jenette-foley
Uploaded by
13 SLIDES
260 VUES
130LIKES

Understanding Password Cracking Techniques in Computer Forensics

DESCRIPTION

This guide delves into the various methods of password cracking used in computer forensics, including techniques like dictionary attacks, brute force attacks, and keystroke logging. Discover how social engineering plays a role, the significance of default passwords, and the implications of BIOS and application-specific password storage. We explore how law enforcement and private investigators can leverage clues to uncover passwords, emphasizing security practices to protect sensitive data from unauthorized access.

1 / 13

Télécharger la présentation

Understanding Password Cracking Techniques in Computer Forensics

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Password Cracking COEN 252 Computer Forensics

  2. Social Engineering • Perps trick • Law enforcement, private investigators can ask. • Look for clues: • Passwords frequently use SSN, names of boyfriend, girlfriend, dog, sled, …

  3. Dictionary Attacks • Passwords need to be memorizable. • Most Passwords based on actual words. • Dictionary attacks uses a dictionary: • Try all words in dictionary. • Try all words in dictionary with slight changes. • Typically very fast.

  4. Brute Force • Just try out all combinations. • 2568 possibilities for a UNIX password. • But only if all letters are equally likely. • Not feasible on a single machine. • But possibly in a P2P system. • Using Seti@home technology.

  5. Keystroke logging / sniffing • Surveillance of suspect can yield passwords. • Keystroke loggers can be set up to automatically reveal typed in passwords. • Same for network sniffers.

  6. Default Passwords • Many applications come with a default password. • VMS used to have a default super-user password. • Often, the default password is the same as the default user name. • In principle, the sys-ad changes the default password. • Recently, applications are no longer shipped with default passwords.

  7. Bios Password • Stored in CMOS • Remove power from CMOS and CMOS is reset. • Looses valuable forensic data such as the system clock. • Some BIOS can be programmatically cleaned. • Looses valuable forensic data such as the system clock.

  8. Windows 9x • Windows 9x stores the login password • in .pwl file • in the c:\windows directory • in encrypted form. • Obtain the password from the file. • Use an offline password cracker that attacks the weak encryption.

  9. Windows 9x • Windows screen saver password is stored in user.dat file in c:\windows. • Password is in simple ASCII encryption. • The screen saver password is very often the system password.

  10. Windows NT and upUnix • Only hash of password is stored. • Computationally impossible to calculate password from the hash. • Can use the hash for a dictionary or brute force attack.

  11. Various Applications • Some applications store the password in clear text in a hidden location. • Registry in Windows. • Some file attached to the application. • Or using easily breakable encryption of password in known place.

  12. Multiple Passwords • Since few users can remember many passwords, any password for a given application might also unlock other passwords.

More Related