{"id":483,"date":"2025-10-14T09:28:26","date_gmt":"2025-10-14T09:28:26","guid":{"rendered":"https:\/\/sites.wp.odu.edu\/dhill036\/?page_id=483"},"modified":"2025-11-16T13:26:52","modified_gmt":"2025-11-16T13:26:52","slug":"lab-5","status":"publish","type":"page","link":"https:\/\/sites.wp.odu.edu\/dhill036\/cyse-270\/lab-5\/","title":{"rendered":"Lab 5 – Password Cracking"},"content":{"rendered":"\n

My Experience on This Lab<\/strong><\/p>\n\n\n\n

In this lab, I created several Linux user accounts with different password complexity levels using commands like useradd<\/strong><\/code>, passwd<\/strong><\/code>, and sudo tail \/etc\/shadow<\/strong><\/code> to view their hashes. I then exported the hashes into a file using sudo cat \/etc\/shadow > dhill036.hash<\/strong><\/code> and used John the Ripper to test password strength. Running john --wordlist=\/usr\/share\/wordlists\/rockyou.txt dhill036.hash<\/strong><\/code> showed me how quickly simple passwords can be cracked compared to complex ones.<\/p>\n\n\n\n

Key Concepts I learned<\/strong><\/p>\n\n\n\n

I learned how password hashes are stored in \/etc\/shadow<\/strong><\/code> and how tools like John the Ripper perform dictionary attacks. The lab demonstrated the importance of strong passwords, since basic dictionary words and short digit-only passwords were cracked almost instantly.<\/p>\n\n\n\n

Challenges Faced<\/strong><\/p>\n\n\n\n

As a a first time user I found it challenging to export the hashes correctly and choose the right John the Ripper options. Ensuring each password met the required complexity also took careful attention. Seeing weak passwords crack immediately while stronger ones held up highlighted the importance of using complex passwords for security.
<\/p>\n\n\nPDF Embedder requires a url attribute<\/b>\n\nPDF Embedder requires a url attribute<\/b>\n\n\n