How passwords are hacked?Methods.

3
102

Now in 21’st century, we all want to be the ethical or black hat or internet activist and most of all, everything in this technocratic world is ruled by computer and thus privacy and passwords.In most hacker movies, YouTube video they use Linux environments and geek codes but a pattern repeats in their work.But all I will be giving you a 1000ft overview of general working.

There is two types internet based attacks and hardware attacks:-

Hacker password attacks are mainly classified into 3 types:-

dictionary attacks

[alert-success]Dictionary attacks[/alert-success]

In this type of attacks, we are assuming that the password is made of a word which comes into the dictionary and we are running all possible words through it, so that, we stop until we get a match.This method is actually old and therefore usually used in google account openings or any internet based system you are asked to enter a special character and alphanumeric letters but still dictionary attacks are used and actually they being at superficial level meaning no need of system penetration and are easy and time-consuming.

 

rainbow table attacks

[alert-success]Rainbow table attacks[/alert-success]

In most of the websites or software’s passwords  are never stored in databases that means even if penetration occurs and the database is stolen  they would get only #hashes meaning a serial of alphanumeric and special character series.When we type the password in the website or soft-wares it is converted into hashes by a defined algorithm with a key and then send to check over database verified and then you get logged in.In this type of attacks; between sending hashes to a database, the connection is intercept which may need penetration of system but in most cases not needed.After you get hashes and do it for few hundred samples you analyse it until you get a pattern, for eg:- ‘A’ in hashes mean e4g7. And then passwords are decrypted.

After getting hashes from a database you just needed to decode like above way and log in.You may be wondering but how to hack database for that you may use SQL injection method.Means database is made of row and columns of a table  in which  you put info and in such cases even a search box or any input box of the website when proper command are put you are able to hack into the database but I will let you know that later.

Brute Force attacks[alert-success]Brute force[/alert-success]

this is by far the most time consuming and most popular method used by a hacker but it is inefficient as, if the system is properly designed then by frequent attacks on application or server, the system just blocks incoming and  outgoing info and total lockdown is done regarding databanks.But it actually yields good  results unlike rainbow table No hashes and also covers non-dictionary words and special letters.How it works is basically computer or cluster of computers in series try different permutation and combination until we get  a match.Like trying every possible word and alphanumerical combination.

 

 

 

 

Evil twin attacks[alert-success]Evil twin method[/alert-success]

this is actually associated with internet based, hacking .fiber optics or communication system.usually used in WiFhacking.So what is done; a user is insisted on putting the password into a website box and the info in it then goes to you and then you use it.Like, for example, you are accessing WiFi through router Intercept signal is designed in such a way that it clone your WiFi DNS servers(Like names and address ) and de-authenticate or cuts  your connection from your router then connect you to clone.Then if internet is not working what we do is we go to google.com to check connectivity, during web browsing, a web page comes up for your company router which hacker guess ( based on rekon  regarding personality, usage of person) then you put password and  the password goes to hacker  and everything is ok back again.Then hacker disconnects you from his network and using that password given by you connect to your original network but for this to work successfully you have to do some reckon like the simple question in elevator regarding Your wifi has good range, which brand is it? etc and make sure that person is not hacker lol, and simple question regarding which company router he uses and what company of  internet is used by him, so that we can create a fake web page with it to get the password.

But these are all software attacks which are pretty impressive but time-consuming.Instead, try Hardware,

Method: – DO like a 100000 attempts to connect to application or router etc, eventually application fails and restarts as it restarts, firewalls are protection services are very bulky application so naturally they are intended to load last and between these gap before loading firewall you can attacks required device and fail it just, like that.

It was nice sharing with you this info and keep staying out of trouble, this is almost very superficial but descriptive info about hacking.

You can read more about hacking

Why Linux is used for Hacking??

Never get hack but hack others.Have a nice day

3 COMMENTS

LEAVE A REPLY

Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.