Cyber Security and Analysis

Verified

Added on 2022/12/27

AI Summary

This document provides an overview of cyber security and analysis, focusing on tools like John the ripper and Ophcrack. It explains their features, provides a demonstration of their usage, and discusses the time and ease of access. The document also explores different methods of penetration testing and emphasizes the importance of strong passwords for security.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

Running head: CYBER SECURITY AND ANALYSIS
CYBER SECURITY AND ANALYSIS
Name of the Student
Name of the University
Author Note

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

CYBER SECURITY AND ANALYSIS 1
Download and Install:
For the task two of the tools has been chosen they are Ophcrack and John the ripper,
and ubuntu has been used as the platform.
Outline:
John the ripper:
This is the main purpose is for detecting the Unix passwords that are weak. Besides
various crypt passwords, the hash type of the passwords the commonly most type that can be
found on different Linux based systems. It is supported out of the boxes are the LM hashed
that are related to the windows. In addition, lot of other ciphers as well as hashes in the
enhanced version of the community. John the ripper is basically an open source software that
is free. The tool is mainly in the form of source code.
Ophcrack:
Ophcrack is an open source program that is free. It has the ability to log in with the
passwords of the windows by using LM hashes through tables known as rainbow. The tool
consists of the capability of importing the hashes from different types of format such as
dumping from the SAM files in the OS. On most of the computers, ophcrack is having the
ability to crack most of the passwords within a minute. The rainbow tables for the LM hashes
are given for free through the developers. Ophcrack is given with the tables by default which
allows the ophcrack for cracking the passwords that are not more than 14 characters. The
ophcrack is available for free download are the four tables of windows XP and tables of
windows Vista.

2CYBER SECURITY AND ANALYSIS
Demonstration:
John the ripper:
For cracking the passwords to be recovered, the clients are required to provide the
tool the required files which are needed to crack the passcodes. For cracking the passwords
some of commands are required, they are given below step by step:
Step 1: john passwd
Step 2: john --wordlist=password.lst --rules passwd
Step 3: john --show passwd
Step 4: john –restore.
Ophcrack:
The process that is followed by this tool for cracking the difficult passcode is the live
cd method. At first the tool carried out on a different computer as well as the internet
connection is needed there. After completing this step, the very next step is, the user has to
download the exact version of the live-cd that is related to the ophcrack tool. After finishing
this step, the very next step that is needed to be followed is to burn a cd with an iso file, or in
an usb drive. For this procedure one of the ISO burning tool is needed. After completing this
step, the very next step that is followed by the software is, it removes the media which is
bootable from another pc as well as that is required to be inserted into one of the machines.
At the last different account will occur with password, then the user has to find the correct
one.
Time and ease of access:
To crack or break the passcodes, the tool john the ripper takes less time than the tool
Ophcarcker. The reason behind this is, the tool, john the ripper is having more advanced

3CYBER SECURITY AND ANALYSIS
features and techniques than the other tools. Presently, the tool is available for all of the OS
and platforms such as macOS, windows, Unix, dos, BeOS as well as for the open vms too.
One the other side the tool Ophcarcker is actually one of the utilities which is so much
versatile as well the it offers two several ways for cracking the passcodes. Primarily the tool
is uses for macOS, windows XP, Linux. However, the clients are using this tool on the
operating systems that are latest. The features that are associated with the ophcrack tool is as
per following:
 Runs on Windows, Linux/Unix, Mac OS X.
 Cracks LM as well as NTLM hashes.
 Free tables available for Windows XP as well as Vista/7.
 Brute force module for the simple passwords.
 Audit mode as well as CSV export.
 Real-time graphs for analyse the passwords.
 Live CD available for simplify the cracking.
 Dumps as well as loads hashes from the SAM that are encrypted as well as recovered
from a Windows partition.
 Free as well as open source software (GPL).
Penetration testing:
There are various methods that are associated with the penetration testing. They are as
per following:
 Black Box, Gray Box, and White Box
 Internal and External Penetration test

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

4CYBER SECURITY AND ANALYSIS
 In-house and Third party Penetration test
 Blind and Double-Blind Penetration test.
The penetration testing, which is also known as the ethical hacking or pen testing. This is
a practice of the testing of a pc, web or network based application for finding the
vulnerabilities of the security. The major objective of the penetration testing is for
identifying the weaknesses of the security. The phases of the penetration testing are as
follows:
 Agreement phase
 Planning and reconnaissance
 Scanning
 Gaining Access
 Maintaining access
 Exploitation
 Evidence collection and report generation.
Thus, it can be stated that a pen test might also highlight the weakness of the security of
an organisation. As an example, it can be said that the security policies can not include a
procedure that it can expel a hacker.
Conclusion:
Thus, it can be concluded from the entire report that the password is one of the
common weakness to the security for the businesses as well as for the users. The both tools
are consisted of the capability to import the hashes from different types of formats such as
dumping from the SAM files in the windows. On most of the computers, ophcrack can crack
most of the passwords within a minute. Apps like email or the accounting software can store
the files locally. However, there are some procedures that can mitigate the risks. They are

5CYBER SECURITY AND ANALYSIS
creating lengthy passwords, using a combination of the upper as well as lowercase, using of
the special characters throughout the password, for the purpose of businesses create strong
passcode policies for the employees to follow, staying up-to-date with techniques of social
engineering, do not use the similar password across several security points, do not store the
passwords in a location that is not secured.

6CYBER SECURITY AND ANALYSIS
References:
[1] 1.9.0, John. 2019. "John The Ripper". Techspot. Accessed September 2 2019.
https://www.techspot.com/downloads/6970-john-the-ripper.html.
[2] "Ophcrack". 2019. Ophcrack.Sourceforge.Net. Accessed September 2 2019.
http://ophcrack.sourceforge.net/download.php?type=livecd.
[3] Hranický, Radek, Lukáš Zobal, Vojtěch Večeřa, and Petr Matoušek. "Distributed
Password Cracking in a Hybrid Environment." In Proceedings of SPI, pp. 75-90, 2017.
[4] Ji, Shouling, Shukun Yang, Ting Wang, Changchang Liu, Wei-Han Lee, and Raheem
Beyah. "Pars: A uniform and open-source password analysis and research system."
In Proceedings of the 31st Annual Computer Security Applications Conference, pp. 321-
330, 2015.

1 out of 7

Cyber Security and Analysis

Contribute Materials

Secure Best Marks with AI Grader

Secure Best Marks with AI Grader

Related Documents

Analysis on Cyber Security 2022

Installing Ophcrack and John the Ripper for Password Cracking

Cyber Security and Analytics

Cyber Security and Analysis

Password Cracking Tools: Cain & Abel and Ophcrack

Evaluation of Password Cracking Tools: John the Ripper and Rainbow Crack

+13062052269

info@desklib.com