Learning Center
Plans & pricing Sign in
Sign Out
Get this document free

Password Cracking


									     Dictionary Attack
  Introduction
  Attack Types
          Guessing ,dictionary ,and brute force attack
  Dictionary Attack
  Dictionary Attack Vs Brute Force Technique
  Types of Dictionary Attacks
  Situations When it is Applied
  Password Cracking process
  Tools used
        Crack
        John The Ripper
  Countering Dictionary Attack

Password cracking is the process of recovering passwords from data that has been stored
in or transmitted by a computer system. A common approach is to repeatedly try guesses
for the password. The purpose of password cracking might be to help a user recover a
forgotten password (though installing an entirely new password is less of a security risk,
but involves system administration privileges), to gain unauthorized access to a system,
or as a preventive measure by system administrators to check for easily crackable
passwords. On a file-by file basis, password cracking is utilized to gain access to digital
evidence for which a judge has allowed access but the particular file's access is restricted.

Passwords to access computer systems are usually stored in a database so that the system
can perform password verification when a user attempts to log in or access a restricted
resource. To preserve confidentiality of system passwords, the password verification data
is typically not stored in cleartext form, but instead a one-way function is applied to the
password, possibly in combination with other data, and the resulting value is stored.
When a user later attempts to authenticate by entering the password, the same function is
applied to the entered value and the result is compared with the stored value. If they
match, there is an extremely high probability that the entered password was correct. For
simplicity in this discussion, we will refer to the one way function employed (which may
be either an encryption function or cryptographic hash) as a hash and its output as
a hashed password.

Even though functions that create hashed passwords may be cryptographically secure,
possession of the hashed password provides a quick way to test guesses for the password
by applying the one-way function to each guess, and comparing the result to the
verification data. The most commonly used hash functions can be computed rapidly and
the attacker can test guesses repeatedly with different guesses until one succeeds,
meaning that the plaintext password has been recovered.

The term password cracking generally refers to recovery of one or more plaintext
passwords from hashed passwords, but there are also many other ways of obtaining
passwords illicitly. Without the hashed version of a password, the attacker can still
attempt access to the computer system in question with guessed passwords. But well-
designed systems limit the number of failed access attempts and can alert administrators
to trace the source of the attack if that quota is exceeded. If he has the hashed password,
the attacker can work undetected, and if the attacker has obtained several hashed
passwords, the chance of cracking at least one is quite high.

Other ways to obtain passwords include social engineering, wiretapping, keystroke
logging, login     spoofing, dumpster        diving, phishing, shoulder      surfing, timing
attack, acoustic cryptanalysis, using a Trojan Horse or virus, identity management system
attacks (such as abuse of Self-service password reset) and compromising host security
(see password for details). While those methods are not considered "password cracking"
they are very popular among criminals (notably phishing) and remain very effective.
They are often considered as the main vulnerability in password authentification systems.

Common methods for verifying users over a computer network often expose the hashed
password. For example, use of a hash-based challenge-response authentication method
for password verification may provide a hashed password to a network eavesdropper,
who can then crack the password. A number of stronger cryptographic protocols exist
that do not expose hashed passwords during verification over a network, either by
protecting them in transmission using a high-grade key, or by using a zero-knowledge
password proof.

One of the modes We can use is the dictionary attack. It takes text string samples (usually
from a file, called a wordlist, containing words found in a dictionary), encrypting it in the
same format as the password being examined (including both the encryption algorithm
and key), and comparing the output to the encrypted string. It can also perform a variety
of alterations to the dictionary words and try these. Many of these alterations are also
used in John's single attack mode, which modifies an associated plaintext (such as a
username with an encrypted password) and checks the variations against the encrypted
We offers a brute force mode. In this type of attack, the program goes through all the
possible plaintexts, hashing each one and comparing it to the input hash. John uses
character frequency tables to try plaintexts containing more frequently-used characters
first. This method is useful for cracking passwords which do not appear in dictionary
wordlists, but it does take a long time to run.
Guessing, dictionary and brute force attacks
The distinction between guessing, dictionary and brute force attacks is not strict. They are
similar in that an attacker goes through a list of candidate passwords one by one; the list
may be explicitly enumerated or implicitly defined, can incorporate knowledge about the
victim, and can be linguistically derived. Each of the three approaches, particularly
'dictionary attack', is frequently used as an umbrella term to denote all the three attacks
and the spectrum of attacks encompassed by them.

Passwords can sometimes be guessed by humans with knowledge of the user's personal
information. Examples of guessable passwords include:

       blank (none)
       the words "password", "passcode", "admin" and their derivatives
       a row of letters from the qwerty keyboard -- qwerty itself, asdf, or qwertyuiop)
       the user's name or login name
       the name of their significant other, a friend, relative or pet
       their birthplace or date of birth, or a friend's, or a relative's
       their automobile license plate number, or a friend's, or a relative's
       their office number, residence number or most commonly, their mobile number.
       a name of a celebrity they like
       a simple modification of one of the preceding, such as suffixing a digit,
    particularly 1, or reversing the order of the letters.
       a swear word
       and so, extensively, on

Personal data about individuals are now available from various sources, many on-line,
and can often be obtained by someone using social engineering techniques, such as
posing as an opinion surveyor or a security control checker. Attackers who know the user
may have information as well. For example, if a user chooses the password "YaleLaw78"
because he graduated from Yale Law School in 1978, a disgruntled business partner
might be able to guess the password.

Guessing is particularly effective with systems that employ self-service password reset.
For example, in September 2008, the Yahoo e-mail account of Governor of
Alaska and Vice President of the United States nominee Sarah Palin was accessed
without authorization by someone who was able to research answers to two of her
security questions, her zip code and date of birth and was able to guess the third, where
she met her husband.
Dictionary attack
In cryptanalysis and computer security, a dictionary attack is a technique for defeating
a cipher or authentication mechanism by trying to determine its decryption key or
passphrase by searching likely possibilities.
A dictionary attack uses a brute-force technique of successively trying all the words in an
exhaustive list (from a pre-arranged list of values). In contrast with a normal brute force
attack, where a large proportion key space is searched systematically, a dictionary attack
tries only those possibilities which are most likely to succeed, typically derived from a
list of words in a dictionary. Generally, dictionary attacks succeed because many people
have a tendency to choose passwords which are short (7 characters or fewer), single
words found in dictionaries or simple, easily-predicted variations on words, such as
appending a digit.
Users often choose weak passwords. Examples of insecure choices include the above list,
plus single words found in dictionaries, given and family names, any too short password
(usually thought to be 6 or 7 characters or less), or any password meeting a too restrictive
and so predictable, pattern (eg, alternating vowels and consonants). Repeated research
over some 40 years has demonstrated that around 40% of user-chosen passwords are
readily guessable by sophisticated cracking programs armed with dictionaries and,
perhaps, the user's personal information.
In one survey of MySpace passwords obtained by phishing, 3.8 percent of those
passwords were a single word findable in a dictionary, and another 12 percent were a
word plus a final digit; two-thirds of the time that digit was 1.
Some users neglect to change the default password that came with their computer system
account. And some administrators neglect to change default account passwords provided
by the operating system vendor or hardware supplier. An infamous example is the use of
FieldService as a user name with Guest as the password. If not changed at system
configuration time, anyone familiar with such systems will have 'cracked' an important
password; such service accounts often have higher access privileges than do a normal
user accounts. Lists of default passwords are available on the Internet. Gary McKinnon,
accused by the United States of perpetrating the "biggest military computer hack of all
time", has claimed that he was able to get into the military's networks simply by using
a Perl script that searched for blank passwords; in other words his report suggests that
there were computers on these networks with no passwords at all.
Cracking programs exist which accept personal information about the user being attacked
and generate common variations for passwords suggested by that information.
A last resort is to try every possible password, known as a brute force attack. In theory, if
there is no limit to the number of attempts, a brute force attack will always be successful
since the rules for acceptable passwords must be publicly known; but as the length of the
password increases, so does the number of possible passwords. This method is unlikely to
be practical unless the password is relatively short, however techniques using parallel
processing can reduce the time to find the password in inverse proportion to the number
of compute devices (CPUs) in use. This depends heavily on whether the prospective
attacker has access to the hash of the password as well as the hashing algorithm, in which
case the attack is called an offline attack (it can be done without connection to the
protected resource) or not, in which case it is called an online attack. Offline attack is
generally much easier, because testing a password is reduced to a mathematical
computation of the hash of the password to be tried and comparison with the hash of the
real password. In an online attack the attacker has to try to authenticate himself with all
the possible passwords, and rules and delays can be imposed by the system and the
attempts can be logged.

A common password length recommendation is eight or more randomly chosen
characters combining letters, numbers, and special characters (punctuation, etc). This
recommendation makes sense for systems using stronger password hashing mechanisms
such as md5-crypt and the Blowfish-based bcrypt, but is inappropriate for many
Microsoft Windows systems because they store a legacy LAN Manager hash which splits
the password into two seven character halves. On these systems, an eight character
password is converted into a seven character password and a one character password. For
better security, LAN Manager password storage should be disabled if it will not break
supported legacy systems. Systems which limit passwords to numeric characters only, or
upper case only, or generally those which limit the range of possible password character
choices, also make brute force attacks easier. Using longer passwords in these cases (if
possible) can compensate for the limited allowable character set. Of course, even with an
adequate range of character choice, users who limit themselves to an obvious subset of
the available characters (e.g., use only upper case alphabetic characters, or only digits)
make brute force attacks against their accounts much easier.

Generic brute-force search techniques       are often successful,        but smart brute-force
techniques, which exploit knowledge about how people tend to choose passwords, pose
an even greater threat. NIST SP 800-63 (2) provides further discussion of password
quality, and suggests, for example, that an 8 character user-chosen password may provide
somewhere between 18 and 30 bits of entropy (randomness), depending on how it is
chosen. For example 24 binary digits of randomness is equivalent to 3 randomly chosen
bytes, or approximately 5 random characters if they are restricted to upper case alphabetic
characters, or 2 words selected from a 4000 word vocabulary. This amount of entropy is
far less than what is generally considered safe for an encryption key.

How small is too small for offline attacks thus depends partly on an attacker's ingenuity
and resources (e.g. available time and computing power). The second of these will
increase as computers get faster. Most commonly used hashes can be implemented using
specialized hardware, allowing faster attacks. Large numbers of computers can be
harnessed in parallel, each trying a separate portion of the search space. Unused
overnight and weekend time on office computers can also be used for this purpose.


       In cryptanalysis, a brute force attack is a method of defeating a cryptographic
scheme by systematically trying a large number of possibilities; for example, a large
number of the possible keys in a key space in order to decrypt a message. In most
schemes, the theoretical possibility of a brute force attack is recognized, but it is set up in
such a way that it would be computationally infeasible, but a dictionary attack tries only
those possibilities which are most likely to succeed, typically derived from a list of words
in a dictionary.

    If the dictionary attack tool and encrypted file are on the same
       location then it is called to be offline dictionary attack.
    If the dictionary attack tool and encrypted file are on different
       locations and some kind of a client-server architecture is formed then
       it is called as online dictionary attack.

Situations When It Is Applied
Dictionary attacks may be applied in two main situations:
    In cryptanalysis, in trying to determine the decryption key for a given piece of
       cipher text.
    In computer security, in trying to circumvent an authentication mechanism for
       accessing a computer system by guessing passwords.

In the latter case, the effect of a dictionary attack can be greatly reduced by limiting the
number of authentication attempts that can be performed in a given time and blocking
further attempts after a threshold of failed authentication attempts is reached. Generally,
six attempts is considered sufficient to cope with mistakes made by legitimate users.
Beyond that, one can safely assume that the user is a malicious attacker.
Note, though, that limiting authentication attempts does not prevent a "low and slow"
attack, where the attacker tries a small number of passwords on each account. This attack
gets the same number of compromised accounts per attempt as a concentrated attack on a
single account would and so is suitable when the attacker does not care which accounts
he compromises. Similarly, an attacker can instead create a denial-of-service attack by
attempting to log in on each account a sufficient number of times that the account gets
locked out (note that he would not do this for a low and slow attack to avoid detection).
However, many systems store a hashed version of the password and make it available
under certain circumstances, such as a challenge-response authentication exchange
between two parties. If an attacker can obtain the hashed password, they can test guessed
passwords rapidly, often at a rate of tens or hundreds of millions of guesses per second.
The rate of guessing can be sharply reduced by using a key derivation function that is
computationally intensive, such as PBKDF2. Since users often choose easily guessed
passwords, this has historically succeeded more than two times out of ten when a
reasonably large list is used. Lists of commonly selected passwords are widely available
on the Internet as are dictionaries for most human languages (even those no longer used),
meaning the use of foreign words has limited value in preventing dictionary attacks.
Spammers often use a form of dictionary attack, sometimes known as a Directory Harvest
Attack, for e-mail address harvesting. For example, a spammer may try sending messages
to,,, etc. Any addresses
to which messages are delivered, as opposed to being bounced back, can be added to the
spammer's list of known-valid addresses.
Clifford Stoll's book, The Cuckoo's Egg, contains an account of a dictionary attack
against the encrypted passwords kept in the passwd file on Unix systems, and of the
reaction to the successful attack by the man (Robert Morris) who invented the one-way
encryption system used for login passwords.
1. Randomly chosen              Password:
                               WmZw4yca2Ak             3. The encrypted
words or text are
                                                       password is
drawn from a
                                                       compared to the
dictionary file
                                                       encrypted guesses
                                                       until a match is
          applaud                      K1Adasd53fdgk
                     Encryption        7fg3Rg6SEv
          apple                        WmZw4yca2A
                     2. The text is


The 2 most common tools used for dictionary attacks are:


Crack is a Unix password cracking program designed to allow system administrators to
locate users who may have weak passwords vulnerable to a dictionary attack.
Crack began in 1990 when Alec Muffett, a Unix system administrator at the University of
WalesAberystwyth was trying to improve Dan Farmer's 'pwc' cracker in COPS and found
that by re-engineering its memory management he got a noticeable performance increase.
This led to a total rewrite which became "Crack v2.0" and further development to
improve usability.

      $ Crack passwd
       Crack 5.0a: The Password Cracker.
       (c) Alec Muffet, 1991, 1992, 1993, 1994,1995, 1996
       System: Linux 2.0.36 …
       Crack: The dictionaries seem up to date…
       Crack: Sorting out and merging feedback, please be patient…
       Crack: launching: cracker –kill run/system.11324
      $ Reporter –quiet
       --- passwords cracked as of Sat 12:09:50 GMT ---
       Guessed es [esses]           [passwd /bin/bash]
       Guessed user4 [qwerty]       [passwd /bin/bash]
       Guessed eric [jenny]         [passwd /bin/bash]
John the Ripper is a free password cracking software tool. Initially developed for
the UNIXoperating system, it currently runs on fifteen different platforms (11
architecture-specific flavors of Unix, DOS, Win32, BeOS, and OpenVMS). It is one of
the most popular password testing/breaking programs as it combines a number of
password crackers into one package, autodetects password hash types, and includes a
customizable cracker. It can be run against various encrypted password formats including
several crypt password hash types most commonly found on various Unix flavors (based
on DES, MD5, orBlowfish), Kerberos AFS, and Windows NT/2000/XP/2003 LM hash.
Additional modules have extended its ability to include MD4-based password hashes and
passwords stored inLDAP, MySQL and others.

    $ john password
       Loaded 9 passwords with 9 different salts (Standard DES [24/32 4K])
       eses           (es)
       jenny          (eric)
       qwerty         (user4)
       guesses: 3 time: 0:00:04:26 (3) c/s: 16278...

Dictionary attacks work because many computer users and businesses insist on using ordinary
words as passwords. Dictionary attacks are rarely successful against systems that employ
multiple-word phrases, and unsuccessful against systems that employ random combinations of
uppercase and lowercase letters mixed up with numerals. In those systems, the brute-
force method of attack (in which every possible combination of characters and spaces is tried up
to a certain maximum length) can sometimes be effective, although this approach can take a long
time to produce results.

Vulnerability to password or decryption-key assaults can be reduced to near zero by
limiting the number of attempts allowed within a given period of time, and by wisely
choosing the password or key. For example, if only three attempts are allowed and then a
period of 15 minutes must elapse before the next three attempts are allowed, and if the
password or key is a long, meaningless jumble of letters and numerals, a system can be
rendered immune to dictionary attacks and practically immune to brute-force attacks.

By using lengthy passwords vulnerability to the password can be reduced to a greater
extent. Not only this,by making use of non – dictionary words we can eliminate the cause
of dictionary attack.

Inspite of all this,we can use special symbols and numeric values in the password so that
it can be saved from dictionary attacks.


To top