Back to Curriculum
Day 9Unit II

Day 9: Password Attacks

Master the art of password cracking through online brute-force attacks with Hydra, offline hash cracking with John the Ripper and Hashcat, and learn to identify and exploit weak password security.

Learning Objectives
  • Understand the difference between online and offline password attacks
  • Master dictionary attacks vs brute-force methods
  • Use Hydra for online brute-force attacks on SSH and HTTP services
  • Crack password hashes with John the Ripper and Hashcat
  • Identify different hash types using hash-identifier tool
  • Understand NTLM hash capture concepts with Responder
Online vs Offline Password Attacks
Understanding the fundamental approaches to password cracking

Online Attacks

Direct attacks against live services requiring network connectivity

Examples

  • SSH brute-force
  • HTTP login forms
  • FTP authentication
  • RDP services

Tools

  • Hydra
  • Medusa
  • Patator
  • Metasploit modules

Pros

  • Immediate feedback
  • No hash files needed
  • Works against current passwords

Cons

  • Noisy (detectable)
  • Rate limiting
  • Account lockouts
  • Network dependent

Offline Attacks

Attacks against captured hash files without network interaction

Examples

  • /etc/shadow hashes
  • SAM database dumps
  • Zip file passwords
  • Database dumps

Tools

  • John the Ripper
  • Hashcat
  • Ophcrack
  • Rainbow tables

Pros

  • Stealthy (undetectable)
  • No rate limits
  • Can use GPU acceleration
  • Multiple attack modes

Cons

  • Need hash files first
  • Requires storage space
  • Computationally intensive
  • Time-consuming
Dictionary vs Brute-Force Attacks
Choosing the right attack methodology

Dictionary Attacks

  • • Use pre-compiled wordlists
  • • Faster than brute-force
  • • Higher success rate for common passwords
  • • Can use rules for variations
  • • Examples: rockyou.txt, custom wordlists

Brute-Force Attacks

  • • Try all possible combinations
  • • Guaranteed to find password (given time)
  • • Very time-consuming
  • • Best for short passwords
  • • Examples: mask attacks, incremental modes
Essential Links & Resources
Official documentation and reference materials
🐉

Hydra Documentation

https://github.com/vanhauser-thc/thc-hydra

🔓

John the Ripper Wiki

https://www.openwall.com/john/

Hashcat Wiki

https://hashcat.net/wiki/

🗝️

WPScan Documentation

https://wpscan.com/

📋

SecLists Repository

https://github.com/danielmiessler/SecLists

🔍

Hash Identifier Tool

https://github.com/psypanda/hash_identifier