This report details a penetration testing exercise conducted as part of the NICE Challenge, focusing on password security assessment. The student utilized the Hydra tool, a parallel password cracking utility, to perform brute force attacks on user accounts within a simulated network environment. The process involved using the "rockyou.txt" wordlist to attempt cracking passwords via SSH protocol. The report documents the successful cracking of passwords for two users, identifying them as having weak passwords, and the unsuccessful attempts on others with stronger passwords. The student used Kali Linux and the command 'hydra -l username -P rockyou.txt ssh://172.16.20.60' to perform the attacks. The report concludes by highlighting the importance of strong password policies and the necessity for regular security audits to validate system security. The report also covers the steps taken to complete the NICE Challenge, including deploying the challenge and documenting the process.
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
