Password cracking Junior - 1 day - 1500€
Objectifs
Passwords still constitute an essential component of information system security today. During intrusions, different types of password hashes are recovered and being able to break them in a short time can prove decisive.
This training aims at presenting the techniques and tools for breaking password hashes as quickly as possible. A history of password storage developments will also be presented, to highlight bad examples and mistakes made in popular projects.
-
1 day (6 hours)
-
Password cracking optimization techniques
-
Datasets provided
Public and prerequisites
This training is suitable for people having no prior knowledge of password cracking. It is mainly aimed at pentesters, system administrators, and developers.
-
Pentesters
-
System administrators
-
Developers
Content
Password storage and generation theory: storage type, hash functions, function attacks, candidate generation, computational technologies. History of algorithms. Series of practical exercises: identification of algorithms in source code, getting started with John the Ripper (candidate generation modes, development of derivation rules and candidate filters based on a password policy, dynamic formats, implementation or modification of a native format), getting started with Hashcat (advanced candidate generation with prince combination, siga genetic mutations and rule generation).
Toutes les modalités de déroulement de la formation sont détaillées sur cette page.