6 replies to this topic

[achyandra]

I’m new here and hope I post this right.

I’m a computer science student from Jakarta, currently start working on a research in ‘Password Cracking’ topics for my bachelor degree. I’ve read quite about many tools available for cracking the password, include the techniques. And now, I want to simplify and try to explain my understanding in one picture (diagram) about the categorization for password cracking tools, since each of theirs somehow works for different purpose and scenarios.

Here, I upload my simplification through diagram about categorization for password cracking tools based on my research. I’m humbly aware that somehow there is still ‘hole’ in this picture.
Therefore, what do you think about this picture? Any opinions, critiques, suggestion, additional information, or review for this picture means a lot for me.





Thanks,

Achyandra

[erwinadi]

For the victim's vulnerability caused by common default setting, I think we don't need any tool to attack. So what path does the attacker use to attack?

[achyandra]

Yes, for some cases with victim's vulnerability caused by common default setting, we don't need any tool to attack.

For example when Linux user didn't change the root password (common default settings) we can 'add new made up authorized user' to increased the access. Because you asking this, I just thought that will add new element on Exploited weakness which is 'Creating new authorized access', and Result which is 'Add new made up authorized user'.

So just for instance, according to the pictures, the 'path' that attacker use to attack using 'common default settings' for, would be:

Attacker - Location: Physical Access - Mechanism: User command (Linux), run with command line interface (Linux OS Recovery Mode), Exploited Weakness: Creating new authorized access - Vulnerabilities: Configuration: common default settings (Linux root password) - Victim Type: Host (OS admin) - Results: Add new made up authorized user - Impact: Increased Access

Any revision or suggestion from all of you guys will be very appreciated. I will collect all of new information and will upload new diagram in the future.

[flyhigh]

Hi Achyandra,

Using the taxonomy, can you show path for pentesting tool, such as ophcrack?

[achyandra]

Hi Achyandra,

Using the taxonomy, can you show path for pentesting tool, such as ophcrack?

Hi flyhigh,

According to diagram, for Ophcrack the path would be:
Attacker - Location: Physical Access - Mechanism: Script/Program, run with bootable program,Exploited Weakness: Brute Force & Dictionary - Vulnerabilities: Implementation: Operating System (Windows LM & NTLM hash) - Victim Type: Host (OS admin) - Results: Recover Actual Password - Impact: Increased Access

[flyhigh]

Hi flyhigh,

According to diagram, for Ophcrack the path would be:
Attacker - Location: Physical Access - Mechanism: Script/Program, run with bootable program,Exploited Weakness: Brute Force & Dictionary - Vulnerabilities: Implementation: Operating System (Windows LM & NTLM hash) - Victim Type: Host (OS admin) - Results: Recover Actual Password - Impact: Increased Access

Hi Achyandra,

I think that your taxonomy is useful and quite easy to classify the password cracking tools.
In addition, maybe this reference link will help your research backtrack-linux.org/forums/showthread.php?t=68

cheers

[achyandra]

Hi Achyandra,

I think that your taxonomy is useful and quite easy to classify the password cracking tools.
In addition, maybe this reference link will help your research backtrack-linux.org/forums/showthread.php?t=68

cheers

Thanks for the reference link Flyhigh.

-

By the way guys,
I've done some revision recently, and this is the new diagram



*UPDATE*
Taxonomy of Password Cracking Tools