![](/uploads/1/2/5/8/125835829/902358051.jpg)
Here are some popular tricks to hack accounts and get their passwords: How To Hack Accounts Passwords -Password Breaking Tools 2016 1.Password hashes: Passwords that you type in your computer operating systems are stored somewhere on the disc in the form of hashes.These hashes are not in clear text therefore to access these hashes root/sysadmin privilages are required.In windows operating.
John the Ripper is a free password cracking software tool. Initially developed for the Unix operating system, it now runs on fifteen different platforms (eleven of which are architecture-specific versions of Unix, DOS, Win32, BeOS, and OpenVMS). It is one of the most popular password testing and breaking programs as it combines a number of password crackers into one package, autodetects password hash types, and includes a customizable cracker. It can be run against various encrypted password formats including several crypt password hash types most commonly found on various Unix versions (based on DES, MD5, or Blowfish), Kerberos AFS, and Windows NT/2000/XP/2003 LM hash. Additional modules have extended its ability to include MD4-based password hashes and passwords stored in LDAP, MySQL, and others. Cracking password in Kali Linux using John the Ripper is very straight forward. In this post, I will demonstrate that.
John the Ripper is different from tools like Hydra. Hydra does blind brute-forcing by trying username/password combinations on a service daemon like ftp server or telnet server. John however needs the hash first. So the greater challenge for a hacker is to first get the hash that is to be cracked. Now a days hashes are more easily crackable using free rainbow tables available online. Just go to one of the sites, submit the hash and if the hash is made of a common word, then the site would show the word almost instantly. Rainbow tables basically store common words and their hashes in a large database. Larger the database, more the words covered.
One of the modes John the Ripper can use is the dictionary attack. It takes text string samples (usually from a file, called a wordlist, containing words found in a dictionary or real passwords cracked before), encrypting it in the same format as the password being examined (including both the encryption algorithm and key), and comparing the output to the encrypted string. It can also perform a variety of alterations to the dictionary words and try these. Many of these alterations are also used in John’s single attack mode, which modifies an associated plaintext (such as a username with an encrypted password) and checks the variations against the hashes.
John also offers a brute force mode. In this type of attack, the program goes through all the possible plaintexts, hashing each one and then comparing it to the input hash. John uses character frequency tables to try plaintexts containing more frequently used characters first. This method is useful for cracking passwords which do not appear in dictionary wordlists, but it takes a long time to run.
John the Ripper uses a 2 step process to cracking a password. First it will use the passwd and shadow file to create an output file. Next, you then actually use dictionary attack against that file to crack it. In short, John the Ripper will use the following two files:
Cracking password using John the Ripper
In Linux, password hash is stored in /etc/shadow file. For the sake of this exercise, I will create a new user names john and assign a simple password ‘password’ to him.
I will also add john to sudo group, assign /bin/bash as his shell. There’s a nice article I posted last year which explains user creating in Linux in great details. It’s a good read if you are interested to know and understand the flags and this same structure can be used to almost any Linux/Unix/Solaris operating system. Also, when you create a user, you need their home directories created, so yes, go through creating user in Linux post if you have any doubts. Now, that’s enough mambo jumbo, let’s get to business.
First let’s create a user named john and assign password as his password. (very secured..yeah!)
Unshadowing password
Now that we have created our victim, let’s start with unshadow commands. The unshadow command will combine the extries of /etc/passwd and /etc/shadow to create 1 file with username and password details. When you just type in unshadow, it shows you the usage anyway.
I’ve redirected the output to /root/johns_passwd file because I got the ticks for organizing things. Do what you feel like here.
Cracking process with John the Ripper
At this point we just need a dictionary file and get on with cracking. John comes with it’s own small password file and it can be located in /usr/share/john/password.lst. I’ve showed the size of that file using the following command.
You can use your own password lists too or download a large one from Internet (there’s lots of dictionary file in terabyte size).
Looks like it worked. So we can now use john –show option to list cracked passwords. Note that it’s a simple password that existed in the dictionary so it worked. If it wasn’t a simple password, then you would need a much bigger dictionary and lot longer to to crack it.
John the Ripper advanced commands:
Now that we have completed the basics of John the Ripper and cracked a password using it, it’s possibly time to move on to bigger and more complex things. For that you should check the documentation on cracking MODES and examples of John the Ripper usage.
John the Ripper's cracking modes - Click to expand
John the Ripper's cracking modes - Click to expand
John the Ripper’s cracking modes.
Mode descriptions here are short and only cover the basic things. Check other documentation files for information on customizing the modes.
Wordlist mode.
This is the simplest cracking mode supported by John. All you need to do is specify a wordlist (a text file containing one word per line) and some password files. You can enable word mangling rules (which are used to modify or “mangle” words producing other likely passwords). If enabled, all of the rules will be applied to every line in the wordlist file producing multiple candidate passwords from each source word. The wordlist should not contain duplicate lines. John does not sort entries in the wordlist since that would consume a lot of resources and would prevent you from making John try the candidate passwords in the order that you define (with more likely candidate passwords listed first). However, if you don’t list your candidate passwords in a reasonable order, it’d be better if you sort the wordlist alphabetically: with some hash types, John runs a bit faster if each candidate password it tries only differs from the previous one by a few characters. Most wordlists that you may find on the Net are already sorted anyway. On the other hand, if your wordlist is sorted alphabetically, you do not need to bother about some wordlist entries being longer than the maximum supported password length for the hash type you’re cracking. To give an example, for traditional DES-based crypt(3) hashes only the first 8 characters of passwords are significant. This means that if there are two or more candidate passwords in the wordlist whose first 8 characters are exactly the same, they’re effectively the same 8 character long candidate password which only needs to be tried once. As long as the wordlist is sorted alphabetically, John is smart enough to handle this special case right. In fact, it is recommended that you do not truncate candidate passwords in your wordlist file since the rest of the characters (beyond the length limit of your target hash type) are likely still needed and make a difference if you enable word mangling rules. The recommended way to sort a wordlist for use with default wordlist rule set is:
See RULES for information on writing your own wordlist rules.
“Single crack” mode.
This is the mode you should start cracking with. It will use the login names, “GECOS” / “Full Name” fields, and users’ home directory names as candidate passwords, also with a large set of mangling rules applied. Since the information is only used against passwords for the accounts it was taken from (and against password hashes which happened to be assigned the same salt), “single crack” mode is much faster than wordlist mode. This permits for the use of a much larger set of word mangling rules with “single crack”, and their use is always enabled with this mode. Successfully guessed passwords are also tried against all loaded password hashes just in case more users have the same password. Note that running this mode on many password files simultaneously may sometimes get more passwords cracked than it would if you ran it on the individual password files separately.
“Incremental” mode.
This is the most powerful cracking mode, it can try all possible character combinations as passwords. However, it is assumed that cracking with this mode will never terminate because of the number of combinations being too large (actually, it will terminate if you set a low password length limit or make it use a small charset), and you’ll have to interrupt it earlier. That’s one reason why this mode deals with trigraph frequencies, separately for each character position and for each password length, to crack as many passwords as possible within a limited time. To use the mode you need a specific definition for the mode’s parameters, including password length limits and the charset to use. These parameters are defined in the configuration file sections called [Incremental:MODE], where MODE is any name that you assign to the mode (it’s the name that you will need to specify on John’s command line). You can either use a pre-defined incremental mode definition or define a custom one. As of version 1.8.0, pre-defined incremental modes are “ASCII” (all 95 printable ASCII characters), “LM_ASCII” (for use on LM hashes), “Alnum” (all 62 alphanumeric characters), “Alpha” (all 52 letters), “LowerNum” (lowercase letters plus digits, for 36 total), “UpperNum” (uppercase letters plus digits, for 36 total), “LowerSpace” (lowercase letters plus space, for 27 total), “Lower” (lowercase letters), “Upper” (uppercase letters), and “Digits” (digits only). The supplied .chr files include data for lengths up to 13 for all of these modes except for “LM_ASCII” (where password portions input to the LM hash halves are assumed to be truncated at length 7) and “Digits” (where the supplied .chr file and pre-defined incremental mode work for lengths up to 20). Some of the many .chr files needed by these pre-defined incremental modes might not be bundled with every version of John the Ripper, being available as a separate download. See CONFIG and EXAMPLES for information on defining custom modes.
External mode.
You can define an external cracking mode for use with John. This is done with the configuration file sections called [List.External:MODE], where MODE is any name that you assign to the mode. The section should contain program code of some functions that John will use to generate the candidate passwords it tries. The functions are coded in a subset of C and are compiled by John at startup when you request the particular external mode on John’s command line. See EXTERNAL.
What modes should I use?
See EXAMPLES for a reasonable order of cracking modes to use.
John the Ripper - Usage Examples - Click to expand
John the Ripper - Usage Examples - Click to expand
John the Ripper usage examples.
These examples are to give you some tips on what John’s features can be used for.
Command line.
1. First, you need to get a copy of your password file. If your system uses shadow passwords, you may use John’s “unshadow” utility to obtain the traditional Unix password file, as root:
(You may need to replace the filenames as needed.)
Then make “mypasswd” available to your non-root user account that you will run John under. No further commands will need to be run as root.
If your system is ancient enough that it keeps passwords right in the world-readable /etc/passwd, simply make a copy of that file.
If you’re going to be cracking Kerberos AFS passwords, use John’s “unafs” utility to obtain a passwd-like file.
Similarly, if you’re going to be cracking Windows passwords, use any of the many utilities that dump Windows password hashes (LM and/or NTLM) in Jeremy Allison’s PWDUMP output format. Some of these utilities may be obtained here:
2. Now, let’s assume you’ve got a password file, “mypasswd”, and want to crack it. The simplest way is to let John use its default order of cracking modes:
This will try “single crack” mode first, then use a wordlist with rules, and finally go for “incremental” mode. Please refer to MODES for more information on these modes.
It is highly recommended that you obtain a larger wordlist than John’s default password.lst and edit the “Wordlist = …” line in the configuration file (see CONFIG) before running John. Some wordlists may be obtained here:
Of those available in the collection at the URL above, all.lst (downloadable as all.gz) and huge.lst (only available on the CD) are good candidates for the “Wordlist = …” setting.
3. If you’ve got some passwords cracked, they are stored in $JOHN/john.pot. The john.pot file is not meant to be human-friendly. You should be using John itself to display the contents of its “pot file” in a convenient format:
If the account list gets large and doesn’t fit on the screen, you should, of course, use your shell’s output redirection.
You might notice that many accounts have a disabled shell. You can make John skip those in the report. Assuming that the disabled shell is called “/etc/expired”, the command would be:
or shorter, but will also match “/any/path/expired”:
or if you also want to ignore some other shell, say “/etc/newuser”:
To check if any root (UID 0) accounts got cracked:
or to check for cracked root (UID 0) accounts in multiple files:
To display the root (username “root”) account only:
And finally, to check for privileged groups:
4. You might prefer to manage the cracking modes manually. It is wise to start with “single crack” mode:
or since the GNU-style double dashes are optional and since option names can be abbreviated for as long as they remain unambiguous:
You should not abbreviate options in scripts which you would want to work with future versions of John since what is unambiguous now might become ambiguous with the addition of more options.
If you have more files to crack, it is preferable to load them at the same time:
or even:
This way, John will run faster and might even crack more passwords than it would if you ran it on each password file separately.
5. To catch weak passwords not derived from readily available users’ personal information, you should proceed with cracking modes demanding more processor time. First, let’s try a tiny wordlist with word mangling rules enabled:
or abbreviating the options:
Then proceed with a larger wordlist, also applying the mangling rules:
If you’ve got a lot of spare disk space to trade for performance and the hash type of your password files is relatively slow, you may use John’s “unique” utility to eliminate any duplicate candidate passwords:
If you know that your target hash type truncates passwords at a given length, you may optimize this even further:
Alternatively, you may simply use huge.lst available on Openwall wordlist collection CDs. It has word mangling rules pre-applied for the most common languages and it has any duplicates purged.
Depending on target hash type, the number of different salts (if applicable), the size of your wordlist, rules, and processor performance, wordlist-based cracking may take anywhere from under a second to many days.
You do not have to leave John running on a (pseudo-)terminal. If running John on a Unix-like system, you can simply disconnect from the server, close your xterm, etc. John will catch the SIGHUP (“hangup” signal) and continue running. Alternatively, you may prefer to start it in the background right away:
Obviously, the “&” is specific to Unix shells and will not work on most other platforms.
You may further enhance this by specifying a session name:
This ensures that you won’t accidentally interfere with the instance of John running in the background if you proceed to start other sessions.
To view the status of a running session, use:
for the default session or:
for any other session. This works for both interrupted and running sessions. To obtain the most up-to-date information from a running session on a Unix-like system, send a SIGHUP to the appropriate “john” process.
Any interrupted sessions may be continued with:
or:
Finally, to make John have less impact on other processes, you should set the option “Idle = Y” in the configuration file (see CONFIG). The default may vary depending on the version and build of JtR.
To only crack accounts with a “good” shell (in general, the shell, user, and group filters described above work for all cracking modes as well):
Like with all other cracking modes, it is faster to crack all the files you need cracked simultaneously:
You can crack some passwords only. This will try cracking all root (UID 0) accounts in all the password files:
Alternatively, you may wish to not waste time cracking your very own passwords, if you’re sure they’re uncrackable:
Sometimes it is useful to split your password hashes into two sets which you crack separately, like:
This will make John try salts used on two or more password hashes first and then try the rest. Total cracking time will be almost the same, but you will get some passwords cracked earlier, which is useful, for example, for penetration testing and demonstrations to management. Similarly, you may check all password hashes with a small wordlist, but only those that you can check faster (with “–salts=2”) with a larger one. With large numbers of password hashes and/or with a highly non-uniform distribution of salts, it may be appropriate to use a threshold larger than 2 with “–salts” (sometimes even values as high as 1000 will do).
Note that the default wordlist rules include “:” (a no-op – try words as they are in the list) on the first line. If you already ran through a wordlist without using rules, and then decided to also try the same wordlist with rules, you’d better comment this line out.
6. The most powerful cracking mode in John is called “incremental” (not a proper name, but kept for historical reasons). You can simply run:
or:
This will use the default “incremental” mode parameters, which are defined in the configuration file’s section named either [Incremental:ASCII] (for most hash types) or [Incremental:LM_ASCII] (for Windows LM hashes). By default, the [Incremental:ASCII] parameters are set to use the full printable ASCII character set (95 characters) and to try all possible password lengths from 0 to 13 (if the current hash type has a lower maximum password length, incremental mode’s length limit is reduced accordingly). [Incremental:LM_ASCII] is similar, except that it takes advantage of LM hashes being case-insensitive and of their halves being limited to 7 characters each.
Don’t expect “incremental” mode sessions to terminate in a reasonable time (unless all the passwords are weak and get cracked), read MODES for an explanation of this.
In some cases it is faster to use some other pre-defined incremental mode parameters and only crack simpler passwords, from a limited character set. The following command will try 10 different characters only, passwords from “0” to “99999999999999999999” (in an optimal order):
Of course, you can use most of the additional features demonstrated above for wordlist mode with “incremental” mode as well. For example, on a large-scale penetration test, you may have John crack only root (UID 0) accounts in a set of password files:
7. If you’ve got a password file for which you already have a lot of passwords cracked or obtained by other means, and the passwords are unusual, then you may want to generate a new charset file, based on character frequencies from that password file only:
Then use that new file with “incremental” mode.
If you’ve got many password files from a particular country, organization, etc., it might be useful to use all of them for the charset file that you then use to crack even more passwords from these files or from some other password files from the same place:
You can use some pre-defined or custom word filters when generating the charset file to have John consider some simpler passwords only:
If your “pot file” got large enough (or if you don’t have any charset files at all), you might want to use it to generate a new set of main charset files:
where “makechr” is a script that invokes “john –make-charset=…” with varying filenames, for all of the external mode word filters defined in the configuration file. In this example, John will overwrite the charset files with new ones that are based on your entire $JOHN/john.pot (John uses the entire “pot file” if you don’t specify any password files).
8. Finally, you might want to e-mail all users with weak passwords to tell them to change their passwords. (This is not always a good idea, though, since lots of people do not check their e-mail or ignore such messages, and the messages can be a hint for crackers.) Edit the “mailer” script supplied with John: the message it sends and possibly the mail command (especially if the password file is from a different machine). Then run:
Configuration file.
Please refer to CONFIG for general information on the configuration file and its possible locations.
1. Let’s assume that you notice that in some password file a lot of users have their passwords set to login names with “?!” appended. Then you just make a new “single crack” mode rule (seeRULES for information on the syntax) and place it somewhere near the beginning:
Hint: if you want to temporarily disable all of the default rules, you can simply rename the section to something John doesn’t use and define a new one with the section’s old name, but be sure to leave the “List.” prefix of the name intact to maintain correct configuration file syntax.
All the same applies to wordlist mode rules as well.
2. If you generate a custom charset file (described above) you will also need to define a configuration file section with the “incremental” mode parameters. In the simplest case it will be like this (where “Custom” can be replaced with any name you like):
This way, John will only use characters from passwords used to generate the charset file only. To make John try some more characters, add:
These extra characters will then be added, but still considered the least probable. If you want to make sure that, with your extra characters, John will try 95 different characters, you can add:
This will make John print a warning if it only has fewer than 95 characters in its charset.
You can also use CharCount to limit the number of different characters that John tries, even if the charset file has more:
If you didn’t use any filters when generating the charset file, setting CharCount this low will make John never attempt rare characters and character combinations, not even for really short passwords, spending the time on simple longer candidate passwords instead. However, the default length switching is usually smart enough so that you shouldn’t need this trick.
To make John try passwords of certain lengths only, use the following lines:
Setting “MinLen” high, as in the example above, is reasonable if shorter passwords weren’t allowed to set on the machine you got the password file from (however, note that root can usually set any password for any user and there are often loopholes in operating systems’ password policy enforcement capabilities).
On the contrary, you may want to set “MaxLen” low if you think there are a lot of short passwords.
3. Another example: a lot of users at some site use short duplicated words as their passwords, such as “fredfred”. As the number of such potential passwords is fairly low, it makes sense to code a new external cracking mode that tries them all, up to some length.
You can find the actual implementation of such a cracking mode with lots of comments in the default configuration file supplied with John. Please refer to EXTERNAL for information on the programming language used.
![Get Hashes Facebook Accounts Hacking Linux Get Hashes Facebook Accounts Hacking Linux](/uploads/1/2/5/8/125835829/841849268.jpg)
Introduction to the 10 Most Popular Password Cracking Tools
A password is the secret word or phrase that is used for the authentication process in various applications. It is used to gain access to accounts and resources. A password protects our accounts or resources from unauthorized access.
What is Password Cracking?
Password cracking is the process of guessing or recovering a password from stored locations or from data transmission system. It is used to get a password for unauthorized access or to recover a forgotten password. In penetration testing, it is used to check the security of an application.
In recent years, computer programmers have been trying to create algorithms for password cracking in less time. Most of the password cracking tools try to login with every possible combination of words. If login is successful, it means the password was found. If the password is strong enough with a combination of numbers, characters and special characters, this cracking method may take hours to weeks or months. A few password cracking tools use a dictionary that contains passwords. These tools are totally dependent on the dictionary, so success rate is lower.
In the past few years, programmers have developed many password cracking tools. Every tool has its own advantages and disadvantages. In this post, we are covering a few of the most popular password cracking tools.
1. Brutus
Brutus is one of the most popular remote online password cracking tools. It claims to be the fastest and most flexible password cracking tool. This tool is free and is only available for Windows systems. It was released back in October 2000.
It supports HTTP (Basic Authentication), HTTP (HTML Form/CGI), POP3, FTP, SMB, Telnet and other types such as IMAP, NNTP, NetBus, etc. You can also create your own authentication types. This tool also supports multi-stage authentication engines and is able to connect 60 simultaneous targets. It also has resume and load options. So, you can pause the attack process any time and then resume whenever you want to resume.
This tool has not been updated for many years. Still, it can be useful for you.
2. RainbowCrack
RainbowCrack is a hash cracker tool that uses a large-scale time-memory trade off process for faster password cracking than traditional brute force tools. Time-memory trade off is a computational process in which all plain text and hash pairs are calculated by using a selected hash algorithm. After computation, results are stored in the rainbow table. This process is very time consuming. But, once the table is ready, it can crack a password must faster than brute force tools.
You also do not need to generate rainbow tablets by yourselves. Developers of RainbowCrack have also generated LM rainbow tables, NTLM rainbow tables, MD5 rainbow tables and Sha1 rainbow tables. Like RainbowCrack, these tables are also available for free. You can download these tables and use for your password cracking processes.
Download Rainbow tables here: http://project-rainbowcrack.com/table.htm
A few paid rainbow tables are also available, which you can buy from here: http://project-rainbowcrack.com/buy.php
This tool is available for both Windows and Linux systems.
Download Rainbow crack here: http://project-rainbowcrack.com/
3. Wfuzz
Wfuzz is another web application password cracking tool that tries to crack passwords with brute forcing. It can also be used to find hidden resources like directories, servlets and scripts. This tool can also identify different kind of injections including SQL Injection, XSS Injection, LDAP Injection, etc in Web applications.
Key features of Wfuzz password cracking tool:
- Capability of injection via multiple points with multiple dictionary
- Output in colored HTML
- Post, headers and authentication data brute forcing
- Proxy and SOCK Support, Multiple Proxy Support
- Multi Threading
- Brute force HTTP Password
- POST and GET Brute forcing
- Time delay between requests
- Cookies fuzzing
4. Cain and Abel
Cain and Abel is a well-known password cracking tool that is capable of handling a variety of tasks. The most notable thing is that the tool is only available for Windows platforms. It can work as sniffer in the network, cracking encrypted passwords using the dictionary attack, recording VoIP conversations, brute force attacks, cryptanalysis attacks, revealing password boxes, uncovering cached passwords, decoding scrambled passwords, and analyzing routing protocols.
Cain and Abel does not exploit any vulnerability or bugs. It only covers security weakness of protocols to grab the password. This tool was developed for network administrators, security professionals, forensics staff, and penetration testers.
Download here: http://www.oxid.it/ca_um/
5. John the Ripper
John the Ripper is another well-known free open source password cracking tool for Linux, Unix and Mac OS X. A Windows version is also available. This tool can detect weak passwords. A pro version of the tool is also available, which offers better features and native packages for target operating systems. You can also download Openwall GNU/*/Linux that comes with John the Ripper.
Download John the Ripper here: http://www.openwall.com/john/
6. THC Hydra
THC Hydra is a fast network logon password cracking tool. When it is compared with other similar tools, it shows why it is faster. New modules are easy to install in the tool. You can easily add modules and enhance the features. It is available for Windows, Linux, Free BSD, Solaris and OS X. This tool supports various network protocols. Currently it supports Asterisk, AFP, Cisco AAA, Cisco auth, Cisco enable, CVS, Firebird, FTP, HTTP-FORM-GET, HTTP-FORM-POST, HTTP-GET, HTTP-HEAD, HTTP-PROXY, HTTPS-FORM-GET, HTTPS-FORM-POST, HTTPS-GET, HTTPS-HEAD, HTTP-Proxy, ICQ, IMAP, IRC, LDAP, MS-SQL, MYSQL, NCP, NNTP, Oracle Listener, Oracle SID, Oracle, PC-Anywhere, PCNFS, POP3, POSTGRES, RDP, Rexec, Rlogin, Rsh, SAP/R3, SIP, SMB, SMTP, SMTP Enum, SNMP, SOCKS5, SSH (v1 and v2), Subversion, Teamspeak (TS2), Telnet, VMware-Auth, VNC and XMPP.
Download THC Hydra here: https://www.thc.org/thc-hydra/
If you are a developer, you can also contribute to the tool’s development.
7. Medusa
Medusa is also a password cracking tool similar to THC Hydra. It claims to be a speedy parallel, modular and login brute forcing tool. It supports HTTP, FTP, CVS, AFP, IMAP, MS SQL, MYSQL, NCP, NNTP, POP3, PostgreSQL, pcAnywhere, rlogin, SMB, rsh, SMTP, SNMP, SSH, SVN, VNC, VmAuthd and Telnet. While cracking the password, host, username and password can be flexible input while performing the attack.
Medusa is a command line tool, so you need to learn commands before using the tool. Efficiency of the tool depends on network connectivity. On a local system, it can test 2000 passwords per minute.
With this tool, you can also perform a parallel attack. Suppose you want to crack passwords of a few email accounts simultaneously. You can specify the username list along with the password list.
Read more about this here: http://foofus.net/goons/jmk/medusa/medusa.html
Download Medusa here: http://www.foofus.net/jmk/tools/medusa-2.1.1.tar.gz
8. OphCrack
OphCrack is a free rainbow-table based password cracking tool for Windows. It is the most popular Windows password cracking tool, but can also be used on Linux and Mac systems. It cracks LM and NTLM hashes. For cracking Windows XP, Vista and Windows 7, free rainbow-tables are also available.
A live CD of OphCrack is also available to simplify the cracking. One can use the Live CD of OphCrack to crack Windows-based passwords. This tool is available for free.
Download OphCrack here: http://ophcrack.sourceforge.net/
Download free and premium rainbow tables for OphCrack here: http://ophcrack.sourceforge.net/tables.php
9. L0phtCrack
L0phtCrack is an alternative to OphCrack. It attempts to crack Windows password from hashes. For cracking passwords, it uses Windows workstations, network servers, primary domain controllers, and Active Directory. It also uses dictionary and brute force attacking for generating and guessing passwords. It was acquired by Symantec and discontinued in 2006. Later L0pht developers again re-acquired it and launched L0phtCrack in 2009.
It also comes with a schedule routine audit feature. One can set daily, weekly or monthly audits, and it will start scanning on the scheduled time.
L0phtCrack: http://www.l0phtcrack.com/
10. Aircrack-NG
Aircrack-NG is a WiFi password cracking tool that can crack WEP or WPA passwords. It analyzes wireless encrypted packets and then tries to crack passwords via its cracking algorithm. It uses the FMS attack along with other useful attack techniques for cracking password. It is available for Linux and Windows systems. A live CD of Aircrack is also available.
If you want to use AirCrack NG for password cracking, read tutorials here: http://www.aircrack-ng.org/doku.php?id=getting_started
Download AirCrack-NG here: http://www.aircrack-ng.org/
How to create a password that is hard to crack
In this post, we have listed 10 password cracking tools. These tools try to crack passwords with different password cracking algorithms. Most of the password cracking tools are available for free. So, you should always try to have a strong password that is hard to crack by these password cracking tools. These are few tips you can try while creating a password.
The longer the password, the harder it is to crack: Password length is the most important factor. If you select a small password, password cracking tools can easily crack it by using few words combinations. A longer password will take a longer time in guessing. You’re your password at least 8 characters long.
Always use a combination of characters, numbers and special characters: This is another thing which makes passwords hard to crack. Password cracking tools try the combination of one by one. Have a combination of small characters, capital letters, and special characters. Suppose if you have only numbers in your password. Password cracking tools only need to guess numbers from 0-9. Here only length matters. But having a password combination of a-z, A-Z, 0-9 and other special characters with a good length will make it harder to crack. This kind of password sometimes takes weeks to crack.
Variety in passwords: One important thing you must always take care. Never use same password everywhere. Cyber criminals can steal passwords from one website and then try it on other websites too.
In case you are not sure about the strength of your password, you can check it from variety of online tools available for free.
What to avoid while selecting your password
There are a few things which were very common a few years back and still exist. Most of the password cracking tools start from there. Passwords that fall into this category are most easy to crack. These are the few password mistakes which you should avoid:
- Never use a dictionary word
- Avoid using your pet’s name, parent name, your phone number, driver’s license number or anything which is easy to guess.
- Avoid using passwords with sequence or repeated characters: For Ex: 1111111, 12345678 or qwerty, asdfgh.
Avoid using passwords that fall in worst password list. Every year, data analysis companies publish the list of worst passwords of the year from analyzing the leaked password data.
The top 25 passwords on the 2017 list.
- 123456
- Password
- 12345678
- qwerty
- 12345
- 123456789
- letmein
- 1234567
- football
- iloveyou
- admin
- welcome
- monkey
- login
- abc123
- password
- 123456
- 12345678
- abc123
- qwerty
- monkey
- letmein
- dragon
- 111111
- baseball
- iloveyou
Ethical Hacking Training
Conclusion:
The password is what makes your network, web accounts and email accounts safe from unauthorized access. These password cracking tools are proof that your passwords can be cracked easily if you are not selecting good passwords. In the article, we have listed every kind of password cracking tools, including web application password cracking tools, network password cracking tools, email password cracking tools, Windows password cracking tools and Wi-Fi password cracking tools. Security researchers use these tools to audit the security of their apps and check how to make their application secure against these tools. Cyber criminals also use these tools, but for wrong purposes. They use these password cracking tools to crack passwords of users and then access their data.
Now it is up to you. You can either use these tools for good work or bad. Although we never encourage using any educational information for any cyber crime. This post is only for educational purposes. If you are using any of these tools for cyber crimes, the author or website publishing the article will not be responsible. Learn things to know how you can be hacked and how to protect yourself.
InfoSec Institute By John Hollan” at GE Rating:5” out of 5 Our instructor was both an excellent educator and a premier/world class security expert. I simply can not find the words to recommend InfoSec security training more highly.
![](/uploads/1/2/5/8/125835829/902358051.jpg)