Password Guessing

Transcript

1. Password Cracking (Given a Wordlist) Presented by the UNT Cybersecurity

   Club

2. Mission Briefing • The target device has a public IP

   address of 40.124.30.225 ◦ Our intel indicates that this device has SSH enabled (port 22) and that the device is running Microsoft Windows ◦ The username to the target account is ‘CybersecurityClub’ • Your goal: break into the target machine • There is a list of passwords (“passwords.txt” on the Discord) ◦ The password to the target account can be found in that list

3. Other Information • There are over 300 potential passwords in

   our list ◦ This makes brute force by hand impractical • It is advised you write a script or program to aid you in this mission • Best case scenario, you’ll only need to try one password; worst case, you’ll need to try over 300 ◦ Given n potential passwords this is an O(n) problem ◦ On average, we’d expect this to take n/2 attempts ▪ We can reasonably expect to have to attempt over 150 passwords • Time to get to work!

4. Miscellaneous • You are free to complete this mission in

   any language you desire • Depending on the language you choose, you may want to look into a library to help with the actual SSH functionality ◦ The goal of this challenge is to try many possible passwords, not to write your own SSH client • Feel free to collaborate and ask questions

5. Strategy and Hints • Each line of the file is

   a potential password • So, we can read the file line by line and attempt to SSH onto the target machine with each password ◦ Depending on the resulting message, we can determine if that password is correct or not • Exact implementations will vary depending on language

6. My Solutions? • Depending on how everyone is doing and

   how much time we have, I may walk through one of my solutions to this challenge

7. Closing Remarks • I will upload these slides, along with

   my solutions to this challenge, to the Discord later • I hope everyone here enjoyed this challenge! • Relevant resources: ◦ https://ryanstutorials.net/bash-scripting-tutorial/bash-script.php ◦ https://www.cyberciti.biz/faq/unix-howto-read-line-by-line-from-file/ ◦ https://stackoverflow.com/questions/12202587/automatically-enter-ssh-password-with-scr ipt ◦ https://www.cyberciti.biz/faq/noninteractive-shell-script-ssh-password-provider/