Performing Offline Attacks

Introduction

The Performing Offline Attacks module provides you with the instructions and devices to develop your hands-on skills in the following topics:

• Extracting hashes from a system
• Cracking extracted hashes
• Cracking passwords

Lab time: It will take approximately 60 minutes to complete this lab.

Objectives

The following objective is covered in this lab:

• System hacking

Exercise 1 - Extracting Hashes from a System

Attackers use various offline attack techniques to hack the target systems. Offline password attack is one of the categories in offline attacks. In this type of attack, the attacker tries to extract the password hashes from database files such as Security Accounts Manager (SAM) in Windows operating system. SAM is a database file in Windows operating system where the local user credentials are stored in encrypted format.

In this exercise, you will learn to extract the encrypted hashes that are present in the SAM file. You will use the pwdump tool to perform the extraction.

Exercise 2 - Cracking Extracted Hashes

To crack the extracted hashes, you will require a wordlist. A wordlist is basically a text file that contains a collection of words and is generally used in a dictionary attack.

In this exercise, you will learn to crack the hashes that were extracted in the previous exercise. You will use the default wordlist “rockyou.txt” that comes with Kali Linux. The “rockyou.txt” wordlist comes compressed by default with most popular passwords.

Exercise 3 - Cracking Passwords

There are various tools available to crack passwords. The tool “John the ripper” is one of the password-cracking tools used to crack passwords.

In this exercise, you will learn to crack the password of Student2 user account.