1. Attack using dictionaries
It uses a simple file containing words that you can, surprise-surprise, found in the dictionary. In other words, attacks of this type are sorted by words that many people use as their password.
This "cunning", as skillfully grouped together words, for example, "simsimotkroyasya" or "yasuperadministrator," will not save the password from hacking - perhaps, hackers will just spend a few extra seconds.
2. Brute force attack
This method is similar to a dictionary attack, but with an added bonus - of course, for a hacker that allows you to find words that are not contained in the dictionary, by scanning all possible alphanumeric combinations from aaa1 to zzz10.
This is not a quick way, especially if your password consists of several characters, but, ultimately, the password will be revealed. The method of full enumeration can be simplified by using additional computing powers of the computer, including, using the capabilities of your GPU graphics card - and, for example, the use of distributed computing models and zombie botnets.
3. Irradiation attack using a rainbow table
The rainbow table is a list of pre-calculated hashes (numeric values of encrypted passwords) used by most modern systems. The table includes hashes of all possible password combinations for any kind of hash algorithm. The time it takes to crack a password using a rainbow table is reduced to the time it takes to find the password for the password in the list. Nevertheless, the table itself is huge and requires serious computing power for viewing. It will also be useless if the hash that it tries to find was complicated by adding random characters to the password before applying the hashing algorithm.
It is worth mentioning the possibility of the existence of complicated rainbow tables, but they would be so great that it would be difficult to use them in practice. They would most likely work only with a set of pre-defined "random values," with a password of less than 12 characters, otherwise the size of the table would be prohibitive, even for state-level hackers.
The easiest way to crack is to ask the user for his/her password. A phishing message leads an unsuspecting reader to fake online banking sites, payment systems, or other sites where you must enter personal information to "fix some terrible security problem."
Why bother burglary the password when the user will happily report it himself?
5. Social Engineering
Social engineering follows the same concept as phishing - "ask the user for a password", but not with a mailbox, but in the real world.
Favorite social engineering trick is to call the office under the guise of an IT security officer and simply ask for a network access password. You will be surprised how often this works. Some criminals even feel the need - to put on a suit and badge before coming to the company to ask the receptionist the same question face to face.
6. Malicious software
Software interception of the information entered from the keyboard or displayed information can be installed by malware that captures all the information you enter, or creates screenshots during the authorization process, and then sends a copy of this file to the hackers.
Some malicious programs search for an existing file with the passwords of the client's web browser, then copy this file, which (besides well-encrypted) will contain easily accessible passwords from the history of the pages visited by the user.
7. Offline hacking
It's easy to imagine that passwords are secure when they are protected by locking systems that block users after three or four unsuccessful attempts to type a password, which also allows you to block applications that automatically retrieve passwords. This would be true if it were not for the fact that most password hacking takes place offline, using a set of hashes in the password file that were "received" from the compromised system.
Often, the victim in question is compromised through third-party hacking, which thus provides access to hackers to the server system and all important user files with hashed passwords. A password cracker can work as long as it needs to try to crack the code without alerting the target system or individual users.
8. Peeping through the shoulder
The most self-confident hackers, in the guise of couriers, maintenance technicians of air conditioners or any other employees, penetrate into office buildings.
As soon as they enter the office building, the uniform of the attendants gives them a kind of free ticket for unhindered access to all corners of the office building. This allows them to record passwords entered by real employees, and also provides an excellent opportunity to see all those passwords that many like to write on stickers and to glue directly onto the monitors of their computers.
9. Spider method
Experienced hackers realized that many corporate passwords consist of words that are related to business. Studying corporate literature, website materials, competitor sites and even a customer list can provide hackers with "ammo" to build a custom word list, which is then used to crack brute force.
Really skilled hackers automated the process and run "spider" applications similar to those used by leading search engines to identify keywords, collect and process lists for hacking.
The best friend of password crackers, of course, is the predictability of users. If a truly random password was created using software designed for this task, then the user's "random" password is unlikely to resemble something like that.
Instead, thanks to our emotional attachment to things we like, it's likely that those "random" passwords we create will be based on our interests, hobbies, pet names, family and so on. In fact, passwords are usually built on the basis of all those things about which we so would like to talk in social networks and even include in our profile. Password crackers are likely to look at this information and will make several, often correct, guesses when trying to crack the password of a consumer level without resorting to a dictionary or brute force method.
- systemoverlord.com/2020/09/04/lessons-le - Lessons Learned from SSH Credential Honeypots