Password cracking

A password is a type of authentication. It is a secret word or phrase that a user must know in order to gain access. A pass-phrase is a correspondingly larger secret consisting of multiple words.

Passwords have been used since Roman times. The Romans were some of the first large armies where people didn't recognize each other by sight. In order to gain entry into the camp, a Roman soldier would have to know the secret password.

Internal to the computer, password information is constantly being checked. If you were queried for the password each and every time, you would find that computer would become unusable. Therefore, the computer attempts to "cache" the password so that internal prompts during the same session do not cause external prompts to the user.

All systems cache passwords in memory during a login session. Therefore, if a hacker can gain access to all memory on the system, he/she can likely sift the memory for passwords. Likewise, hackers can frequently sift pagefiles for passwords.

To crack a password means to decrypt a password, or to bypass a protection scheme.

When the UNIX operating system was first developed, passwords were stored in the file “/etc/passwd”. This file was readable by everyone, but the passwords were encrypted so that a user could not figure out what a person's password was. The passwords were encrypted in such a manner that a person could test a password to see if it was valid, but couldn't decrypt the entry.

However, a program called "crack" was developed that would simply test all the words in the dictionary against the passwords in “/etc/passwd”. This would find all user accounts whose passwords where chosen from the dictionary. Typical dictionaries also included people's names since a common practice is to choose a spouse or child's name.

The file sources of encrypted passwords typically include the following:
• /etc/passwd from a UNIX system
• SAM or SAM._ from a Windows NT system
• .pwl from a Windows 95/98 system
• sniffed challenge hashes from the network

The "crack" program is a useful tool for system administrators. By running the program on their own systems, they can quickly find users who have chosen weak passwords. In other words, it is a policy enforcement tool.

Password crackers are utilities that try to ‘guess’ passwords. One way, also known as a dictionary attack, involves trying out all the words contained in a predefined dictionary of words. Ready-made dictionaries of millions of commonly used passwords can be freely downloaded from the Internet.
Another form of password cracking attack is ‘brute force’ attack. In this form of attack, all possible combinations of letters, numbers and symbols are tried out one by one till the password is found out. Brute force attacks take much longer than dictionary attacks.

The snapshot below is of a popular password cracking utility called Brutus. Brutus has both dictionary attack as well as a brute force attack capabilities.