1. We have moved from vBulletin to XenForo and you are viewing the site in the middle of the move. Though the functional aspect of everything is working fine, we are still working on other changes including the new design on Xenforo.
    Dismiss Notice

Password Information

Discussion in 'Ethical hacking Tips' started by GreenGrass, Jul 17, 2008.

  1. GreenGrass

    GreenGrass New Member

    Joined:
    Jul 5, 2008
    Messages:
    123
    Likes Received:
    8
    Trophy Points:
    0
    Location:
    Norway
    What is a Password?

    Password is a secret code to a user so the owner of the account choose this will say that its only the user of the account so have access to the information the account have. Everything today nearly have a password. Password is like a key to get access to something.

    Lets take an etc. On the Windows XP computer the password for the users are getting saved in a file named "SAM". This file can you find in C:\WINDOWS\System32\Config Everything in this file is encrypted so no one can read it. "SAM" stands for "Security Account Manager" All windows account passwords is saved in LH Hash.

    Cracking Attack:

    Today we have tools so are guessing the passwords to the user. They will try out many combinations that the password may be. One of the attack types is "Brute Force Attack" and there also is a Dictionary Based cracking. So what is the different?

    Dictionary Based Cracking:

    This will say that it is a cracking tool so are trying to crack the account from a list.This list have with typed down combinations it can be. This attack is the fastest way to crack but it's isn't the best way. It have a low cracking Success. This will say it haven't so big success with finding the right password.

    Brute Force Cracking:

    This is a program so trying every Combination so is Possible. But this kinda cracking attack is taking much more time than the Dictionary cracking attack. But Brute Force attack have a much bigger chance to get the right password.

    Many people today are also making the password to simple that you can just guess it. Just with a bit research about the user you may just guess it. But that takes some kinda luck too :p This is why its very important that you choose a strong password. One more thing to remember never type down your password in a document on your computer. This can hackers get easy access to.

    How to set up a strong Password?

    Well for say it simple a strong password must be from 8 - 16 characters long. You should have lowcase, bigcase, numbers and symbols. This password isn't Simple to get so only success crack attack can be a "Brute Force Attack" and also it will take a really long time to get it successfully cracking attack. If you are having Problem with remember the password you may type it down on a paper so you have at home in a Safe Place.
     
    Last edited: Jul 17, 2008
  2. XXxxImmortalxxXX

    XXxxImmortalxxXX New Member

    Joined:
    Jun 27, 2007
    Messages:
    569
    Likes Received:
    18
    Trophy Points:
    0
  3. coderzone

    coderzone Super Moderator

    Joined:
    Jul 25, 2004
    Messages:
    734
    Likes Received:
    37
    Trophy Points:
    0
    Nice one.
     
  4. BSTU.UOK

    BSTU.UOK New Member

    Joined:
    May 22, 2008
    Messages:
    10
    Likes Received:
    1
    Trophy Points:
    0
    Occupation:
    IT undergraduate
    Location:
    Syrian Arab republic
    so nice thx......
     
  5. GreenGrass

    GreenGrass New Member

    Joined:
    Jul 5, 2008
    Messages:
    123
    Likes Received:
    8
    Trophy Points:
    0
    Location:
    Norway
    Thanks guys..
     
  6. faizulhaque

    faizulhaque New Member

    Joined:
    May 23, 2008
    Messages:
    213
    Likes Received:
    3
    Trophy Points:
    0
    Occupation:
    Student
    Location:
    Karachi
    Home Page:
    is there any way to read the SAM files.
     
  7. XXxxImmortalxxXX

    XXxxImmortalxxXX New Member

    Joined:
    Jun 27, 2007
    Messages:
    569
    Likes Received:
    18
    Trophy Points:
    0
    For legality purposes im thinking your wanting to do this for a penetration test so with that being said download Passwordpro2


    or you can use

    CA

    or

    JTR
     
  8. faizulhaque

    faizulhaque New Member

    Joined:
    May 23, 2008
    Messages:
    213
    Likes Received:
    3
    Trophy Points:
    0
    Occupation:
    Student
    Location:
    Karachi
    Home Page:
    Thanks Immortal i found passwordpro2 CA and JTR but dude it's has trojan on would u give me virus free link. or refer any site
     
  9. XXxxImmortalxxXX

    XXxxImmortalxxXX New Member

    Joined:
    Jun 27, 2007
    Messages:
    569
    Likes Received:
    18
    Trophy Points:
    0
  10. GreenGrass

    GreenGrass New Member

    Joined:
    Jul 5, 2008
    Messages:
    123
    Likes Received:
    8
    Trophy Points:
    0
    Location:
    Norway
    Cain And Abel have a Trojan Horse but its normaly for thos kinda programs so no worrie. :)
     
  11. XXxxImmortalxxXX

    XXxxImmortalxxXX New Member

    Joined:
    Jun 27, 2007
    Messages:
    569
    Likes Received:
    18
    Trophy Points:
    0
    yeah those programs are considered a hacking tool and other stuff and anti viruses will pick it up as a threat but no worries nothing will happen to u or ur pc
     
  12. Bhullarz

    Bhullarz New Member

    Joined:
    Nov 15, 2006
    Messages:
    253
    Likes Received:
    13
    Trophy Points:
    0
    Occupation:
    System Manager
    Home Page:
    SAMInside is good program to read SAM files and it is not detected as any harm to pc by any anti-virus. I tested it with NOD32, kaspersky and AVIRA.
     
  13. mye01

    mye01 New Member

    Joined:
    Jul 31, 2008
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    0

    hey..thanks for this very useful and informative post..i really appreciate you people sharing good stuff like this..thanks a lot!!
     

Share This Page