Disclaimer: Before I go into this article, I would like to stress that I do not encourage anyone to launch an attack on an account that does not belong to you. It is against the law and I am not responsible for any actions you may take. This content is strictly for educational purposes. Now let’s get into it.
Following the article to raise awareness about the importance of choosing a good password, I received a lot of messages from people saying that even if you choose a password that contains your name, if it is long enough, there is no problem. I think this could be beneficial for everyone.
If you haven’t read the article I’m talking about, don’t hesitate to check it out. It’s an article where I give you a list of some good habits to adopt in order to have a secure password.
No matter how long your password is, if you publicly expose it or use common terms, it is useless; you might as well choose “password123” as your password.
In this article I will try to show you how hackers can find user passwords. Of course, there are a multitude of methods, but I’ll show you the easiest and the most effective one. First, you should know that most of the time, it is by social engineering methods that an attacker will proceed to recover your password. It is faster and less expensive in terms of resources and time.
I will focus on the dictionary attack. A dictionary attack is based on trying all strings in a pre-arranged listing. The attack is considered successful when your password is found in the list crafted by the attacker.
Sometimes you can use password lists such as the famous “rockyou” (the largest password dictionary available on Kali Linux and used for untargeted dictionary attack). Rockyou is a text file containing the most common and most used passwords. It is illustrated as follows:
I have listed here only the first 10 passwords in the file; however, the file has over 3 million passwords. If your password is among these 10 choices, consider changing it for a more secure one.
Let’s now consider that I want to generate a personalized password list in order to log into the account of someone I know (with his or her permission of course), consider that I want to create a personalized password list. To increase the chances of my dictionary containing my victim’s password. I’ll just go to your social media profile (Instagram, twitter, Facebook,…etc.) and I’ll either add you as a friend or just use the information I find on your profile. It could include:
- Your name,
- The company you work for,
- Your date of birth,
- The name of your pet(s),
- The date of birth of your children,
- Your spouse’s name,
- The places you’ve visited,
- Information you would have left in a post…etc…
All those information will allow me to create a custom dictionary for you specifically. You therefore understand the importance of being careful about the friend requests you accept and the type of information you make publicly available.
Let’s take as an example someone named Marie Trident born September 15, 1965, married to Paul Trident born April 14, 1960, and let’s say they have a child named Tony Sosa. She likes red and is passionate about dancing. She also has a cat whose name is Max.
I will use this information to create a list of potential passwords using CUPP (Common User Password Profiler). This is a python script that will allow us to create the dictionary.
The program will then generate a file containing potential passwords. Let’s consider for example that Marie chose the password s0sa&maxRed4ever, a password that would normally take years to find, we realize that it appears in the list we just created.
The tool generated 44892 passwords.
Including Marie’s actual password
And on this list, we also have other passwords that could be used by a user.
This is how a supposedly secure password can be found within minutes by the bad guy. 🙂
Feel free to tell me in the comment section topics/ideas you would like me to talk about 😉