Password Cracking Techniques: – We can use phishing and RAT’s to hack passwords of accounts, pc, and smartphones. But there are lots of password hacking techniques used by hackers around the world.
We will be learning some best password hacking methods used by hackers and how these methods work. In the end, we will also learn about some password cracking countermeasures, that you can use to make your password even more secure.
Password Cracking Methods
These are some best password hacking techniques used by hackers.
Dictionary Attack
Dictionary method of password hacking is really famous these days.
In this method, hackers make a wordlist in a text file with some common passwords, words, or a list of some guessed passwords.
Then they use any tool to perform this attack using that wordlist. The tool will automatically test every word in the wordlist until they found the real password.
Brute Force Attack
A brute force attack is similar to a dictionary attack, but with a difference.
In a brute force attack, hackers use a tool that automatically tries every combination of words, characters, and symbols until they find the real password.
It’s like, first they will try admin1 -> admin2 -> admin3 and this series goes on until they come across the actual password.
Rainbow Tables Attack
Every plain text password is stored in hashes on the computer. Rainbow Table Attack uses a list of pre-computed hashes (and hashes of all possible password combination of any algorithm) and then compare those hashes.
This method takes less time to crack a password.
Phishing Attack
Another way to hack a password is to directly ask for it from the victim? I know it’s stupid. But if you are a regular reader of this site then you already know what I mean.
In a phishing attack, a hacker makes a fake web page and then trick the victim into login on that fake page and when the victim logs in, the hacker gets the password.
This method is my favorite, all you have to do is to make a phishing page and then trick the user to log in by using some things you already know about them. Besides this, the phishing method is fun for me.
Keylogger/Screenscrapper
Hackers use keyloggers and screen scrapers to easily get the plain text passwords of anyone from a computer or smartphone.
Hackers simply install a keylogger program in any computer or smartphone and then the keylogger starts its work. It will start recording every keystroke from the victim’s computer or phone’s keyboard and in the meantime; it will also capture the password and send the data back to the hacker.
Remember some time ago, I told you about hacking android phones using Spynote and Ahmyth RAT. Keylogger option is available in those RAT programs. You can use them.
On the other hand, screen scrapper programs keep capturing screenshots of the victim’s screen and hackers get them all. Chances are it’ll also capture the password.
Besides this, using a screen scrapper just for capturing passwords is not enough to use it, you can also use these kinds of programs for surveillance.
Password Guess
The first step of ethical hacking is Information Gathering, in which they collect as much information as possible about the target.
Hackers also use this information to guess passwords. For a normal computer and smartphone victim, who is not so tech-savvy, this technique mostly works.
Social Engineering
In Social Engineering, hackers mostly pretend to be tech support guys and then call or interact with their victims and directly ask them for a password to manage the network or system.
Or they can also ask for some access to specific services or apps, which can be used to hack passwords.
Shoulder Surfing
In shoulder surfing, you need to stand behind the victim while they are entering their password. It could help you in two ways.
Either you will get a password or you will get some information about the password which can be used to create a wordlist and perform a dictionary or brute force attack.
Password Hacking Countermeasures
The weakest thing in any security system is humans because anyone can manipulate us and get information related to passwords or anything.
As Elliot told us in Mr. Robot “I have never found it hard to hack most people. If you listen to them, watch them. Their vulnerabilities are like a neon sign screwed into their heads.”
So, it is your responsibility to keep your password safe.
– Don’t use the same password to log in on sites or apps you use.
– Make your password a combination of uppercase letters, lowercase letters, numbers, and symbols.
– Length of your password should be more than 7 characters.
– Don’t share your password with anyone, even if it’s your family member's girlfriend or ex-girlfriend.
– Double-check if it is a real webpage or site where you are trying to log in.
– Don’t save your password in the browser after signing in.
– Clear browser cookies and saved passwords on regular basis.
Friends, of course, we can not stop a hacker? But yeah we can slow them down using the above countermeasures and tips.
What is your favorite password hacking technique?. mention in the comment. enjoy reading!
No comments:
Post a Comment