Automatic search of VK passwords. The best pen tester tools: brute force passwords. Password cracking software: John the Ripper

Brute force (derived from the English phrase: brute force) is a type of hacker attack - a way to hack accounts in computer systems, payment/banking services and on websites through automated selection of password and login combinations.

Brute force is based on the mathematical method of the same name (brute force), in which the correct solution - a finite number or symbolic combination - is found by searching through various options. In fact, each value from a given set of potential answers (solutions) is checked for correctness.

How brute force works

A hacker writes a special program for guessing passwords or uses one already ready-made solution their colleagues. It can be targeted at a specific email service, website, social network (i.e., it is intended for hacking a specific resource). Next, preparations for hacking are carried out. It consists of the following steps:

1. Preparation of a proxy list

In order to hide the true IP address of the computer from which the attack will be carried out, and to prevent blocking from the site where the account needs to be hacked, an Internet connection is configured through a proxy server.

The search for proxy addresses/ports is carried out in the Proxy Grabber. This utility independently retrieves all the data for connecting to intermediary servers from sites that provide proxies (they are specified in the list). In other words, a proxy is collected.

The resulting database is saved in a separate text file. And then all the server addresses contained in it are checked for functionality in the proxy checker. Quite often, programs designed for automated proxy mining combine the functions of both a grabber and a checker.

As a result, you get a ready-made proxy list in the form of a list of IP/port, saved in txt file. (You will need it when setting up the brute force program).

1. Search for bases for Brute

You need to connect a dictionary to brute force - a certain set of combinations of passwords and logins - which it will substitute in the login form. It, like the proxy list, has the form of a list in a regular text file(.txt). Dictionaries, also known as databases, are distributed through hacker forums, websites and file hosting services. More experienced “craftsmen” create them on their own and provide them to everyone for a fee. The larger the base (number of combinations, logins, accounts), the better (for the hacker) - the greater the likelihood of hacking success.

1. Setting up brute force

The proxy list is loaded; the selection program will automatically change the proxy so that the web server does not detect the attack and, accordingly, the source (host) of the attack.

A dictionary of password/login combinations is connected. The number of threads is set - how many combinations brute force will check at the same time. Powerful computer With high speed Internet connection confidently copes with 120-200 streams (this is the optimal value). The speed of the brute directly depends on this setting. For example, if you set only 10 threads, the selection will be very slow.

1. Running brute force

The program records successful hacking attempts: it saves the linked accounts (password/login) to a file. The duration of the selection procedure ranges from several hours to several days. However, it is not always effective due to the high cryptographic strength of the login data or the implementation of other protective measures by the attacker.

Types of brute force

Personal hacking

Hunting for a specific account - on a social network, on an email service, etc. Through or in the process of virtual communication, the attacker extracts from the victim a login to access a website. Then he cracks the password using brute force methods: he uses brute force to indicate the address of the web resource and the obtained login, and connects the dictionary.

The chances of such a hack are small, for example, compared to the same XSS attack. It can be successful if the account owner used a password of 6-7 characters with a simple symbol combination. Otherwise, “solving” more stable variants of 12, 15, 20 letters, numbers and special characters will take years - tens and hundreds of years, based on calculations mathematical formula search.

Brut/check

A database with logins/passwords from mailboxes of one mail service (for example, mail.ru) or different ones is connected to brute force. And a proxy list - to mask the node (since for multiple requests from one IP address, web services Email the attack is detected quite quickly).

The brute's options indicate a list of keywords (usually site names) - landmarks by which he will search for login information on hacked mailboxes (for example: steampowered, worldoftanks, 4game, VK). Or a specific Internet resource.

When registering in an online game, social network or forum, a user, as expected, indicates his email (mailbox). The web service sends a message to specified address with login details and a link to registration confirmation. It is these letters that brute force is looking for in order to extract logins and passwords from them.

Click “START” and the cracking program begins brute force. It operates according to the following algorithm:

1. Loads the login/password for the email from the database.
2. Checks access, or “checks” (automatically logs in): if it is possible to log into the account, it adds one in the good column (this means another work email has been found) and begins to view it (see the following points); if there is no access, it is listed as bad.
3. In all “beeps” (open emails), brute force scans letters according to the request specified by the hacker - that is, it looks for logins/passwords to the specified sites and payment systems.
4. When the required data is found, it copies it and writes it into a separate file.

Thus, a massive “hijacking” of accounts occurs – from tens to hundreds. The attacker disposes of the obtained “trophies” at his own discretion - sale, exchange, data collection, theft of money.

Remote computer hacking

Brute force in conjunction with other hacking tools is used to obtain remote access to the victim’s password-protected PC via an Internet channel.

This type of attack consists of the following stages:

1. A search is performed for IP networks in which the attack on user computers will be carried out. Address ranges are taken from special bases or through special programs, such as IP Geo. In it you can select IP networks for a specific district, region, and even city.
2. Selected IP ranges and selection dictionaries are set in the settings of the Lamescan brute force (or its analogue), intended for remote brute force login/password. Once launched, Lamescan does the following:

• makes a connection to each IP from a given range;
• after establishing a connection, it tries to connect to the host (PC) via port 4899 (but there may be other options);
• if the port is open: tries to gain access to the system, when prompted for a password, performs guessing; if successful, it saves the IP address of the host (computer) and login information in its database.

1. The hacker launches the Radmin utility, designed to manage remote PCs. Sets the victim’s network coordinates (IP, login and password) and gains full control over the system - the desktop (displayed visually on the display of the attacker’s computer), file directories, settings.

Programs for Brutus

HASHCAT

For 2020, one of the most powerful programs for brute. Uses more than 200 brute force algorithms. Widely used for guessing WPA/WPA2 passwords, as well as passwords for MS Office, PDF, 7-Zip, RAR, TrueCrypt documents.

Classic brute force, one of the very first. However, it does not lose its relevance and competes with new solutions. It has a fast brute force algorithm and supports all major Internet protocols - TCP/IP, POP3, HTTP, etc. It can forge cookies. Brutes the dictionary and generates passwords independently.

Powerful brute checker. Equipped with an expanded arsenal of functions for working with databases (checking, sorting by domain). Supports Various types proxy, checks their functionality. Scans letters in mailboxes based on settings such as date, keyword, address, unread messages. Can download letters from Mail.ru and Yandex.

We recently published an article about password strength and passwords that are used by many users. Most people use weak passwords. But how can you make sure your password is strong? Password cracking is an integral part of digital forensics and information security testing.

In this article we have collected best programs to crack passwords that can be used system administrators to check the strength of their passwords. All utilities use different algorithms and are applicable to different situations. Let's first look at some basic information that will help you understand what we'll be dealing with.

In the field of cybersecurity and cryptography, password cracking plays a very important role. It is the process of password recovery to compromise or restore the security of a computer or system. So, why do you need to learn password cracking programs? For peaceful purposes, you can use password hacking to recover forgotten passwords from online accounts, this is also used by system administrators for prevention on a regular basis.

In most cases, brute force is used to crack passwords. The software generates various password options and reports if the correct one was found. In some cases Personal Computer capable of producing millions of options per second. The program for cracking a password on a PC checks all options and finds the real password.

The time required to crack a password is proportional to the length and complexity of that password. Therefore, it is recommended to use complex passwords that are difficult to guess or guess. Also, the brute force speed depends on the cryptographic function that is used to generate password hashes. Therefore, it is better to use Bcrypt for password encryption rather than MD5 or SHA.

Here are the main password guessing methods used by attackers:

• Dictionary attack- the attack uses a file that contains a list of words. The program checks each of the words to find the result;
• Bruteforce attack- you don’t have to use a dictionary, but rather iterate through all combinations of given characters;
• Rainbow Table Attack- the attack uses pre-computed hashes, so it is faster.

There are other methods of cracking passwords based on social engineering, but today we will focus only on attacks without user interaction. To protect against such attacks, you need to use only complex passwords. Now let’s look at the best tools for cracking passwords in 2017. This list is published for informational purposes only and we in no way encourage you to hack other people’s personal data.

The best password cracking programs

1. John the Ripper

John the Ripper is one of the most popular password cracking tools available to absolutely everyone. It is distributed openly source code and is written in the C programming language. Collected here various methods brute force passwords.

The program is capable of searching passwords using a saved hash, and supports various hashing algorithms, including automatic detection algorithm. John the Ripper is part of Rapid7's security testing toolkit. In addition to Linux, Windows and MacOS are supported.

2. Aircrack-ng

Aircrack-ng is a set of programs for cracking and intercepting passwords from wifi networks. The program is one of the best that is used by hackers. Here you will find everything you need to crack WEP and WPA encryption, from intercepting the hash to obtaining a ready-made password.

WEP encryption is especially easy to crack; to overcome the protection, there are PMS and PTW attacks, with which you can crack this protocol in a matter of minutes if there is sufficient traffic flow through the network. So always use WPA2 to be safe. All three platforms are also supported: Linux, Windows, MacOS.

3.RainbowCrack

As the name suggests, RainbowCrack uses rainbow tables to crack password hashes. Using ready-made tables, the utility greatly reduces hacking time. In addition, there is how GUI, and command line utilities.

After completing the preliminary calculations stage, this tool works hundreds of times faster than with conventional search. You don't need to create the tables yourself; the developers have already created them for LM, NTLM, MD5 and SHA1. Everything is available for free.

Another important point is GPU acceleration. By using a video card, you can reduce the password calculation time by several orders of magnitude. Supported Windows platforms and Linux.

4. THC Hydra

Unlike the programs listed above, Hydra works differently. It does not calculate hashes. Instead, the program performs brute force attacks on various network protocols. Astrisk, FTP, HTTP, MySQL, XMPP, Telnet, SHH and many others are supported here. The main purpose of the utility is brute force attacks on the password entry form.

This tool helps security researchers find out how easy it is to gain access to a remote system. Modules can be added to expand functionality; Linux, Windows, Solaris, FreeBSD and MacOS are supported.

5. HashCat

According to the developers, this is the fastest tool for brute force passwords. It is distributed as free software and supports the following algorithms: md4, md5, LM, SHA, MySQL, Cisco PIX and Unix Crypt.

There are versions of the tool for brute force on the CPU, as well as GPU-based hacking - oclHashcat and cudaHashcat. In addition to the standard Bruteforce attack, dictionary attacks, hybrid attacks using most, tables, Prince, and so on are supported. Platforms supported are Windows, Linux and MacOS.

6. Crowbar

Crowbar is a popular password security testing tool. Other password brute force programs use usernames and passwords, but crowbar allows you to brute force SSH keys.

This open source tool is designed to work with protocols that are rarely supported by other programs. Currently supported are VNC, OpenVPN, SSP, NLA. The program can run on Linux, Windows and MacOS.

7.coWPatty

This is an implementation of a utility for brute-forcing a WPA/WPA2 PSK password based on a dictionary or rainbow tables. Using rainbow tables greatly speeds up the operation of the utility. The PSK standard is now used very often. The only good thing is that it is very difficult to guess the password if it was initially chosen correctly.

There are many ways to crack a password. Of course, we provide information on how to crack a password for your reference, so that you have an idea of ​​how hackers work and why they are dangerous. simple passwords and how to protect yourself from hacking.

How to crack a password using logical guessing

Most people use simple passwords, and this is what hackers focus on first. They begin to guess the password using some initial data - the user’s last name, his date of birth, and combinations thereof. Here you don’t need to rack your brains for a long time about how to find out the password. If the code word is so simple, then it will be determined in a couple of minutes.

This method also includes the so-called “spider” method. It consists of using knowledge about what the user who will be hacked does. Very often, people use words in their passwords that are associated with their professional activity, company name. Using the Internet and specialized literature, they manage to narrow the scope of their search. the right word and don’t rack your brains over how you can crack your password.

How to protect yourself: do not use dictionary words, last names, first names, dates of birth in your passwords. An automatically generated password using our website negates attempts at logical word selection.

Selection of passwords using dictionary search method

Another common type of password that is easily cracked is a dictionary word. A little more complex - with the addition of a number. Easily hacked using programs that use dictionaries from different languages. It can be said with a high probability that within a couple of hours the code word will be in the hands of a hacker. Moreover, many sites offer this type of password selection online for free.

A variation of this method is to crack passwords using a table of hashed passwords. Simply put, a hash is the encrypted value of passwords. For example, password hashes of operating system users Windows systems are stored in a special register. If the hacker is experienced and competent enough to determine password hashes, then in the database he will be able to find a password that matches this hash. There are also pre-prepared tables that help you find a password using a hash even faster.

How to protect yourself: again - do not use dictionary words. It is possible to protect yourself from brute-forcing passwords using a hash, but it is quite difficult, and this would require a whole article. This is a task for programmers who are working on creating a website.

Find out the password using brute force

How to crack any password? By brute force method, or by exhaustive search of symbol combinations. Unlike dictionary brute force, the maximum possible number of combinations is used here, and the question of cracking time here is only in the length and complexity of the password. For example, if a combination search program generates 100,000 passwords per second, then it will take 9 days to select a combination of 7 characters, 8 - 11 months, 9 - 32 years, and so on.

How to protect yourself: do not use passwords that are less than 8 characters long; a password of any complexity and size can be generated.

Malware and phishing sites

While wandering around the Internet, downloading something, it is easy to pick up a virus program (they are often called Trojan horses) or end up on a phishing site. Depending on the type malware, it can steal passwords directly from the browser or record keyboard keystrokes. This data is then sent to the attacker.

A phishing site is a fake site that copies the design of a popular site. For example, vkkkk.com. The user buys into the design and enters his data, which is instantly received by the attacker.

How to protect yourself: do not download software from dubious resources, software without information about the developer ( OS inform you about such software), check the authenticity of the site, do not click on links that come to you from unfamiliar email addresses, do not trust tempting offers in the mail and do not trust your equipment to strangers.

Online password selection directly

How else can I find out the password? The most cunning attackers may not be afraid to enter a company’s office under the guise of an employee. They can simply wipe the dust, water the flowers, but carefully record who is doing what and where they enter what passwords.

Criminals may also work over the phone, posing as technicians and offering to give him information so he can gain access to a system.

How to protect yourself: It is quite difficult to have confidence in all employees, but it is important to train employees in basic security methods - do not enter passwords in front of strangers, do not attach stickers with passwords to tables and computer monitors.

These are not all the capabilities in a hacker's arsenal, but knowledge of these basic techniques will allow you to significantly reduce the risk of theft of confidential information.

Each member of the ][ team has their own preferences regarding software and utilities for
pen test. After consulting, we found out that the choice varies so much that it is possible
create a real gentleman's set of proven programs. That's it
decided. In order not to make a hodgepodge, we divided the entire list into topics - and in
This time we’ll touch on utilities for guessing passwords for various services.

Brutus AET2

Platform: Windows

The last release of the program was in 2000. Toolza has not had an official one for a long time
site. But at the same time Brutus AET2 is still one of the fastest and
advanced brute forcers for basic Internet protocols. If you need to pick
password for HTTP (on those pages where authorization by
login/password), arbitrary web service with authorization through a form, email
account, file or Telnet server, know: Brutus- an excellent option.

In general, to select a password, you need to specify the host and port of the service, select
protocol, set the number of threads used (maximum 60), and
time-out. For anonymity purposes, you can connect a sox or proxy. Depending on the
the protocol also indicates a number additional parameters. For example, to select
password on some site (brute force type - HTTP Form), you must specify the method
(POST or GET), specify form parameters (Brtus has a built-in simple tool
to analyze them), and if necessary, fake cookies by enabling
the corresponding option.

The selection is carried out in two ways: according to the dictionary, and the program has
several built-in utilities for working with large lists of passwords, or with
using stupidly generated passwords. In the latter case it is necessary
designate the symbols that will be used to compose the pass.

A common occurrence on the Internet. It is carried out for different purposes. The most common goal is sending spam and intrusive advertising. Sometimes hackers steal money from accounts on social networks. Hacking of payment systems is dangerous. Hacking an email password, in addition to sending spam, carries the danger that all other account data can also be found out.

Sometimes it is carried out for the purpose of stealing game content.

Collapse

Password cracking methods Even best passwords

for mail can be hacked. The ways in which hackers operate are improving every day. These are special programs for selecting combinations, methods for tracking actions on the Internet, etc.

Phishing

This way to find out the password from VK or another social network is popular among hackers. The user is sent a message asking them to go to a site that looks similar to the one the hacker is trying to hack. Usually, it is completely copied from it.

After clicking on the link, the user enters other data, thinking that he is trying to log into his usual account. You can get to such a site and try to find out the password, having a login, that is, using the “Account Recovery” function.

The user clicks the “Login” button and the data instantly goes to the attackers. The user himself is redirected to the page of the real social network, without even noticing what happened. Advanced social engineering allows hackers to find out the password of another person's contact.

After all, in order for a user to click on a fake link, it is necessary to “earn” his trust. The method is not very effective, but easy to implement. However, the account owner may suspect that the real one is often not much different) and refuse to switch. The attacker can be easily found.

When entering your password, pay attention to the site address: attackers often make the address of a fake site look similar to the original site

Selection The main technology used by hackers to try to find out an email password by brute force is BruteForce. This is a method of automated generation and substitution of combinations for an account. To run such a selection you need special program

, whose password can be cracked quickly. This program operates on a mathematical principle, where the correct solution is determined by selection.

A hacker service for hacking can be either universal or for a specific site. When it works, a fake proxy is created, thanks to which attackers can hide their IP. In addition, by regularly changing it, it is possible to avoid blocking the computer from which hacking is carried out. After it is hacked, when you log into your account, you will see a message stating that your password has been compromised. The following urgently needs to be done:

1. Change account details;
2. Change security question;
3. Write to the Administration that the password in Contact (or on another resource) has been compromised.

Although earlier programs were used that operated according to , now more advanced ones have appeared. Now substituting numbers into a word will not make your account secure. New programs select completely arbitrary alphanumeric combinations; they can be used to crack a very complex combination of symbols.

Hacking the password of the social network VKontakte by brute force

Hashes and website hacking

An effective but complex hacking method. To find out the password, hackers hack a website that stores hashes of user code combinations. The hash is obtained after the combination of letters has undergone an irreversibly complex procedure. When you enter a combination of characters when logging into your account, the hash is calculated again and if it matches the saved one, then you entered the code word correctly. This data is stolen by attackers who hack the site. This is even simpler with old resources that store not hashes, but the letter combinations themselves.

The hash is not that difficult to decrypt. Hackers have many programs and services that allow them to recognize and use them. They can see the password in Yandex Mail, after hacking the service itself, as follows:

• Calculation of hashing algorithms and data decryption;
• Having a database of BruteForce code combinations, the hacker also has hashes of these words, encoded by one or another algorithm. The program can only compare the existing ones with the new ones;
• There are not many algorithms, and they are common.

Hashing on websites is a process similar to how cookies work on a PC. Decrypting it is as easy as finding out the password from cookies. Therefore, it is obvious that such storage is not reliable account protection even with a very complex combination.

Hacking a password by guessing it from a dictionary

Spyware

Spyware is software installed on a PC that is hidden. So that the user does not know about its existence. Essentially it is a virus. Designed to collect information about the user, logins, browser request history, code words, etc. Necessary for hacking and for conducting targeted advertising. With the help of such programs, information is transmitted directly to the attacker.

Such programs disguise themselves as software that offers to copy the password in the form of asterisks or recover it from cookies. Such programs must be used with caution. It’s better to use a browser to restore the ability to log into your account. Using spyware, you can find out your friend's password by installing malware on his phone or computer. In this case, the data will be transferred to you.

The spy program does not crack the password, it simply steals it and sends it to the attacker

Has your password been hacked?

Some resources show hacking notifications themselves. Social network VKontakte issues a notification that your password has been compromised when logging into your account. If you change the code word to the old one, such a notification may appear, since the site stores a black list of passwords from which spam was sent, etc.

A message window warning the user that his account has been hacked

In addition, there are a number online services, which present Accounts that have fallen into the hands of criminals recently. If there are reasons to believe that they tried to hack your email password, then enter your email address in the field (or login, if you are not talking about mailboxes) and you will see if your account has been hacked.

You can find out if your account was hacked in other ways. The main one is the analysis of activity in your account during your absence from the site.

WATCH THE VIDEO

If your friends received messages with advertising content or invitations to third-party sites, you see messages and notifications for the first time, although the site shows that they have been viewed, etc. then your page was used while you were away. However, it might not be visible online. There are programs to hide the presence of users on the network.