I have a new password attack presentation in EC-Council Malaysia on 15th May. In this presentation we have discussed with the latest techniques for password cracking, Phishing attack, social engineering attack, password extraction from physical memory (Forensics method) , windows login password reset, windows login password cracking, Web login password cracking,
In this tutorial , I am introducing what is password and its characteristics, then it is discussed about Password Security. Later on basic password Cracking techniques has been explained. And finally some password cracking tools has been introduced. Further more in our live session I showed some Live password Cracking. I hope this tutorial would be helpful for you and give you some insight.
For those who are still working with Backtrack, its time to upgrade themselves to Kali Linux or other Penetration and Forensics tools. Backtrack Website just announced that , they are not supporting backtrack anymore
It happens to many of us that we zip some files with passwords, but after a long time we might forget the chosen password, it happened to me recently, I decided to write about a hand on simple tutorial on how to crack zip password protected file. Mostly I prefer an online web tool such as online pdf cracker due to high speed in cracking, unfortunately I couldn’t find any online unzip cracker, so I tried to find desktop tool, preferably free one. “frackzip” is the tool, I am using to crack the zip file. It uses brute force attack, written in assembly language, and it is a free application, which you can find it Kali and BackTrack.
frackzip switches are as follow:
-b brute force
-D dictionary Attack
-c charset characterset
-p init-password string
-l length min-max
-m method num
-2 modulo r/m
fcrackzip -u -v -b -p aaaa zipfolder.zip
If you don’t know the length of the password -p option will increase the speed of password cracking. in addition , your computer CPU and RAM are very important in speed of cracking.
Password cracking is one the common steps in Penetration testing to find if the web application or network have been configured properly or not.