password cracking
Recently Published Documents


TOTAL DOCUMENTS

61
(FIVE YEARS 25)

H-INDEX

9
(FIVE YEARS 2)

2022 ◽  
Vol 7 (1) ◽  
pp. 43-51
Author(s):  
Stefanus Eko Prasetyo ◽  
Try Windranata

aringan Nirkabel merupakan sekumpulan perangkat elektronik yang menghubungkan satu dengan yang lain memanfaatkan perangkat udara alias frekuensi jadi alur lintas data. Masa sekarang ini, ada banyak pengguna yang memanfaatkan WPA2-PSK ataupun WPA2-EAP menjadi security system jaringan nirkabel yang bertujuan untuk menghindari orang yang mengakses tanpa izin.  Riset ini memakai teknik wireless penetration testing yang memakai fluxion tools dengan membandingkan dan menganalisis security system otentikasi WPA2 dengan EAP-PSK pada jaringan nirkabel yang bertujuan untuk mengetahui kerentanan sebuah sistem keamanan jaringan tersebut. Untuk melaksanakan penetration testing penulis mengacu terhadap “Wireless Network Penetration Testing Methodology.” Yang terdiri dari intelligence gathering, vulnerability analysis, threat modelling, password cracking, dan reporting. Dari penelitian ini akan menyimpulkan WPA2-PSK kurang aman untuk digunakan dikarenakan terlihat pada penetration testing tesrsebut WPA2-PSK berhasil dibobol dalam keadaan SSID unhide­, sedangkan WPA2-EAP berhasil dalam pembuatan Web Interface namun tidak berhasil dalam mendapatkan informasi seperti username dan passwor. Jika WPA2-PSK SSID dalam keadaan hide akan mengagalkan peretasan sehingga dari sistem keamanan kedua tersebut memiliki kelebihan dan kekurangan masing-masing tergantung kebutuhan pengguna.


2021 ◽  
Author(s):  
Haodong Zhang ◽  
Chuanwang Wang ◽  
Wenqiang Ruan ◽  
Junjie Zhang ◽  
Ming Xu ◽  
...  
Keyword(s):  

2021 ◽  
Vol 2021 ◽  
pp. 1-16
Author(s):  
Ruixin Shi ◽  
Yongbin Zhou ◽  
Yong Li ◽  
Weili Han

Researchers proposed several data-driven methods to efficiently guess user-chosen passwords for password strength metering or password recovery in the past decades. However, these methods are usually evaluated under ad hoc scenarios with limited data sets. Thus, this motivates us to conduct a systematic and comparative investigation with a very large-scale data corpus for such state-of-the-art cracking methods. In this paper, we present the large-scale empirical study on password-cracking methods proposed by the academic community since 2005, leveraging about 220 million plaintext passwords leaked from 12 popular websites during the past decade. Specifically, we conduct our empirical evaluation in two cracking scenarios, i.e., cracking under extensive-knowledge and limited-knowledge. The evaluation concludes that no cracking method may outperform others from all aspects in these offline scenarios. The actual cracking performance is determined by multiple factors, including the underlying model principle along with dataset attributes such as length and structure characteristics. Then, we perform further evaluation by analyzing the set of cracked passwords in each targeting dataset. We get some interesting observations that make sense of many cracking behaviors and come up with some suggestions on how to choose a more effective password-cracking method under these two offline cracking scenarios.


2021 ◽  
pp. 104398622110016
Author(s):  
Adam M. Bossler

The threat of formal sanctions is the criminal justice system’s primary tool to discourage online and offline deviant behavior. Yet, scholars have expressed strong concerns about the effectiveness of formal sanctions to deter cybercrime. Even more surprising is the sparsity of deterrence research in the cybercrime literature. This study examined the effects of perceived formal and informal sanctions on digital piracy, computer hacking, and online harassment in a large American college sample. Perceived formal sanctions was negatively correlated with software piracy, media piracy, password cracking, accessing accounts, sending mean messages privately online, and posting mean messages. Higher levels of perceived formal sanctions did not significantly predict any form of cybercrime, however, when controlling for informal sanctions and deviant peer associations. The implications of the findings for our ability to deter deviant behavior in cyberspace are explored.


2021 ◽  
pp. 334-353
Author(s):  
Wenjie Bai ◽  
Jeremiah Blocki ◽  
Ben Harsha

2020 ◽  
Vol 10 (20) ◽  
pp. 7306 ◽  
Author(s):  
Sungyup Nam ◽  
Seungho Jeon ◽  
Jongsub Moon

Despite their well-known weaknesses, passwords are still the de-facto authentication method for most online systems. Due to its importance, password cracking has been vibrantly researched both for offensive and defensive purposes. Hashcat and John the Ripper are the most popular cracking tools, allowing users to crack millions of passwords in a short time. However, their rule-based cracking has an explicit limitation of depending on password-cracking experts to come up with creative rules. To overcome this limitation, a recent trend has been to apply machine learning techniques to research on password cracking. For instance, state-of-the-art password guessing studies such as PassGAN and rPassGAN adopted a Generative Adversarial Network (GAN) and used it to generate high-quality password guesses without knowledge of password structures. However, compared with the probabilistic context-free grammar (PCFG), rPassGAN shows inferior password cracking performance in some cases. It was also observed that each password cracker has its own cracking space that does not overlap with other models. This observation led us to realize that an optimized candidate dictionary can be made by combining the password candidates generated by multiple password generation models. In this paper, we suggest a deep learning-based approach called REDPACK that addresses the weakness of the cutting-edge cracking tools based on GAN. To this end, REDPACK combines multiple password candidate generator models in an effective way. Our approach uses the discriminator of rPassGAN as the password selector. Then, by collecting passwords selectively, our model achieves a more realistic password candidate dictionary. Also, REDPACK improves password cracking performance by incorporating both the generator and the discriminator of GAN. We evaluated our system on various datasets with password candidates composed of symbols, digits, upper and lowercase letters. The results clearly show that our approach outperforms all existing approaches, including rule-based Hashcat, GAN-based PassGAN, and probability-based PCFG. The proposed model was also able to reduce the number of password candidates by up to 65%, with only 20% cracking performance loss compared to the union set of passwords cracked by multiple-generation models.


Sign in / Sign up

Export Citation Format

Share Document