Book Image

Password Cracking with Kali Linux

By : Daniel W. Dieterle
Book Image

Password Cracking with Kali Linux

By: Daniel W. Dieterle

Overview of this book

Unlock the secrets of Windows password security with "Password Cracking with Kali Linux," your essential guide to navigating password-cracking techniques. This book offers a comprehensive introduction to Windows security fundamentals, arming you with the knowledge and tools for effective ethical hacking. The course begins with a foundational understanding of password security, covering prerequisites, lab setup, and an overview of the journey ahead. You'll explore Kerberoasting, tools like Rubeus, Mimikatz, and various attack methods, providing a solid base for understanding password vulnerabilities. The course focuses on practical applications of password cracking, including wordlist generation using tools like Crunch and Hashcat, and exploring various attack strategies. You'll delve into John the Ripper and Hashcat functionalities, learning to identify hash types and crack complex passwords efficiently. The course wraps up with advanced techniques in Linux password cracking and defense strategies. You'll gain insights into creating leaderboards, achievements, and monetizing games, equipping you with skills to not just crack passwords but also secure systems effectively.

Related Content you might be interested in

Current Title:

Small book image
Password Cracking with Kali Linux
Daniel W. Dieterle
Feb, 2024 | 213 pages
Small book image
Learn Penetration Testing
Rishalin Pillay
May, 2019 | 424 pages
Small book image
Kali Linux Cookbook.
Bob Perciaccante | Corey Schultz
Sep, 2017 | 438 pages
Small book image
Penetration Testing Bootcamp
Jason Beltrame
Jun, 2017 | 258 pages
Table of Contents (15 chapters)
Free Chapter
1
Password Cracking with Kali Linux
Password Cracking with Kali Linux
2
Dedication
Dedication
3
About the Author
About the Author
4
Thank You
Thank You
5
Contents
Contents
6
Chapter 1
Chapter 1
Pre-requisites and Scope
Lab Setup
Ethical Hacking Issues
Disclaimer
What we will Cover in our Journey
7
Chapter 2
Chapter 2
Kerberoasting
Key Components of Kerberoasting
Attacking Kerberos
Kerberos Attack Tools
Rubeus
Kerberoast Toolkit
Mimikatz
Mimikatz Pass the Hash Attacks
8
Chapter 3
Chapter 3
Password Risks and Attacks
Wordlists
Commonly Used Wordlists
Wordlists for Directory Path or Server Brute Forcing
Wordlists Included with Kali
Wordlist Generator Tools
CeWL
Crunch
Crunch - Using the Charset.lst File
Crunch: Creating Unicode Wordlists
Crunch - Creating More Advanced Wordlists
WARNING: This can Fill a Hard Drive Fast – Ye Have Been Warned
Hashcat - Creating Wordlists with Hashcat
Hashcat Utils
Hashcat Keymap Walking Password Wordlists
Introduction
Installing KwProcessor (kwp)
Keymaps and Routes
Creating a KWP Wordlist
Foreign Language Keywalks
Wordlist Wrap-up
9
Chapter 4
Chapter 4
Not sure what Kind of Hash you have?
Cracking Simple LM Hashes
Cracking LM/ NTLM Password Hashes Online
10
Chapter 5
Chapter 5
Introduction to Password Cracking Tools
John the Ripper
John the Ripper Overview
John the Ripper in Action
11
Chapter 6
Chapter 6
Hashcat Attack Types
Single Wordlist
Single Wordlist with Rules
Combining Two Wordlists
Masks, Brute Force and Hybrid Attacks
Masks
Basic Brute Force Attacks
Hybrid Attacks – Wordlists and Brute Force Together
Cracking NTLM passwords
Cracking harder passwords
Using a Larger Dictionary File
12
Chapter 7
Chapter 7
Rules and Mask Files
Prince Processor Attack
Password Cracking - Patterns
Using Cracked Passwords to Crack New Passwords
PACK - Password Analysis and Cracking Kit
13
Chapter 8
Chapter 8
Obtaining Linux Passwords
Automating Password Attacks with Hydra
Automating Password Attacks with Medusa
Automating Password Attacks with Ncrack
14
Chapter 9
Chapter 9
Utilman Login Bypass
Recovering Passwords from a Locked Workstation
Keyscan, Lockout Keylogger, and Step Recorder
Keylogging with Metasploit
15
Chapter 10
Chapter 10
Regularly Rotate Service Account Passwords
Implement Strong Password Policies
Use Managed Service Accounts (MSAs) or Group Managed Service Accounts (gMSAs)
Limit Service Account Privileges
Monitor for Unusual Activity
Implement Kerberos Armoring
Enable Kerberos Ticket Lifetime Policies
Monitor and Protect the KRBTGT Account
Implement Credential Guard
Use Extended Protection for Authentication
Regularly Update and Patch Systems
Educate Users and Administrators
Consider Network Segmentation
Bonus Chapter
Install VMware Player & Kali Linux
Kali Linux - Setting the IP address
Kali Linux - Updating
Installing Metasploitable 2
Metasploitable 2 - Setting the IP Address
Windows 11 - Installing as a Virtual Machine
Optional VMs
OWASP Mutillidae 2
Installing Mutillidae on Ubuntu
Damn Vulnerable Web Application (DVWA)
Installing DVWA
Chapter 9
Utilman & Keylogging - Other Password Recovery Options
We have looked at several ways to grab passwords and crack them. In this bonus chapter I just wanted to cover some other possible ways that you could recover passwords from a system. This chapter isn’t really about password cracking, just some interesting ways that I have used to pull passwords or bypassed passwords in the past. If it is too technical, just read along or jump ahead to the next one, some of the techniques are very interesting. We will see how you could grab passwords or access systems during physical attacks, an attack where the security tester has physical access to a system. Then look at a couple more “untraditional” ways to recover passwords from a system. For ages the security field mantra has been, if you have physical access, you have total access. And in many cases, this is true. I performed onsite server and workstation support throughout upstate New York and Northern Pennsylvania...
Previous Section
End of Section 1
Next Section