Book Image

Password Cracking with Kali Linux

By : Daniel W. Dieterle
Book Image

Password Cracking with Kali Linux

By: Daniel W. Dieterle

Overview of this book

Unlock the secrets of Windows password security with "Password Cracking with Kali Linux," your essential guide to navigating password-cracking techniques. This book offers a comprehensive introduction to Windows security fundamentals, arming you with the knowledge and tools for effective ethical hacking. The course begins with a foundational understanding of password security, covering prerequisites, lab setup, and an overview of the journey ahead. You'll explore Kerberoasting, tools like Rubeus, Mimikatz, and various attack methods, providing a solid base for understanding password vulnerabilities. The course focuses on practical applications of password cracking, including wordlist generation using tools like Crunch and Hashcat, and exploring various attack strategies. You'll delve into John the Ripper and Hashcat functionalities, learning to identify hash types and crack complex passwords efficiently. The course wraps up with advanced techniques in Linux password cracking and defense strategies. You'll gain insights into creating leaderboards, achievements, and monetizing games, equipping you with skills to not just crack passwords but also secure systems effectively.

Related Content you might be interested in

Current Title:

Small book image
Password Cracking with Kali Linux
Daniel W. Dieterle
Feb, 2024 | 213 pages
Small book image
Learn Penetration Testing
Rishalin Pillay
May, 2019 | 424 pages
Small book image
Kali Linux Cookbook.
Bob Perciaccante | Corey Schultz
Sep, 2017 | 438 pages
Small book image
Penetration Testing Bootcamp
Jason Beltrame
Jun, 2017 | 258 pages
Table of Contents (15 chapters)
Free Chapter
1
Password Cracking with Kali Linux
Password Cracking with Kali Linux
2
Dedication
Dedication
3
About the Author
About the Author
4
Thank You
Thank You
5
Contents
Contents
6
Chapter 1
Chapter 1
Pre-requisites and Scope
Lab Setup
Ethical Hacking Issues
Disclaimer
What we will Cover in our Journey
7
Chapter 2
Chapter 2
Kerberoasting
Key Components of Kerberoasting
Attacking Kerberos
Kerberos Attack Tools
Rubeus
Kerberoast Toolkit
Mimikatz
Mimikatz Pass the Hash Attacks
8
Chapter 3
Chapter 3
Password Risks and Attacks
Wordlists
Commonly Used Wordlists
Wordlists for Directory Path or Server Brute Forcing
Wordlists Included with Kali
Wordlist Generator Tools
CeWL
Crunch
Crunch - Using the Charset.lst File
Crunch: Creating Unicode Wordlists
Crunch - Creating More Advanced Wordlists
WARNING: This can Fill a Hard Drive Fast – Ye Have Been Warned
Hashcat - Creating Wordlists with Hashcat
Hashcat Utils
Hashcat Keymap Walking Password Wordlists
Introduction
Installing KwProcessor (kwp)
Keymaps and Routes
Creating a KWP Wordlist
Foreign Language Keywalks
Wordlist Wrap-up
9
Chapter 4
Chapter 4
Not sure what Kind of Hash you have?
Cracking Simple LM Hashes
Cracking LM/ NTLM Password Hashes Online
10
Chapter 5
Chapter 5
Introduction to Password Cracking Tools
John the Ripper
John the Ripper Overview
John the Ripper in Action
11
Chapter 6
Chapter 6
Hashcat Attack Types
Single Wordlist
Single Wordlist with Rules
Combining Two Wordlists
Masks, Brute Force and Hybrid Attacks
Masks
Basic Brute Force Attacks
Hybrid Attacks – Wordlists and Brute Force Together
Cracking NTLM passwords
Cracking harder passwords
Using a Larger Dictionary File
12
Chapter 7
Chapter 7
Rules and Mask Files
Prince Processor Attack
Password Cracking - Patterns
Using Cracked Passwords to Crack New Passwords
PACK - Password Analysis and Cracking Kit
13
Chapter 8
Chapter 8
Obtaining Linux Passwords
Automating Password Attacks with Hydra
Automating Password Attacks with Medusa
Automating Password Attacks with Ncrack
14
Chapter 9
Chapter 9
Utilman Login Bypass
Recovering Passwords from a Locked Workstation
Keyscan, Lockout Keylogger, and Step Recorder
Keylogging with Metasploit
15
Chapter 10
Chapter 10
Regularly Rotate Service Account Passwords
Implement Strong Password Policies
Use Managed Service Accounts (MSAs) or Group Managed Service Accounts (gMSAs)
Limit Service Account Privileges
Monitor for Unusual Activity
Implement Kerberos Armoring
Enable Kerberos Ticket Lifetime Policies
Monitor and Protect the KRBTGT Account
Implement Credential Guard
Use Extended Protection for Authentication
Regularly Update and Patch Systems
Educate Users and Administrators
Consider Network Segmentation
Bonus Chapter
Install VMware Player & Kali Linux
Kali Linux - Setting the IP address
Kali Linux - Updating
Installing Metasploitable 2
Metasploitable 2 - Setting the IP Address
Windows 11 - Installing as a Virtual Machine
Optional VMs
OWASP Mutillidae 2
Installing Mutillidae on Ubuntu
Damn Vulnerable Web Application (DVWA)
Installing DVWA
Wordlists
You are a Pentester or a Red Team member in an active security assessment. You have recovered password hashes, but can’t pass them, or, use them as-is to gain further access. What are you to do? Crack them! Wordlists are very important when trying to crack passwords. Cracking programs can take a text file filled with words, also known as a wordlist or dictionary file, and use it to crack passwords. They literally take a word from the wordlist, encrypt it and compare it with the encrypted password hash. If it doesn’t match, it moves on to the next password. Most cracking programs use the wordlist directly word for word, while more advanced ones can also use the wordlist (or multiple wordlists) and manipulate them to create many new combinations of passwords to try. For example, some can take all the words in the wordlist and attach letters or numbers to the beginning or end of the word, or take two or more wordlist files and combine the words from both to make a...
Previous Section
End of Section 3
Next Section