Training Abstract
 

Cracking passwords is a critical skill for today's information security professionals. With the increasing amount of sensitive information and systems relying on passwords, protecting against unauthorized access is more important than ever. Whether you are looking to crack passwords to gain access to systems, or auditing systems for weak passwords to make them more secure – you will gain a deeper understanding of what various common hashing algorithms are, and how to effectively crack passwords using those hashing algorithms. By the end of this training, you will have a solid foundation of password cracking techniques and be equipped with the knowledge to use password cracking for offence and defence. We will cover obtaining hashes from common systems, creating powerful wordlists and rules (and why you need them), the tools used to crack hashes and advanced techniques. This training will give you the skills you need to be more effective and have a higher hit rate in the passwords you crack.

​

Outline

​

​(P) Indicates that you will perform practical steps along with the instructor on your own
system

​

Password Cracking Overview

• About Hashes
  o Why do we use hashes?
  o Secure password storage – the right and the wrong way.
  o Common hashing algorithms and how they work.

• Password Cracking Hardware
  o GPU vs CPU
  o Setting up a cracking environment
  o Tools and how to configure them
  o Common pitfalls in choosing your password cracking system

• The Tools
  o Overview of Hashcat
  o Overview of John
  o Other tools.

Obtaining Hashes

• ​Windows AD/Domains
  o Obtaining passwords from domain controllers (assumes compromise)
     - NTLM

• Other Systems and Networks
  o Obtaining passwords on the network
     - NetNTLMv(1/2)
     - DCC
     - Others
  o Obtaining passwords from applications/systems
     - PHPass/Wordpress/Joomla
     - SHA-512 (various salts)
     - Cisco
     - Wi-Fi Hashes (WPA2)
     - PDF Documents
     - MySQL and MSSQL

Password Cracking Techniques

• Brute-Force Attacks – Why, When?

• Rules
  o What are rules
  o Effective use of rules
  o Customizing rules

• Wordlists
  o What makes effective wordlists – Why bigger is not always better
  o Pitfalls in wordlists
  o Wordlist management tools

• Masks
  o What are masks?
  o When to use masks?

• Combining for success
  o Using wordlists with rules
  o Using wordlists with masks
  o Multi-layered attacks with multiple tools
  o Re-using cracked passwords

All About Hashcat

• A history of the tool

• Supported hash types (P)

• Basic functionality (P)

• Advanced functionality (P)

• $[HEX]-what? (P)

• Other tools for advanced attacks

• Using hashcat with all Password Cracking Techniques (P)

• Hashcat Brain – what and why?

*** Hands-on Practice 1*** (P)

• Cracking passwords using what you’ve learnt

• Scoring and explanation of the exercise.

Cracking Passwords in Foreign Languages

• Key concepts of cracking other languages

• Building foreign-language wordlists with online tools
  o Arabic
  o Russian
  o Chinese
  o French
  o Emoji

• Brute-forcing foreign characters

• Pitfalls and key information about cracking other languages

• Generating sentences and passphrases using n-grams (P)

• Training predictive models for effective password phrase wordlists (and passwords)
  (P)

• Creating complex passphrase wordlists using AI (ChatGPT)

Advanced Cracking - Emojis

• Emojis and passwords

• Creating Emoji Wordlists

• Creating Emoji Wordlists using intent (From English)

Less Common (but just as important) Wordlist Sources

• How to build wordlists for:
  o Credit-card numbers
  o Social Security/Passports
  o Domain Names and DNS names

***Hands-On Practical 2*** (P)

• Crack passwords from all hash types and sources we’ve discussed.

• Scoring and analysis of the exercise.

• Creating password strength reports/password audit tools.

Closing Comments

• Closing information

• Final Q&A

​

Who Should Attend

This course is designed to increase your skills in the core concepts of cracking and recovering passwords either once you have obtained hashes through performing attacks on systems, (as a red-teamer, penetration tester etc.) or through an audit of systems by obtaining the hashed passwords using authorised methods (blue-team, auditor or someone assessing passwords from their own systems). Some knowledge of the Linux operating system will be advantageous.

What You Need

​

• A laptop running Windows or Linux (preferred) with an onboard GPU*​

• A laptop running Windows or Linux (preferred) that can SSH to our student labs in

place of using your own onboard GPU.
*Note that running password cracking on an onboard laptop/notebook GPU may cause excessive heat and over-use on the device. If you are concerned about damage, we suggest using our student lab environment.

​

​

Trainer Bios