. A wise man once said “Necessity is the mother of invention”. So if you reeeeally want to break someone’s password, you’ll find a way. That wise man probably didn’t mean it that way. But hey, we are in the 21st century and our “necessities” are different!