How is password cracking done?

Password as we all know is some secret string of some characters that is typically used for the authentication purpose and as a means of identity proof.

WHAT IS PASSWORD?

- Password is way through which you access your some accounts and resources.
- A password is not meant for the other except the account holder.
- Passwords have been in use since ancient history and of course the password theft or cracking also!
- Nowadays passwords are more known for their use in the log in process to various systems like an operated system, ATMs, cell phones, email accounts and so on.
- It is not necessary that a password should be some meaningful word; rather it can be anything silly that is probably difficult to be guessed by the others.
- There are many types of passwords like passphrase (password formed by more than one word), PIN (personal identification number, numerical password).
- Passwords are again very much vulnerable since they are not as secure as their cryptographic counterparts i.e., protocols.
- These days password theft, password spoofing etc is quite common.

FACTORS AFFECTING THE SECURITY OF PASSWORD

Before we explain to how a password is cracked, you should know what all the factors affect the security of a password.

- Any password protected system is provided protection against the viruses, Trojans etc.
- Physical security measures like shoulder surfing are also implemented.
- Many a times less extreme measures are also used like:
1. Side channel attack
2. Extortion and
3. Rubber hose cryptanalysis

HOW SECURITY OF PASSWORD PROTECTED SYSTEM IS DETERMINED?

- The security of a password protected system is often determined by the rate at which the attacker or hacker can guess the password.

- To overcome this threat a “time out” of a few seconds can be implemented or a fixed number of chances should be given to type in the correct password.

- Many of the computer systems are now implementing these techniques.

- In some systems the cryptographic hash of the password gets stored which makes the password accessible to an attacker.

- The attacker can obtain the actual password from this hash password value.
- Passwords with high guessing rates are commonly used for cryptographic keys generation process.

HOW PASSWORD CRACKING IS DONE?

- Password cracking is recovering of the passwords from the stored or transmitted data in a computer system.
- There are many approaches developed to crack a password:

1. Guessing
This is perhaps the most common approach and does not require any special skills.

2. Changing the password
This method is second on the list of password cracking methodologies. When a user forgets his/ her password, the system allows the changing of the password following an authentication process.

3. Brute force cracking
This type of cracking involves trying every possible password till the right one is achieved.

4. Dictionary attacks
This method is also very much common and involves trying of the candidate passwords using a cracking dictionary.

5. Pattern checking
6. Word list substitution

PURPOSE FOR PASSWORD CRACKING

- The purpose for the cracking of password can be a positive one, for example, the user of a particular account might have forgotten his password and could not access his account.
- The purpose for the cracking of password can be negative one i.e., for gaining unauthorized access to a computer system, mischief purposes etc.

Time taken to crack a password is directly proportional to the strength of its character set or bits.
- The complex a password, the longer it will take to crack it.
- In some password cracking processes, the system is made to generate the similar types of passwords.
- Such passwords are called candidate passwords.
- Password cracking rate depends on the availability of the hash and the limitations of the software authentication.

Explain the concepts of password cracking?

Password cracking is one of important and most sought after concepts under the category of computer security and crypt analysis. Password cracking is such a term that is self explanatory i.e., we can make out from the term itself that it is all about recovering the passwords.

The passwords can be recovered from the data that is transmitted and stored by a computer system or network. Till date many approaches have been formulated for the cracking of passwords.

APPROACH FOR PASSWORD CRACKING

- The most common approach which is still so much in use is repeated guessing of the password till one gets the right one.

- Nowadays passwords are more known for their use in the log in process to various systems like an operated system, ATMs, cell phones, email accounts and so on.

- It is not necessary that a password should be some meaningful word; rather it can be anything silly that is probably difficult to be guessed by the others.

- There are many types of passwords like passphrase (password formed by more than one word), PIN (personal identification number, numerical password).

- Passwords are again very much vulnerable since they are not as secure as their cryptographic counterparts i.e., protocols.

- These days password theft, password spoofing etc is quite common.

FACTORS AFFECTING THE SECURITY OF PASSWORD

- Any password protected system is provided protection against the viruses, Trojans etc.

- Physical security measures like shoulder surfing are also implemented.

- Less extreme measures are still so very in use namely Side channel attack,
Extortion and, Rubber hose crypt-analysis.

- It is not necessary that password cracking has always a bad reason behind it.

- There can also be some reasonable and genuine causes for cracking a password.

- The password cracking process usually takes much time depending up on the strength of its bits.

- The measure of the strength of the bits of a password give an indication about the information entropy of it.

- Many of the computer systems are now implementing these techniques.

- In some systems the cryptographic hash of the password gets stored which makes the password accessible to an attacker.

- The attacker can obtain the actual password from this hash password value.

- Passwords with high guessing rates are commonly used for cryptographic keys generation process.

HOW PASSWORD CRACKING IS DONE?

- To say it simply the password cracking is recovering of the passwords from the stored or transmitted data in a computer system.

- Passwords whether easy to remember or hard to guess always have a problem associated with them.

- The password which may seem easy to remember to the user often might also be easy
for an attacker to crack.

- On the other hand a difficult password is a contributing factor in reducing the security of the system since it has to be physically written and stored somewhere.

- In such cases the user tends to use the same password for a long time or to reset it again and again in case he/ she forgets it.

- All this stuff makes a system vulnerable and calls for more stringent security checks for password.

- There are several measures to increase the password strength like using a mixture of both lower case and upper case alphabets, numbers and special characters.

- But such kinds of measures only make the memorisation of these passwords more difficult.

- The best measure here to avoid such memory traps can be to design a personal algorithm for the generation of obscure passwords whenever you plan to change your password.

What are different aspects of web site cookie testing?

In the last post, we already discussed what a cookie is and how and when they are used. So let us explore a little more about these cookies. Here we are going to discuss how the websites that use cookies are tested.

Disabling the cookie

Disabling the cookie feature is perhaps the easiest concept under website cookie testing. Disabling the cookies is the first step in web site cookie testing.

- How the turning off or disabling of the cookies does affects a web site? You can check out by yourself.

- Clean up all the cookies and close all the open browser windows of the site that is to be tested.

- When you close the browser windows, the session cookies are automatically deleted.

- Keep the cookie folder open while you are browsing the site.

- You have to close the browser in order to delete all the cookies.

- You will notice that as you close the browser, the session cookies are automatically deleted.

- Now you disable the cookies and try using the features of the website.

- You will observe that most of the features do not work since the cookies have been disabled.

- So we can conclude that the disabling the cookies, disables the functionality of the web site.

To use the website, the cookies must be enabled.
- The question here worth asking is that whether or not the server of that website is able to recognize its failure while attempting to set the cookies?

- And if it is recognizing also, does it send a notification or a message to user stating that the cookies must be enable in order for that web site to work?

- If this is not the case then the user will keep on trying to use the web site and will get frustrated without knowing that why the web site is not responding.

Amazon.com is one of the websites that work well even without the cookies. In such kind of web sites, the maintenance of the state if taken care of by the server side on the basis of the session ID stated at the end of the URL of the home page.

The URL of the home page of the web site was:
www.amazon.com/…/home.html/104-0233809-0567844

- The rightmost digit was changed from 4 to 5 and reposted in the URL.

- Amazon discards the edited URL and effectively recovers from the URL corruption by creating a URL with the help of a new session ID:
www.amazon.com/…/home.html/107-0357660-1139507

- From the above observation we conclude that the above hypothesis is correct.

To understand the test cases you need to understand how the cookies work and how they are stored and how the cookie settings can be edited? Here we are going to list some test cases for web site cookie testing:


- In concern to your privacy, the cookie privacy policy takes care that your personal data is not stored or used by the cookie.

- If no, then the cookie will save your sensitive data in an encrypted format.

- Always make sure that there is no over usage of cookies on the web site under test.This can annoy the users since the browser will prompt for cookies more often and this can cause a decline in the site traffic.

- If the site under test makes use of cookies, then it will not function properly on the disabling of cookies. Try to navigate through the website and use the features. But, make sure that the web site does not crash.

- Corruption of cookies
Change the values of the cookies to some vague values by editing them in note pad. You may later the contents of the cookie or change the parameters and observer the behavior of the website.

What are cookies and its types? Where are cookies used?

A cookie or an HTTP cookie can be defined as a message used by an origin website to send the information about the state to the browser of the user and by the browser to send the information about its state to the origin site.

An HTTP cookie is known by many names such as web cookie, browser cookie etc.

The information of the state that is sent across the origin site and the user’s browser is used for the purpose of:

- Authentication
- Identification of the session of an user
- Preferences of the user and
- Contents of the shopping cart

In other word HTTP cookies are used for any purpose that can be accomplished using the process storing text data on the computer of the user.

Characteristics and Uses of Cookie
- The main characteristic of Cookies is that they cannot be programmed and thus, cannot carry any kind of viruses or worms.

- Any malware cannot be installed on the host system with the use of a cookie. So they are safe to this extent.

- However, cookies can be effectively used by a spyware to track the browsing activities of the users.

- This is a major privacy concern and has prompted European and US law makers to take action in the past few years.

- Cookies are very easy to steal and are thus often misused by the hackers.

- Hackers steal the cookies and use them to gain access to the web account of the victim.

- Cookies were first used to solve the problem of implementation of the shopping cart.

- Initially the cookies were developed for the Netscape browser.

- They were used to check if the earlier visitors visited the site again.

- Later cookies were developed for internet explorer and other browsers.

- The concept of the cookies was not widely known to the public at that time.

The term “HTTP cookie” came into existence in the year of 1994. It has been derived from “magic cookie”.

What are Magic Cookies?
- Magic cookie was actually a data packet that a program receives and sends again to the program on the other side without altering the contents of the packet.

- Magic cookies were used in computing systems long back and were introduced in web communications by Lou Montulli in June 1994.


The development of a cookie for formal specifications is always in progress. Till date many types of cookies have developed. They have been discussed below:

Session cookie:
- This cookie has a lifetime equal to the time period of the user using the website.
- These cookies are automatically deleted after the end of a session.

Persistent cookie:
- These cookies last even after the session has expired.
- If a persistent cookie has its maximum age set to one year, then till the one year is over, the cookie will be sending information to the server every time the website is visited.
- These are also called tracking cookies.

Secure cookie:
- These cookies are used by the browser if it accessing server through an HTTPS connection.
- This ensures that the cookie is always encrypted during the transmission of the information.
- This prevents cookie theft.

HTTP only cookie:
- This type of cookie is mostly supported by all the modern browsers.
- On a browser which supports HTTP, an HTTP only cookie is used during transmission of HTTP requests.
- It restricts the access from other non HTTP scripts.

Third party cookie:
- The first party cookies are set with the same domain or sub domain in the address bar of the browser.
- But, third party cookies are set with various domains other than the one mentioned in the address bar.

Super cookie:
- A cookie with a public suffix domain like .co.uk, .com etc.

Zombie cookie:
- This cookie is automatically recreated after its deletion.

Different types of computer virus

A parasitic program written intentionally to enter a computer without the user's permission or knowledge. The word parasitic is used because a virus attaches to files or boot sectors and replicates itself, thus continuing to spread.
Many people are confused about different types of computer virus. The term computer virus is often used broadly to cover several types of malicious programs, including viruses, worms and Trojan horses. Each of them shares some similarities and some subtle differences.

- Computer Viruses : Computer viruses are parasitic programs that can replicate and spread to other computers. Computer virus needs a host program to run, so it often attaches itself to executable files. The virus codes run once you open the executive files. Computer viruses are spread by sharing infected files or email attachments.

- Computer worms : They can also replicate themselves, but unlike computer viruses, worms are self-contained. They can run and spread without being part of a host program. Worms spread at enormous speed in the network.

- Trojan horses : Trojan horses are hidden codes embedded within a legitimate program. Trojan horses are run without your knowledge, they can damage your files or create security leak in your system, allowing unauthorized users to access your computer. Unlike viruses and worms, they usually do not replicate themselves.

How does an anti-virus work ?

An anti-virus software program is a computer program that can be used to scan files to identify and eliminate computer viruses and other malicious software (malware).

Approaches used by anti-virus are

- Virus dictionary : It has a big dictionary of viruses, allowing it to scan files and flag any that are known to be viral. As new virus and malicious threats are discovered, they are added to a virus dictionary. Every detail of the virus is held in the dictionary. Some anti-virus programs uses this dictionary as a guide to identify any suspicious and threatening software or files. To stay up-to-date with any new viruses, the anti-virus software must regularly download updates to its dictionary. The dictionary approach has been deemed quite effective but hackers and virus creators have found a way around it by developing polymorphic viruses.

- Suspicious behavior : It monitors the behavior of all programs. If one program tries to write data to an executable program, for example, the anti-virus software can flag this suspicious behavior, alert a user and ask what to do. The suspicious behavior approach is more effective in stopping new viruses since it doesn't rely on a dictionary, which may not be regularly updated, for reference. This approach could be annoying as it can give lots of false positives.

Anti-virus software and user carefulness are the best form of protection that is out there now.

Antivirus Software - Heuristic Analysis

Heuristic analysis is a method employed by many computer antivirus programs designed to detect previously unknown computer viruses, as well as new variants of viruses already in the wild. Heuristic analysis is an expert based analysis that determines the susceptibility of a system towards particular threat/risk using various decision rules or weighing methods.

The common heuristic/behavioral scanning techniques :
- File Emulation : It allows the file to run in a controlled virtual system (or “sandbox”) to see what it does.
- File Analysis : It involves the software taking an in-depth look at the file and trying to determine its intent, destination, and purpose. Perhaps the file has instructions to delete certain files, and should be considered a virus.

The effectiveness using heuristic analysis is fairly low regarding accuracy and the number of false positives.This sort of scanning and analysis can take some time, which may slow-down system performance.
False positives are when the anti-virus software determines a file is malicious (and quarantines or deletes it) when in reality it is perfectly fine and/or desired.

Extensive use of heuristic analysis is also made in anti-spam solutions, to highlight those characteristics of an e-mail message that are spam-like.

Antivirus Software - Signature based detection

Antivirus software is a computer program that detects, prevents, and takes action to disarm or remove malicious software programs, such as viruses and worms. Computer viruses are software programs that are deliberately designed to interfere with computer operation, record, corrupt, or delete data, or spread themselves to other computers and throughout the Internet.

There are several methods which antivirus software can use to identify malware :

Signature Based Detection

It is the most common method that anti-virus software uses to identify malware. This method is somewhat limited by the fact that it can only identify a limited amount of emerging threats, e.g. generic, or extremely broad, signatures.
Advantages :
- The signatures are easy to develop and understand if you know what network behavior you're trying to identify.
- The events generated by a signature-based IDS can very precisely inform you about what caused the alert.
- Signature based rules are based on Pattern matching, and with modern day systems pattern-matching can be performed very quickly.
- If your network is only having DNS, HTTP and SMTP traffic, all other signatures can be removed from the policy files.

Disadvantages :
- Signature based IDS can only detect known attacks, a signature must be created for every attack, and 0-day attacks cannot be detected.
- Signature based IDS systems are also prone to false positives since they are commonly based on regular expressions and string matching.
- Since they are based on pattern match, signatures usually don't work that great against attacks with self-modifying behavior.