Password cracking Junior - 1 days
Description
Passwords still constitute an essential component of information system security today. During intrusions, different types of password hashes are recovered and being able to break them in a short time can prove decisive.
This training aims at presenting the techniques and tools for breaking password hashes as quickly as possible. A history of password storage developments will also be presented, to highlight bad examples and mistakes made in popular projects.
-
1 day (6 hours)
-
Password cracking optimization techniques
-
Datasets provided
Public and prerequisites
This training is suitable for people having no prior knowledge of password cracking. It is mainly aimed at pentesters, system administrators, and developers.
-
Pentesters
-
System administrators
-
Developers
Content
Password storage and generation theory: storage type, hash functions, function attacks, candidate generation, computational technologies. History of algorithms. Series of practical exercises: identification of algorithms in source code, getting started with John the Ripper (candidate generation modes, development of derivation rules and candidate filters based on a password policy, dynamic formats, implementation or modification of a native format), getting started with Hashcat (advanced candidate generation with prince combination, siga genetic mutations and rule generation).