Cloud & Networking
Reader small image

You're reading from  Kali Linux Cookbook - Second Edition

Product typeBook
Published inSep 2017
Publisher
ISBN-139781784390303
Edition2nd Edition
Tools
Kali Linux
Concepts
Network Security
Right arrow
Authors (2):
Corey Schultz
Corey Schultz
author image
Corey Schultz

Corey P. Schultz is a technologist focusing on security research, Internet of Things, and the impact of technology on education and learning. He has over 20 years of experience in the security industry doing security architecture, penetration testing, incident response, and forensic analysis. Corey is currently a technical solutions architect for Cisco Systems Global Security Sales Organization. He works on a daily basis with large environments on designing and architecting secure enterprise networks. You can also find Corey active on Twitter @cschultz0000, where you can also see his schedule of speaking engagements and appearances.
Read more about Corey Schultz

Bob Perciaccante
Bob Perciaccante
author image
Bob Perciaccante

Bob Perciaccante is seasoned information security practitioner who has been in the security field for almost 20 years. Currently, he is a consulting systems engineer for Cisco Systems in Pennsylvania where he has worked for the last 10 years focusing on network and data security, network access control, and secure network architectures. His primary day-to-day responsibilities focus on designing secure network solutions for his customers and working to train customers and partners on security solution implementations and daily operations to get the most out of their infrastructure. When not involved in security activities, Bob enjoys eclectic hobbies such as working on cars, 3D printing, and camping. Collaborating with his Cisco peer, Corey P. Schultz, this book is his first security publication.
Read more about Bob Perciaccante

View More author details
Right arrow

Password Cracking

In this chapter, we will cover the following topics:

  • Resetting local Windows machine password
  • Cracking remote Windows machine passwords
  • Windows domain password attacks
  • Cracking local Linux password hashes
  • Cracking password hashes with a wordlist
  • Brute force password hashes
  • Cracking FTP passwords
  • Cracking Telnet and SSH passwords
  • Cracking RDP and VNC passwords
  • Cracking ZIP file passwords

Introduction

Password cracking has its own uses, often times you may be able to access and recover password databases but they are encrypted and on other times to escalate privilege or gain access, you may have to use a password attack.

Resetting local Windows machine password

In this recipe, we will crack the local Windows machine passwords with direct access to the computer.

In this recipe, we will also simulate booting off a CD-ROM in order to reset the local password.

Getting ready

Let's ensure the following prerequisites:

  • Your Windows workstation is powered down
  • You have recently downloaded the Kali ISO
  • Have a local standard user on the Windows workstation with a password

How to do it...

We will now reset the Windows password using Kali boot media:

  1. With your Windows machine off, start by...

Cracking remote Windows machine passwords

In this recipe, we will crack a remote Windows machine password. In this case, we will assume we have already launched the attack through Armitage and have taken the hashes we need. Please refer to Chapter 4, Finding Exploits in the Target and the Advanced attacks with Armitage recipe if needed.

Getting ready

Let's ensure the following prerequisites:

  • Your Kali machine is powered up
  • You have started Armitage up and it's running
  • You have collected the needed hashes already from the remote machine

How to do it...

We will...

Windows domain password attacks

In this recipe, we will try to crack the active directory database from a Windows domain controller. We will assume you have already recovered the needed files, the system file, and NTDS.dit files from the computer through other exploitation means.

Getting ready

Let's ensure the following prerequisites:

  • Your Kali machine is powered up
  • Your domain controller has some sample accounts on it
  • You have collected the system file and the NTDS.dit files through other means

How to do it...

We will now recover passwords from a windows domain...

Cracking local Linux password hashes 

In this recipe, we will crack Linux passwords using John the Ripper.

In this recipe, we will also simulate booting off a CD-ROM in order to crack the passwords using John the Ripper.

Getting ready

Let's ensure the following prerequisites:

  • Your Kali machine is powered up
  • You have some sample users and passwords setup on your Linux machine

How to do it...

We will now crack Linux password with John the Ripper:

  1. With your Windows machine off start by going into VirtualBox, clicking on the Linux VM, and click on Settings:
...

Cracking password hashes with a wordlist

In this recipe, we will crack hashes using John the Ripper and the password lists. We will also work with a local shadow file from a Linux machine and we will try to recover passwords based off wordlists.

Getting ready

Let's ensure the following prerequisites:

  • Your Kali machine is powered up
  • You have some sample users and passwords setup on your Linux machine
  • You copied the shadow file to your Kali root directory

How to do it...

We will now attempt to crack passwords using a pre-defined wordlist:

  1. Verify you have the shadow...

Brute force password hashes

In this recipe, we will crack hashes using John the Ripper in brute force mode. We will work with a local shadow file from a Linux machine and we will try to recover passwords by brute forcing them.

Getting ready

Let's ensure the following prerequisites:

  • Your Kali machine is powered up
  • You have some sample users and passwords setup on your Linux machine add some more and make a couple accounts with random 4 character passwords.
  • You copied the shadow file to your Kali root directory

How to do it...

We will use a brute force method of attack...

Cracking FTP passwords

In this recipe, we will try and crack FTP passwords.

Cracking FTP passwords is a great way to both access the system through FTP and get the username and passwords against other systems and services. For this recipe, we will use hydra to test the system.

Getting ready

Let's ensure the following prerequisites:

  • Your Kali machine is powered up
  • Your Metasploitable machine is powered up
  • Validate the IP address of the Metasploitable machine

How to do it...

Let's attempt to crack an FTP server passwords:

  1. Let's start by logging into...

Cracking Telnet and SSH passwords

In this recipe, we will try and crack Telnet and SSH passwords.

Cracking Telnet and SSH passwords can be used against systems as well as infrastructures. With this, you have the ability to try and penetrate into switches, firewalls, routers, pretty much any network equipment and most often Linux machines will have this method of access enabled.

Getting ready

Let's ensure the following prerequisites:

  • Your Kali machine is powered up
  • Your Metasploitable machine is powered up
  • Validate the IP address of the Metasploitable machine

How to do it...

...

Cracking RDP and VNC passwords

In this recipe, we will try and crack RDP and VNC passwords on our Windows machine.

Cracking into either RDP or VNC can be a very powerful method to access any system. While RDP is restricted to Windows systems VNC is a cross platform remote control utility covering Windows, Mac, and Linux. You can use your previous scanning to look for open VNC ports even on Windows machines.

Getting ready

Let's ensure the following prerequisites:

  • Your Kali machine is powered up
  • Your Windows machine is powered up on the NAT network
  • Validate internet connectivity
  • You have some valid users on the system with RDP enabled for them
...

Cracking ZIP file passwords

In this recipe, we will try and crack a ZIP file password.

Sometimes, you will come across ZIP files that have a password on them. Normally, you can easily crack these passwords with a simple dictionary attack.

Getting ready

Let's ensure the following prerequisites:

  • Your Kali machine is powered up

How to do it...

We will now crack a ZIP files password and recover it's contents:

  1. Open a terminal window in Kali by clicking the icon.
  2. Enter the following commands to create an encrypted ZIP file:
cd 
mkdir 6.10 
cd 6.10
touch one two three...
lock icon
The rest of the chapter is locked
Previous Chapter
Chapter 7 of 11
Next Chapter
You have been reading a chapter from
Kali Linux Cookbook - Second Edition
Published in: Sep 2017Publisher: ISBN-13: 9781784390303
© 2017 Packt Publishing Limited All Rights Reserved
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Sign up now
undefined
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Start free trial
Renews at $15.99/month. Cancel anytime

Authors (2)

author image
Corey Schultz

Corey P. Schultz is a technologist focusing on security research, Internet of Things, and the impact of technology on education and learning. He has over 20 years of experience in the security industry doing security architecture, penetration testing, incident response, and forensic analysis. Corey is currently a technical solutions architect for Cisco Systems Global Security Sales Organization. He works on a daily basis with large environments on designing and architecting secure enterprise networks. You can also find Corey active on Twitter @cschultz0000, where you can also see his schedule of speaking engagements and appearances.
Read more about Corey Schultz

author image
Bob Perciaccante

Bob Perciaccante is seasoned information security practitioner who has been in the security field for almost 20 years. Currently, he is a consulting systems engineer for Cisco Systems in Pennsylvania where he has worked for the last 10 years focusing on network and data security, network access control, and secure network architectures. His primary day-to-day responsibilities focus on designing secure network solutions for his customers and working to train customers and partners on security solution implementations and daily operations to get the most out of their infrastructure. When not involved in security activities, Bob enjoys eclectic hobbies such as working on cars, 3D printing, and camping. Collaborating with his Cisco peer, Corey P. Schultz, this book is his first security publication.
Read more about Bob Perciaccante

Other recommended products

Related to this chapter

Kali Linux Wireless Penetration Testing Beginner's Guide

Kali Linux Wireless Penetration Testing Beginner's Guide

Kali Linux Wireless Penetration Testing Beginner's Guide, Third Edition has been updated to Kali Linux 2017.3 with the latest methodologies, including full coverage of the KRACK attack and how to defend against it. The book presents wireless pentesting from the ground up, introducing all elements of penetration testing and providing detailed coverage of modern hacking methods and attacks.

BookDec 2017210 pages
Kali Linux Intrusion and Exploitation Cookbook

Kali Linux Intrusion and Exploitation Cookbook

Born from it predecessor, Kali Linux 2.0 is the most popular Linux distribution designed for security professionals who build defensive strategies around their systems with an offensive mindset. This book aims at introducing you to the most common and not -so- common pre-installed penetration testing tools and create custom complex images in the form of easy to follow recipes. Right Information gathering, vulnerability assessment & penetration testing for Web, wired and wireless Network this book will help you get grips on exploiting vulnerabilities in your system and fix those security anomalies in no time.

BookApr 2017512 pages
Network Scanning Cookbook

Network Scanning Cookbook

Network Scanning Cookbook enables a reader to understand how to perform a Network Scan, which includes Discovery, Scanning, Enumeration, Vulnerability detection etc using scanning tools like Nessus and Nmap. If the reader is an auditor, they will be able to determine the security state of the client's network and recommend remediations accordingly.

BookSep 2018304 pages
Learn Penetration Testing

Learn Penetration Testing

A penetration test, also known as a pen test, is a simulated cyberattack against your computer system to check for exploitable vulnerabilities. In the context of web application security, penetration testing is commonly used to augment a web application firewall (WAF). This book teaches you various penetration testing techniques in order to become a proficient Penetration tester.

BookMay 2019424 pages
Metasploit 5.0 for Beginners

Metasploit 5.0 for Beginners

Metasploit 5.x for Beginners will provide a good starting point to perform penetration testing and identify threats and vulnerabilities to secure your IT environment. You will be able to analyze, identify, and exploit threats and vulnerabilities to secure your IT environment.

BookApr 2020246 pages
Learn Kali Linux 2019

Learn Kali Linux 2019

The current trend of various hacking and security breaches displays how important it has become to pentest your environment, to ensure end point protection. This book will take you through the latest version of Kali Linux to efficiently deal with various crucial security aspects such as confidentiality, integrity, access control and authentication.

BookNov 2019550 pages
Applied Network Security

Applied Network Security

Computer networks are increasing at an exponential rate and the most challenging factor organisations are currently facing is network security. Breaching a network is not considered an ingenious effort anymore, so it is very important to gain expertise in securing your network.

BookApr 2017350 pages
Metasploit Penetration Testing Cookbook

Metasploit Penetration Testing Cookbook

Metasploit is the world's leading penetration testing tool and helps security and IT professionals find, exploit, and validate vulnerabilities. Metasploit allows penetration testing automation, password auditing, web application scanning, social engineering, post exploitation, evidence collection, and reporting. Metasploit's integration with InsightVM (or Nexpose), Nessus, OpenVas, and other vulnerability scanners provides a validation solution that simplifies vulnerability prioritization and remediation reporting. Teams can collaborate in Metasploit and present their findings in consolidated reports.

BookFeb 2018426 pages
Learn Ethical Hacking from Scratch

Learn Ethical Hacking from Scratch

This book is designed to help you learn the basics, it assumes that you have no prior knowledge in hacking, and by the end of it you'll be at a high intermediate level being able launch attacks and hack computer systems just like black-hat hackers do, not only that but you'll also learn how to secure systems from these attacks.

BookJul 2018564 pages5
Metasploit for Beginners

Metasploit for Beginners

Metasploit for Beginners will provide a good starting point to perform penetration testing and identify threats and vulnerabilities to secure your IT environment. This book would help the reader absorb the essential concepts on using Metasploit framework for comprehensive penetration testing. By the end of the book, the reader would feel confident on having gained sufficient hands-on knowledge on effectively utilizing the framework in real world scenarios.

BookJul 2017190 pages
Kali Linux Network Scanning Cookbook

Kali Linux Network Scanning Cookbook

With the ever-increasing amount of data flowing in today’s world, information security has become vital to any application. This is where Kali Linux comes in. Kali Linux focuses mainly on security auditing and penetration testing. This step-by-step cookbook on network scanning trains you in important scanning concepts based on version 2016.2. It will enable you to conquer any network environment through a range of network scanning techniques and will also equip you to script your very own tools.

BookMay 2017634 pages
Kali Linux 2018: Assuring Security by Penetration Testing

Kali Linux 2018: Assuring Security by Penetration Testing

This book is a fully focused, structured book providing guidance on developing practical penetration testing skills by demonstrating cutting-edge hacker tools and techniques. It offers you all of the essential lab preparation and testing procedures that reflect real-world attack scenarios from a business perspective, in today's digital age.

BookOct 2018528 pages

Personalised recommendations for you

Based on your interests and search pattern

Designing and Implementing Microsoft Azure Networking Solutions

Designing and Implementing Microsoft Azure Networking Solutions

Designing and Implementing Microsoft Azure Networking Solutions Exam Ref AZ-700 is an all-encompassing guide to the AZ-700 exam and contains all the information you need to succeed in the world of virtual networking with Azure. With this book, you will be fully prepared for the exam and the world of cloud networking.

BookAug 2023524 pages
Microsoft 365 Security, Compliance, and Identity Administration

Microsoft 365 Security, Compliance, and Identity Administration

The Microsoft 365 Security, Compliance, and Identity Administration is a comprehensive guide that helps you employ Microsoft 365's robust suite of features and empowers you to optimize your administrative tasks.

BookAug 2023630 pages
Zero Trust Overview and Playbook Introduction

Zero Trust Overview and Playbook Introduction

Get started on Zero Trust with this step-by-step playbook and learn everything you need to know for a successful Zero Trust journey with tailored guidance for every role, covering strategy, operations, architecture, implementation, and measuring success. This book will become an indispensable reference for everyone in your organization.

BookOct 2023240 pages
The Self-Taught Cloud Computing Engineer

The Self-Taught Cloud Computing Engineer

This self-study book helps you master multiple clouds, including AWS, Azure, and GCP, and serves as a roadmap to becoming a certified cloud computing expert. The book will guide you to develop a professional cloud career by helping you build a broad cloud knowledge base, developing hands-on cloud computing skills, and getting cloud certified.

BookSep 2023472 pages
Technology Operating Models for Cloud and Edge

Technology Operating Models for Cloud and Edge

This book will help you build and create ownership of a technology operating model, as well as connect your leadership with engineering and operations, keeping your internal and external customers in mind. It provides practical tips on why, where, and how to make the cloud and edge platform paradigm sing for you, your team, and your organization.

BookAug 2023228 pages
Azure Architecture Explained

Azure Architecture Explained

Azure is the preferred platform to build mission-critical and secure apps. This book provides comprehensive coverage of essential Azure products, services, and solutions vital for every solution architect's success. Elevate your knowledge and master the critical components of Azure to excel in your role with Azure Architecture Explained.

BookSep 2023446 pages
Pentesting Active Directory and Windows-based Infrastructure

Pentesting Active Directory and Windows-based Infrastructure

This practical guide helps you explore the pentesting of Microsoft infrastructure in detail, and enhances your offensive skillset by showing you the different ways to perform security assessment. This book will help blue teamers and IT engineers get up to speed with possible security issues they may encounter in their Windows environments.

BookNov 2023360 pages
Practical Ansible

Practical Ansible

In Practical Ansible, you'll work with the latest release of Ansible and learn to solve complex issues quickly with the help of task-oriented scenarios. You'll start by installing and configuring Ansible to automate monotonous and repetitive IT tasks and get to grips with concepts such as playbooks, inventories, plugins, collections, and network modules.

BookSep 2023420 pages
Windows 11 for Enterprise Administrators

Windows 11 for Enterprise Administrators

Microsoft’s launch of Windows 11 is a step toward satisfying the enterprise administrator’s needs for better management and enhanced user experience customization. This book provides the enterprise administrator with the knowledge needed to fully utilize the advanced feature set of Windows 11 Enterprise.

BookOct 2023286 pages
The Linux DevOps Handbook

The Linux DevOps Handbook

This book is for software and IT professionals seeking knowledge on Linux systems and DevOps practices. This book will provide you with guidance and tools to learn and gain proficiency in managing Linux-based infrastructures and knowledge of DevOps.

BookNov 2023428 pages2