Chapter 4
Determining Hash Type & Cracking Simple Passwords
Computer operating systems and applications normally store passwords in an encrypted form called a password hash. The hash is a cryptographic representation of the actual password. Therefore, the hash will need be to be unencrypted or cracked to find the true password. Surprisingly, some services store or transmit passwords in plain text! But during most security tests, when you recover a user’s password it will be in the encrypted hash form.
There are many different types of encryption used when creating hashes. In this chapter we will first talk about determining what type of hash you may have recovered. Then we will talk about the simple (and outdated) Microsoft LM password hash and see how these can be cracked online. We will cover password cracking with cracking tools in greater depth in the following chapters.