Analysis on Cyber Security 2022
VerifiedAdded on 2022/09/16
|5
|1240
|21
AI Summary
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Running head: Cyber Security and Analysis
Cyber Security and Analysis
Name of the Student
Name of the University
Author Note
Cyber Security and Analysis
Name of the Student
Name of the University
Author Note
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
Cyber Security and analysis 1
1. For the task two of the tools has been used from the table those are John the Ripper and
Ophcrack. For installing the tools Virtual box has been used and the chosen OS was
Ubuntu 18.04.
2. John the ripper:
It is free password cracking tool and it is available for both windows and Linux.
However, the tool was developed initially for the Unix operating system. This is one of
the most popular password cracking tools for testing as well as for breaking programs
because the tool john the ripper is combining of number of huge number of crackers that
are included into one package. The tool has the ability to auto detect the passwords of has
type as well as it also includes a cracker that is customizable.
Ophcrack:
Ophcrack is basically a free password cracker for windows. It is based on the rainbow
tables. This is so much difficult as well as the tool is so much essential as it works on the
rainbow table that is done by the methods that are related to inventors. The tool comes
with a GUI interface as well as it can run on various platform. The features of the tool are
including:
Runs on Windows, Linux/Unix, Mac OS X.
Cracks LM and NTLM hashes.
Free tables that are available for Windows.
Brute-force module that is for the passwords that are simple.
Audit mode as well as CSV export.
3. Demonstration:
John the ripper:
Below is a sample output that is in the Debian:
“# cat pass.txt
1. For the task two of the tools has been used from the table those are John the Ripper and
Ophcrack. For installing the tools Virtual box has been used and the chosen OS was
Ubuntu 18.04.
2. John the ripper:
It is free password cracking tool and it is available for both windows and Linux.
However, the tool was developed initially for the Unix operating system. This is one of
the most popular password cracking tools for testing as well as for breaking programs
because the tool john the ripper is combining of number of huge number of crackers that
are included into one package. The tool has the ability to auto detect the passwords of has
type as well as it also includes a cracker that is customizable.
Ophcrack:
Ophcrack is basically a free password cracker for windows. It is based on the rainbow
tables. This is so much difficult as well as the tool is so much essential as it works on the
rainbow table that is done by the methods that are related to inventors. The tool comes
with a GUI interface as well as it can run on various platform. The features of the tool are
including:
Runs on Windows, Linux/Unix, Mac OS X.
Cracks LM and NTLM hashes.
Free tables that are available for Windows.
Brute-force module that is for the passwords that are simple.
Audit mode as well as CSV export.
3. Demonstration:
John the ripper:
Below is a sample output that is in the Debian:
“# cat pass.txt
2Cyber Security and analysis
user:AZl.zWwxIh15Q
# john -w:password.lst pass.txt
Loaded 1 password hash (Traditional DES [24/32 4K])
example (user)
guesses: 1 time: 0:00:00:00 100% c/s: 752 trying: 12345 - pookie”
The software uses the dictionary attack for cracking the passwords. This method can take
the samples of text string (usually from a file that is known as wordlist which contains
words that can be found in a dictionary or the real passwords that are cracked in the past).
Encrypting the password in the similar format as that password was examined that also
includes both of the keys as well as the algorithms. It can play out an assortment of
changes to the words that are lexicon and attempt these. A significant number of these
adjustments are additionally utilized in John's single assault mode, which changes a
related plaintext, (for example, a username with a scrambled secret word) as well as
checks the varieties that are against the hashes. The tool John the ripper additionally
offers an brute force attack mode. In this kind of assault, the program experiences all the
conceivable plaintexts, hashing every one and after that contrasting it with the info hash.
John uses character recurrence tables to attempt plaintexts containing all the more as
often as possible utilized characters first. This strategy is helpful for breaking the
passcodes which cannot show up in wordlists that are lexicon, yet it can set aside a long
effort to run.
Ophcrack:
The rainbow table are freely available fir the LM-hashers that are provided absolutely
free for the developers. As a default feature the Ophcrack tool has been bundled with
some of the tables which gives the allowance this for cracking the passwords that are not
long more than fourteen characters by utilizing the alphanumeric characters only.
user:AZl.zWwxIh15Q
# john -w:password.lst pass.txt
Loaded 1 password hash (Traditional DES [24/32 4K])
example (user)
guesses: 1 time: 0:00:00:00 100% c/s: 752 trying: 12345 - pookie”
The software uses the dictionary attack for cracking the passwords. This method can take
the samples of text string (usually from a file that is known as wordlist which contains
words that can be found in a dictionary or the real passwords that are cracked in the past).
Encrypting the password in the similar format as that password was examined that also
includes both of the keys as well as the algorithms. It can play out an assortment of
changes to the words that are lexicon and attempt these. A significant number of these
adjustments are additionally utilized in John's single assault mode, which changes a
related plaintext, (for example, a username with a scrambled secret word) as well as
checks the varieties that are against the hashes. The tool John the ripper additionally
offers an brute force attack mode. In this kind of assault, the program experiences all the
conceivable plaintexts, hashing every one and after that contrasting it with the info hash.
John uses character recurrence tables to attempt plaintexts containing all the more as
often as possible utilized characters first. This strategy is helpful for breaking the
passcodes which cannot show up in wordlists that are lexicon, yet it can set aside a long
effort to run.
Ophcrack:
The rainbow table are freely available fir the LM-hashers that are provided absolutely
free for the developers. As a default feature the Ophcrack tool has been bundled with
some of the tables which gives the allowance this for cracking the passwords that are not
long more than fourteen characters by utilizing the alphanumeric characters only.
3Cyber Security and analysis
Beginning with rendition 2.3, Ophcrack additionally splits NTLM hashes. This is
essential if the age of the LM hash is debilitated (this is default for Windows Vista), or if
the secret phrase is longer than 14 characters.
4. Time for cracking password: The tool John the ripper has taken less time than the tool
Ophcarcker. The tool john the ripper uses different and advanced algorithm than the
others, so as a result it has taken low time for cracking password.
Ease of usage: Encrypting the password in the same format as that password was
examined that also including both the key as well as algorithm. It can play out an
assortment of changes to the lexicon words and attempt these. As a default feature the
Ophcrack tool has been bundled with some of the tables which gives the allowance this
for cracking the passwords that are not long more than fourteen characters by utilizing the
alphanumeric characters only.
5. Penetration testing:
There are so many stages in the penetration testing. They are as follows:
Agreement phase: In this phase there is existing a mutual agreement that is between the
parties. It covers huge high level of details as well as methods that are followed.
Planning: In the phase the hacker can gather so many of the information which can be P
addresses, domain details, mail servers, network topology, etc. The next steps for the
penetration testing are scanning, gaining access, exploitation, maintaining access and
lastly collection of evidence and generation of report.
Conclusion:
Thus, it can be concluded that the software john the uses the dictionary attack for
cracking the passwords. This method can take the samples of text string. On the other side
the method that are used by the tool Ophcrack is so much difficult as well as the tool is so
much essential as it works on the rainbow table that is done by the methods that are
Beginning with rendition 2.3, Ophcrack additionally splits NTLM hashes. This is
essential if the age of the LM hash is debilitated (this is default for Windows Vista), or if
the secret phrase is longer than 14 characters.
4. Time for cracking password: The tool John the ripper has taken less time than the tool
Ophcarcker. The tool john the ripper uses different and advanced algorithm than the
others, so as a result it has taken low time for cracking password.
Ease of usage: Encrypting the password in the same format as that password was
examined that also including both the key as well as algorithm. It can play out an
assortment of changes to the lexicon words and attempt these. As a default feature the
Ophcrack tool has been bundled with some of the tables which gives the allowance this
for cracking the passwords that are not long more than fourteen characters by utilizing the
alphanumeric characters only.
5. Penetration testing:
There are so many stages in the penetration testing. They are as follows:
Agreement phase: In this phase there is existing a mutual agreement that is between the
parties. It covers huge high level of details as well as methods that are followed.
Planning: In the phase the hacker can gather so many of the information which can be P
addresses, domain details, mail servers, network topology, etc. The next steps for the
penetration testing are scanning, gaining access, exploitation, maintaining access and
lastly collection of evidence and generation of report.
Conclusion:
Thus, it can be concluded that the software john the uses the dictionary attack for
cracking the passwords. This method can take the samples of text string. On the other side
the method that are used by the tool Ophcrack is so much difficult as well as the tool is so
much essential as it works on the rainbow table that is done by the methods that are
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
4Cyber Security and analysis
related to inventors. The major disadvantage the john the ripper having is it does not has a
GUI.
Bibliography:
[1] "RainbowCrack - Crack Hashes with Rainbow Tables", Project-rainbowcrack.com, 2019.
[Online]. Available: http://project-rainbowcrack.com/. [Accessed: 31- Aug- 2019].
[2] "John the Ripper password cracker", Openwall.com, 2019. [Online]. Available:
https://www.openwall.com/john/. [Accessed: 31- Aug- 2019].
[3] Rodrigues, B., J. Paiva, V. Gomes, C. Morris, and W. Calixto. "Passfault: an open source
tool for measuring password complexity and strength." Orlando, Florida, Mar, 2017.
[4] Valois, Mathieu, Patrick Lacharme, and Jean-Marie Le Bars. "Performance of Password
Guessing Enumerators Under Cracking Conditions." In IFIP International Conference on
ICT Systems Security and Privacy Protection, pp. 67-80, 2019.
[5] Dürmuth, Markus, Fabian Angelstorf, Claude Castelluccia, Daniele Perito, and Abdelberi
Chaabane. "OMEN: Faster password guessing using an ordered markov enumerator."
In International Symposium on Engineering Secure Software and Systems, pp. 119-132,
2015.
[6] Hranický, Radek, Lukáš Zobal, Vojtěch Večeřa, and Petr Matoušek. "Distributed
Password Cracking in a Hybrid Environment." In Proceedings of SPI, pp. 75-90. 2017.
related to inventors. The major disadvantage the john the ripper having is it does not has a
GUI.
Bibliography:
[1] "RainbowCrack - Crack Hashes with Rainbow Tables", Project-rainbowcrack.com, 2019.
[Online]. Available: http://project-rainbowcrack.com/. [Accessed: 31- Aug- 2019].
[2] "John the Ripper password cracker", Openwall.com, 2019. [Online]. Available:
https://www.openwall.com/john/. [Accessed: 31- Aug- 2019].
[3] Rodrigues, B., J. Paiva, V. Gomes, C. Morris, and W. Calixto. "Passfault: an open source
tool for measuring password complexity and strength." Orlando, Florida, Mar, 2017.
[4] Valois, Mathieu, Patrick Lacharme, and Jean-Marie Le Bars. "Performance of Password
Guessing Enumerators Under Cracking Conditions." In IFIP International Conference on
ICT Systems Security and Privacy Protection, pp. 67-80, 2019.
[5] Dürmuth, Markus, Fabian Angelstorf, Claude Castelluccia, Daniele Perito, and Abdelberi
Chaabane. "OMEN: Faster password guessing using an ordered markov enumerator."
In International Symposium on Engineering Secure Software and Systems, pp. 119-132,
2015.
[6] Hranický, Radek, Lukáš Zobal, Vojtěch Večeřa, and Petr Matoušek. "Distributed
Password Cracking in a Hybrid Environment." In Proceedings of SPI, pp. 75-90. 2017.
1 out of 5
Related Documents
![[object Object]](/_next/image/?url=%2F_next%2Fstatic%2Fmedia%2Flogo.6d15ce61.png&w=640&q=75){kind=small}
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.