Disclaimer
This article is solely for educational purposes. The techniques discussed herein should not be used for unlawful activities.
Learning Objectives
By the end of this walkthrough, readers will:
Understand common password-cracking techniques like brute-force, dictionary attacks, etc.
Learn how cryptographic hashing and salting work to secure passwords
Build a basic password-cracking prototype to demonstrate these concepts
Be able to better secure their systems against such attacks
In this guide, you will learn how to build a keylogger from scratch practically and you will also learn how to run: Build a Python Keylogger
Background Concepts
Before building our password cracker, we need to understand:
How Passwords Are Secured
Developers use cryptographic hash functions to secure passwords before storing them. These transform passwords into fixed-length hash values that cannot be reversed.
Popular hash functions include:
SHA-1: Fast and outputs the same hash for a given input. Vulnerable to brute-force attacks.
bcrypt: Slow by design to thwart attacks. It uses salts - random data added to each password before hashing. This prevents the same inputs from having the same hash.
To verify a password during login:
Hash entered password
Compare generated hash to stored hash
If equal, login successful
Common Password Cracking Techniques
Attackers use the following techniques to crack hashed passwords:
Brute-Force
Tries every possible password combination against the hash
Guaranteed to work but is very slow
Dictionary Attacks
Use dictionaries of common passwords and combinations
Much faster than brute-force
Rainbow Tables
Use pre-computed tables of password hashes
Extremely fast as hashing is avoided during attacks
Social Engineering
Manipulate victims into revealing personal information
Create custom wordlists by combining revealed info ## Securing Against Cracking Attempts
Proper password hashing and salting harden systems against cracking attempts. Developers must:
Use slow key derivation functions like bcrypt
Generate high-entropy salts for each password
Enforce strong password policies among users
Let's build a basic password cracker to see these in action.
Building a Password Cracker in Python
We will create a basic brute-force password-cracking prototype.
Wordlist
Text file containing possible passwords
We brute-force crack passwords by hashing entries from this list
We use a small list that can crack only weak passwords for learning purposes.
Tools Used
hashlib - Generate SHA1 password hashes
urllib - Read wordlist file over the internet
import hashlib
from urllib.request import urlopen
def readwordlist(url):
try:
wordlistfile = urlopen(url).read()
except Exception as e:
print("Hey there was some error while reading the wordlist, error:", e)
exit()
return wordlistfile
def hash(wordlistpassword):
result = hashlib.sha1(wordlistpassword.encode())
return result.hexdigest()
def bruteforce(guesspasswordlist, actual_password_hash):
for guess_password in guesspasswordlist:
if hash(guess_password) == actual_password_hash:
print("Hey! your password is:", guess_password,
"\n please change this, it was really easy to guess it (:")
# If the password is found then it will terminate the script here
exit()
############# append the below code ################
url = 'https://raw.githubusercontent.com/berzerk0/Probable-Wordlists/master/Real-Passwords/Top12Thousand-probable-v2.txt'
print("Enter your actual passoword and let's guess how easy it is to guess it!\n ex: trying entering 'henry' as a password without the '' ")
actual_password = input()
actual_password_hash = hash(actual_password)
wordlist = readwordlist(url).decode('UTF-8')
guesspasswordlist = wordlist.split('\n')
# Running the Brute Force attack
bruteforce(guesspasswordlist, actual_password_hash)
# It would be executed if your password was not there in the wordlist
print("Hey! I couldn't guess this password, it was not in my wordlist, this is good news! you win (: \n\n ps: You can always import a new wordlist and check whether ur password still passes this bruteforce attack")
The full code for this prototype is available on GitHub.
Running the Cracker
To run the script:
$ python3 password_cracker.py
It will start testing passwords from the wordlist against the hash using brute force. Once cracked, it will print the matching cleartext password.
The more advanced your password is, the less likely our cracker will be able to crack it; let's test it out.
We typed in my name as the password, and our cracker could crack it in less than a second.
Next, we will tweak our password using special characters and numeric values. it could not brute force the password; voila, our password cracker is ready.
Password crackers rely on how powerful your wordlist is; the more updated and powerful your wordlist is, the better your cracker becomes.
Creating an advanced payload takes skills. In this article, we explained how to make a keylogger undetectable. Find out more in How to Make a Keylogger Payload Undectatable.
We intentionally use a wordlist that can crack only weak passwords for learning purposes.
In real attacks, hackers use huge leaked password databases containing millions of entries to launch targeted and efficient dictionary-based cracking attempts.
Analysis
By running this basic prototype, we can understand:
Wordlists are at the heart of most password-cracking attempts
Brute-force guarantee works but is very slow in practice
Strong hashing and salting by developers can thwart most attacks
Users practicing good password hygiene is critical
Building and running such prototypes provides valuable insight to strengthen our systems.
Conclusion
In this detailed walkthrough, we:
Learned about common password-cracking techniques
Understood how cryptographic hashes and salting secure passwords
Built a basic brute-force password cracker prototype in Python
Analyzed how to harden systems and user habits against such attacks
You now know to start securing systems against password-cracking attempts.
Let me know if you have any other questions.
If you like my work and want to help me continue dropping content like this, buy me a cup of coffee.
If you find this post exciting, find more exciting posts on Learnhub Blog; we write everything tech from Cloud computing to Frontend Dev, Cybersecurity, AI, and Blockchain.