In this series of password cracking I will be teaching you
- Social Engineering
- Dictionary Attacks
- Brute-Force Attacks
- Rainbow Tables
Before getting into any thing adventurous, let’s start our first part “Social Engineering”, Social engineering is the most easy way a hacker could use to get passwords from the master. Social engineering (S.E) is also a Art Of Telling Lie ( ? ).
There are many ways one can perform social engineering to gain passwords, Basically, What a hacker will do is, he will collect some information about your website/Company systems and some Basic Q/A to Handle the situation, Then, Using a Spoofed Email Address, He will pretend to be your company or using a spoofed call, He will pretend to be Head or Security Manager of your IT Department, He will ask for the password with a fake problem, And will satisfy you with a little information and some common Q/A about your company, You will yourself speak out the password and He’s Done With It!
This is how A Smart hacker carries out a social engineering attack on you.
Next on my BASIC hit list is Shoulder surfing,
Yes It is a shoulder surfing attack, means you are typing out your password and a guy with evil intentions look over your shoulder to copy the password and could access it in your absence.
And then it comes on Guessing,
A hacker can also guess your password as many of the users have very low password strength, like if hacker know a person personally in his office or work, He can guess the password like, your date of birth, full name, sir name, pet name, home address. And if you are vulnerable their then BINGO -_-!
He got you!
So, Now you have low-tech information about cracking passwords. In part 2 of the Series: Password Cracking, I Will Be Explaining Dictionary Attacks. So Practice these skill with your best friend, use Fake E-mailer to speak him out with the passwords.
Till then, I will prepare a good Article for you guys to understand and perform Dictionary attacks.
Enjoy!