The password cracking challenge
- Whatever you do in the context of this assignment is for self-improvement purposes only, it is an exercise.
- Doing the same thing out there in the wild will get you in trouble, in the worst case - you can get your ass kicked really hard.
- You must run these attacks against the given target server.
The purpose of this assignment is to develop the skills necessary to break into systems by cracking their passwords using clever ways, other than brute force, because the latter is not always an option. As a result, you will also consider this from a defensive perspective and devise a set of security recommendations for network administrators.
Specifically, you will deal with:
- educated guesses for picking low-hanging fruits
- dictionary attacks
- background checks that narrow down the scope of the problem
- the relative ease of brute-forcing simple and short passwords
Your attacks are oriented against an SSH server, running on an unknown port at an IP address distributed over our mailing list.
The system has multiple user accounts: level1, level2, level3, etc. Your mission is to determine the passwords for as many of them as you can.
level1 is the easiest one to break into. Once you log in, you will be given a hint for the next level.
It is recommended that you break into these accounts in a sequential order, otherwise you won't have the tips that are crucial for simplifying the problem, and be forced to do it the hard way.
To sum things up, these are the initial conditions:
- the target IP (in the mailing list)
- the first user account is level1
That's it! Feel free to ask any questions about the assignment, you might get truthful answers.
- You are free to use whatever tools you find appropriate.
- It can be a custom script you wrote, or an existing tool you found on the Internet or a hybrid approach.
- You can combine tools together to achieve a better performance, or to accomplish certain phases of your attack.
- Feel free to use more than one computer to distribute the problem among multiple agents.
- People can be tools too, perhaps you could use them as well.
- Obtain as many credentials as you can
- Write a report that explains:
- Your modus operandi
- Thoughts on how to make it even faster
- Explain which methods can be applied by administrators to make these attacks impossible
- Recommendations for users on how to secure their accounts
- What made some levels easy?
- What made some levels hard? Why?
- What were the problems you encountered in this assignment and how you addressed them
Note that failure is also a form of success, at least in this context. Even if you don't succeed in reaching an advanced level in this challenge, you still get credit for documenting what you did and revealing the rationale behind your choices.
- If you change the password of an account if you managed to log into, your colleagues won't be able to complete their assignment.
- Do NOT attempt to use the machine for other purposes, say - sending out spam, serving files, establishing connections to other hosts, and so on.
Follow the mooing cow ;-)