Would you like to inspect the original subtitles? These are the user uploaded subtitles that are being translated:
1
00:00:00,600 --> 00:00:05,700
in this lesson we're going to talk about
2
00:00:03,350 --> 00:00:05,700
3
00:00:03,360 --> 00:00:08,730
password cracking you're going to run
4
00:00:05,690 --> 00:00:08,730
5
00:00:05,700 --> 00:00:10,440
across instances where you can get hold
6
00:00:08,720 --> 00:00:10,440
7
00:00:08,730 --> 00:00:12,810
of the password file but of course
8
00:00:10,430 --> 00:00:12,810
9
00:00:10,440 --> 00:00:15,420
passwords aren't stored in clear text
10
00:00:12,800 --> 00:00:15,420
11
00:00:12,810 --> 00:00:18,570
and in subsequent lessons we'll get into
12
00:00:15,410 --> 00:00:18,570
13
00:00:15,420 --> 00:00:20,550
how passwords are actually stored let's
14
00:00:18,560 --> 00:00:20,550
15
00:00:18,570 --> 00:00:22,740
just say they're not stored in clear
16
00:00:20,540 --> 00:00:22,740
17
00:00:20,550 --> 00:00:25,470
text and you need to be able to do
18
00:00:22,730 --> 00:00:25,470
19
00:00:22,740 --> 00:00:29,039
something in order to get a clear text
20
00:00:25,460 --> 00:00:29,039
21
00:00:25,470 --> 00:00:30,539
password from these password files so
22
00:00:29,029 --> 00:00:30,539
23
00:00:29,039 --> 00:00:33,600
the first thing that we're going to look
24
00:00:30,529 --> 00:00:33,600
25
00:00:30,539 --> 00:00:35,879
at is the little play on of course Jack
26
00:00:33,590 --> 00:00:35,879
27
00:00:33,600 --> 00:00:38,010
the Ripper the famous serial killer it's
28
00:00:35,869 --> 00:00:38,010
29
00:00:35,879 --> 00:00:41,219
called John the Ripper the first thing
30
00:00:38,000 --> 00:00:41,219
31
00:00:38,010 --> 00:00:43,679
I'm going to do is grab a copy of the
32
00:00:41,209 --> 00:00:43,679
33
00:00:41,219 --> 00:00:46,469
password file that includes the
34
00:00:43,669 --> 00:00:46,469
35
00:00:43,679 --> 00:00:49,559
encrypted passwords in it so that i can
36
00:00:46,459 --> 00:00:49,559
37
00:00:46,469 --> 00:00:52,489
run John so I've got my password file
38
00:00:49,549 --> 00:00:52,489
39
00:00:49,559 --> 00:00:55,649
I'm actually going to copy that into
40
00:00:52,479 --> 00:00:55,649
41
00:00:52,489 --> 00:00:58,219
this directory where I've got my word
42
00:00:55,639 --> 00:00:58,219
43
00:00:55,649 --> 00:00:58,219
lists
44
00:01:00,780 --> 00:01:00,780
45
00:01:00,790 --> 00:01:06,250
so I'm going to go into this wordless
46
00:01:03,660 --> 00:01:06,250
47
00:01:03,670 --> 00:01:09,640
directory here now the thing about
48
00:01:06,240 --> 00:01:09,640
49
00:01:06,250 --> 00:01:11,560
password cracking is it's not like you
50
00:01:09,630 --> 00:01:11,560
51
00:01:09,640 --> 00:01:14,020
know the movies where you just run
52
00:01:11,550 --> 00:01:14,020
53
00:01:11,560 --> 00:01:16,330
through all of these things and very
54
00:01:14,010 --> 00:01:16,330
55
00:01:14,020 --> 00:01:18,460
quickly you get a password that can take
56
00:01:16,320 --> 00:01:18,460
57
00:01:16,330 --> 00:01:20,860
a really really long time and probably a
58
00:01:18,450 --> 00:01:20,860
59
00:01:18,460 --> 00:01:23,260
lot longer than your lifetime in order
60
00:01:20,850 --> 00:01:23,260
61
00:01:20,860 --> 00:01:25,450
to check through all of the various
62
00:01:23,250 --> 00:01:25,450
63
00:01:23,260 --> 00:01:29,530
permutations and combinations of letters
64
00:01:25,440 --> 00:01:29,530
65
00:01:25,450 --> 00:01:31,720
and characters and numbers and so what
66
00:01:29,520 --> 00:01:31,720
67
00:01:29,530 --> 00:01:34,750
we do is we create a word list of
68
00:01:31,710 --> 00:01:34,750
69
00:01:31,720 --> 00:01:37,600
potential passwords and then we go
70
00:01:34,740 --> 00:01:37,600
71
00:01:34,750 --> 00:01:40,150
through the process of creating a
72
00:01:37,590 --> 00:01:40,150
73
00:01:37,600 --> 00:01:42,369
password from it in other words doing
74
00:01:40,140 --> 00:01:42,369
75
00:01:40,150 --> 00:01:45,310
the same process that you would use to
76
00:01:42,359 --> 00:01:45,310
77
00:01:42,369 --> 00:01:47,259
store your password so we're going to do
78
00:01:45,300 --> 00:01:47,259
79
00:01:45,310 --> 00:01:50,080
a cryptographic hash of it and then we
80
00:01:47,249 --> 00:01:50,080
81
00:01:47,259 --> 00:01:52,150
compared the two hashes in order to see
82
00:01:50,070 --> 00:01:52,150
83
00:01:50,080 --> 00:01:53,590
whether they match or not and if they
84
00:01:52,140 --> 00:01:53,590
85
00:01:52,150 --> 00:01:55,780
match we know what the plaintext
86
00:01:53,580 --> 00:01:55,780
87
00:01:53,590 --> 00:01:58,270
password was because that's what we used
88
00:01:55,770 --> 00:01:58,270
89
00:01:55,780 --> 00:02:00,580
to create the hash so what I'm going to
90
00:01:58,260 --> 00:02:00,580
91
00:01:58,270 --> 00:02:06,070
do is I'm going to run John and I've got
92
00:02:00,570 --> 00:02:06,070
93
00:02:00,580 --> 00:02:09,010
my word list and it's called LST and I'm
94
00:02:06,060 --> 00:02:09,010
95
00:02:06,070 --> 00:02:12,610
going to run that against my password
96
00:02:09,000 --> 00:02:12,610
97
00:02:09,010 --> 00:02:14,260
file that I created up above so what
98
00:02:12,600 --> 00:02:14,260
99
00:02:12,610 --> 00:02:17,410
it's going to be doing here is running
100
00:02:14,250 --> 00:02:17,410
101
00:02:14,260 --> 00:02:20,110
through all of the passwords in that
102
00:02:17,400 --> 00:02:20,110
103
00:02:17,410 --> 00:02:22,989
file and checking them against the
104
00:02:20,100 --> 00:02:22,989
105
00:02:20,110 --> 00:02:25,750
password file and seeing whether they
106
00:02:22,979 --> 00:02:25,750
107
00:02:22,989 --> 00:02:28,269
match and this could take quite a while
108
00:02:25,740 --> 00:02:28,269
109
00:02:25,750 --> 00:02:29,950
and so you're going to want to just let
110
00:02:28,259 --> 00:02:29,950
111
00:02:28,269 --> 00:02:33,400
this run for hours and hours if not
112
00:02:29,940 --> 00:02:33,400
113
00:02:29,950 --> 00:02:36,580
potentially days doing this password
114
00:02:33,390 --> 00:02:36,580
115
00:02:33,400 --> 00:02:39,730
ripping or password cracking can take
116
00:02:36,570 --> 00:02:39,730
117
00:02:36,580 --> 00:02:42,370
quite a while one thing that can help
118
00:02:39,720 --> 00:02:42,370
119
00:02:39,730 --> 00:02:45,760
get around that is using something
120
00:02:42,360 --> 00:02:45,760
121
00:02:42,370 --> 00:02:49,390
called rainbow tables now rainbow tables
122
00:02:45,750 --> 00:02:49,390
123
00:02:45,760 --> 00:02:51,700
are pre computed hash tables that save
124
00:02:49,380 --> 00:02:51,700
125
00:02:49,390 --> 00:02:54,220
the computation time of doing the hash
126
00:02:51,690 --> 00:02:54,220
127
00:02:51,700 --> 00:02:57,340
on all of the passwords as you go
128
00:02:54,210 --> 00:02:57,340
129
00:02:54,220 --> 00:03:01,299
through them so here's a program called
130
00:02:57,330 --> 00:03:01,299
131
00:02:57,340 --> 00:03:04,750
oph crack that's a free windows password
132
00:03:01,289 --> 00:03:04,750
133
00:03:01,299 --> 00:03:07,420
cracker and it uses rainbow tables so
134
00:03:04,740 --> 00:03:07,420
135
00:03:04,750 --> 00:03:10,630
you can use this oph crack that you
136
00:03:07,410 --> 00:03:10,630
137
00:03:07,420 --> 00:03:14,020
could download all over the internet and
138
00:03:10,620 --> 00:03:14,020
139
00:03:10,630 --> 00:03:16,560
you can use those tables with off
140
00:03:14,010 --> 00:03:16,560
141
00:03:14,020 --> 00:03:20,020
crack in order to hopefully get some
142
00:03:16,550 --> 00:03:20,020
143
00:03:16,560 --> 00:03:22,900
quicker times to get your passwords
144
00:03:20,010 --> 00:03:22,900
145
00:03:20,020 --> 00:03:25,780
cracked there's no guarantee because if
146
00:03:22,890 --> 00:03:25,780
147
00:03:22,900 --> 00:03:27,970
the password isn't in the list of words
148
00:03:25,770 --> 00:03:27,970
149
00:03:25,780 --> 00:03:30,340
that you're checking then you're not
150
00:03:27,960 --> 00:03:30,340
151
00:03:27,970 --> 00:03:32,650
going to crack the password and that's
152
00:03:30,330 --> 00:03:32,650
153
00:03:30,340 --> 00:03:34,870
one of the places where complexity is
154
00:03:32,640 --> 00:03:34,870
155
00:03:32,650 --> 00:03:36,970
really important when it comes to
156
00:03:34,860 --> 00:03:36,970
157
00:03:34,870 --> 00:03:40,420
creating passwords if you're just using
158
00:03:36,960 --> 00:03:40,420
159
00:03:36,970 --> 00:03:42,730
a regular word even if you say
160
00:03:40,410 --> 00:03:42,730
161
00:03:40,420 --> 00:03:45,340
capitalize the first letter there's a
162
00:03:42,720 --> 00:03:45,340
163
00:03:42,730 --> 00:03:47,230
good chance that that may be in a word
164
00:03:45,330 --> 00:03:47,230
165
00:03:45,340 --> 00:03:50,470
list somewhere that somebody can crack
166
00:03:47,220 --> 00:03:50,470
167
00:03:47,230 --> 00:03:53,140
which is why typically you'll see strong
168
00:03:50,460 --> 00:03:53,140
169
00:03:50,470 --> 00:03:55,750
passwords recommending a combination of
170
00:03:53,130 --> 00:03:55,750
171
00:03:53,140 --> 00:03:59,320
symbols and letters and numbers as well
172
00:03:55,740 --> 00:03:59,320
173
00:03:55,750 --> 00:04:02,290
as upper and lower case if you do enough
174
00:03:59,310 --> 00:04:02,290
175
00:03:59,320 --> 00:04:04,510
complexity and add enough variability to
176
00:04:02,280 --> 00:04:04,510
177
00:04:02,290 --> 00:04:07,840
your password you're not going to see
178
00:04:04,500 --> 00:04:07,840
179
00:04:04,510 --> 00:04:10,330
that in a password cracker word list
180
00:04:07,830 --> 00:04:10,330
181
00:04:07,840 --> 00:04:13,420
probably and it's going to make your
182
00:04:10,320 --> 00:04:13,420
183
00:04:10,330 --> 00:04:15,730
password very difficult to crack because
184
00:04:13,410 --> 00:04:15,730
185
00:04:13,420 --> 00:04:19,359
what they would have to do would be to
186
00:04:15,720 --> 00:04:19,359
187
00:04:15,730 --> 00:04:22,410
do a real honest-to-goodness brute force
188
00:04:19,349 --> 00:04:22,410
189
00:04:19,359 --> 00:04:24,910
where they do check all of the potential
190
00:04:22,400 --> 00:04:24,910
191
00:04:22,410 --> 00:04:28,210
permutations and combinations that's
192
00:04:24,900 --> 00:04:28,210
193
00:04:24,910 --> 00:04:30,610
also why a longer password is better
194
00:04:28,200 --> 00:04:30,610
195
00:04:28,210 --> 00:04:32,950
because of course the more positions you
196
00:04:30,600 --> 00:04:32,950
197
00:04:30,610 --> 00:04:35,110
put into a password the longer it's
198
00:04:32,940 --> 00:04:35,110
199
00:04:32,950 --> 00:04:38,200
going to take to brute force the other
200
00:04:35,100 --> 00:04:38,200
201
00:04:35,110 --> 00:04:40,150
thing is that word lists are often kind
202
00:04:38,190 --> 00:04:40,150
203
00:04:38,200 --> 00:04:42,160
of up to eight characters because that's
204
00:04:40,140 --> 00:04:42,160
205
00:04:40,150 --> 00:04:44,350
traditionally been sort of a standard
206
00:04:42,150 --> 00:04:44,350
207
00:04:42,160 --> 00:04:46,420
password length so if you make it a
208
00:04:44,340 --> 00:04:46,420
209
00:04:44,350 --> 00:04:49,660
little bit longer you make your password
210
00:04:46,410 --> 00:04:49,660
211
00:04:46,420 --> 00:04:52,750
harder to crack and harder to find so
212
00:04:49,650 --> 00:04:52,750
213
00:04:49,660 --> 00:04:55,930
ophcrack here runs on windows linux and
214
00:04:52,740 --> 00:04:55,930
215
00:04:52,750 --> 00:05:00,370
mac OS you'll see you can also get free
216
00:04:55,920 --> 00:05:00,370
217
00:04:55,930 --> 00:05:02,350
tables for windows XP and vista and when
218
00:05:00,360 --> 00:05:02,350
219
00:05:00,370 --> 00:05:06,010
you download ophcrack you'll be able to
220
00:05:02,340 --> 00:05:06,010
221
00:05:02,350 --> 00:05:08,410
get those rainbow tables to go with that
222
00:05:06,000 --> 00:05:08,410
223
00:05:06,010 --> 00:05:11,740
particular program another utility
224
00:05:08,400 --> 00:05:11,740
225
00:05:08,410 --> 00:05:15,130
though that runs under windows Cain and
226
00:05:11,730 --> 00:05:15,130
227
00:05:11,740 --> 00:05:19,210
Abel is another password cracker it does
228
00:05:15,120 --> 00:05:19,210
229
00:05:15,130 --> 00:05:24,660
different things though so I could load
230
00:05:19,200 --> 00:05:24,660
231
00:05:19,210 --> 00:05:27,600
the secrets from my windows system
232
00:05:24,650 --> 00:05:27,600
233
00:05:24,660 --> 00:05:31,620
and you can see I'm pulling in the
234
00:05:27,590 --> 00:05:31,620
235
00:05:27,600 --> 00:05:33,990
password file here and I could run Cain
236
00:05:31,610 --> 00:05:33,990
237
00:05:31,620 --> 00:05:36,600
against that to see whether it can crack
238
00:05:33,980 --> 00:05:36,600
239
00:05:33,990 --> 00:05:38,940
them we can also look for wireless
240
00:05:36,590 --> 00:05:38,940
241
00:05:36,600 --> 00:05:41,940
passwords it'll dump out your internet
242
00:05:38,930 --> 00:05:41,940
243
00:05:38,940 --> 00:05:46,350
explorer passwords as well as different
244
00:05:41,930 --> 00:05:46,350
245
00:05:41,940 --> 00:05:48,830
edit boxes it can do some sniffing on
246
00:05:46,340 --> 00:05:48,830
247
00:05:46,350 --> 00:05:52,470
your network to be able to find
248
00:05:48,820 --> 00:05:52,470
249
00:05:48,830 --> 00:05:55,680
passwords there it also has the ability
250
00:05:52,460 --> 00:05:55,680
251
00:05:52,470 --> 00:05:58,680
to do ARP poisoning which means it can
252
00:05:55,670 --> 00:05:58,680
253
00:05:55,680 --> 00:06:01,530
actually get a lot of data coming in to
254
00:05:58,670 --> 00:06:01,530
255
00:05:58,680 --> 00:06:03,990
it that you wouldn't normally have so
256
00:06:01,520 --> 00:06:03,990
257
00:06:01,530 --> 00:06:06,120
you can run this as a sniffer to go
258
00:06:03,980 --> 00:06:06,120
259
00:06:03,990 --> 00:06:07,620
grabbing passwords and see what it can
260
00:06:06,110 --> 00:06:07,620
261
00:06:06,120 --> 00:06:09,900
find on the network there's a lot of
262
00:06:07,610 --> 00:06:09,900
263
00:06:07,620 --> 00:06:13,650
different types of passwords that it
264
00:06:09,890 --> 00:06:13,650
265
00:06:09,900 --> 00:06:18,900
supports you'll see up above there's VNC
266
00:06:13,640 --> 00:06:18,900
267
00:06:13,650 --> 00:06:21,660
and VPN there's some base64 password
268
00:06:18,890 --> 00:06:21,660
269
00:06:18,900 --> 00:06:24,630
decoders that it supports access
270
00:06:21,650 --> 00:06:24,630
271
00:06:21,660 --> 00:06:27,840
database password decoder and a cisco
272
00:06:24,620 --> 00:06:27,840
273
00:06:24,630 --> 00:06:31,020
type 7 password decoder because Cisco
274
00:06:27,830 --> 00:06:31,020
275
00:06:27,840 --> 00:06:34,020
stores passwords in their configuration
276
00:06:31,010 --> 00:06:34,020
277
00:06:31,020 --> 00:06:37,170
files on their routers in switches in a
278
00:06:34,010 --> 00:06:37,170
279
00:06:34,020 --> 00:06:40,169
particular format and it's possible to
280
00:06:37,160 --> 00:06:40,169
281
00:06:37,170 --> 00:06:43,770
break that and recover passwords that
282
00:06:40,159 --> 00:06:43,770
283
00:06:40,169 --> 00:06:48,330
are stored in that cisco 7 password
284
00:06:43,760 --> 00:06:48,330
285
00:06:43,770 --> 00:06:50,340
format you can decrypt WEP encrypted
286
00:06:48,320 --> 00:06:50,340
287
00:06:48,330 --> 00:06:53,430
messages and we'll get into some
288
00:06:50,330 --> 00:06:53,430
289
00:06:50,340 --> 00:06:56,240
wireless in subsequent lessons Cain and
290
00:06:53,420 --> 00:06:56,240
291
00:06:53,430 --> 00:07:00,470
Abel supports a lot of different ways to
292
00:06:56,230 --> 00:07:00,470
293
00:06:56,240 --> 00:07:03,150
grab passwords both locally and remotely
294
00:07:00,460 --> 00:07:03,150
295
00:07:00,470 --> 00:07:06,480
so that's three different utilities that
296
00:07:03,140 --> 00:07:06,480
297
00:07:03,150 --> 00:07:09,900
you could use to capture passwords and
298
00:07:06,470 --> 00:07:09,900
299
00:07:06,480 --> 00:07:12,380
crack passwords in some different
300
00:07:09,890 --> 00:07:12,380
301
00:07:09,900 --> 00:07:12,380
formats
16447
Can't find what you're looking for?
Get subtitles in any language from opensubtitles.com, and translate them here.