Playin with Password

1,308 views

Published on

0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
1,308
On SlideShare
0
From Embeds
0
Number of Embeds
5
Actions
Shares
0
Downloads
55
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

Playin with Password

  1. 1. Ahmad Muammar W. K. http://google.com/search?q=y3dips
  2. 2. Details Password Deal with Cracking Passive Action Simulation Discussion http://google.com/search?q=y3dips
  3. 3. Password Why ? “Kata Kunci” diansastro 090382 mickey http://google.com/search?q=y3dips
  4. 4. Password Panjang Minimum 6 Karakter Tidak Ber-Makna (bukan nama pacar, bukan tanggal lahir) Kombinasi Huruf, Angka dan karakter lain UsernameX Password Perlu Pengamanan extra http://google.com/search?q=y3dips
  5. 5. Password PassPhrase ? D1an545TR0 4m1nkExtravaganz4 KaptenTSUBASA http://google.com/search?q=y3dips
  6. 6. Ahmad Muammar W. K. http://google.com/search?q=y3dips
  7. 7. Simulation ! Cracking windows Password via linux via windows Cracking Linux Password Remote Cracking http://google.com/search?q=y3dips
  8. 8. Cracking windows Password Tools Bkhive + sampdump2 (getting hash) Pwdump2 (getting hash) John the ripper for cracking the hash Database password : SAM file , system http://google.com/search?q=y3dips
  9. 9. Cracking Linux Password Tools Unshadow John the ripper for cracking the hash Database password : passwd, shadow http://google.com/search?q=y3dips
  10. 10. Remote Cracking Bruteforcing via network Slow speed Brutus, hydra, ssh crack, tftpd-bruteforce http://google.com/search?q=y3dips
  11. 11. Ahmad Muammar W. K. http://google.com/search?q=y3dips
  12. 12. Passive Action? Browser Ability? Keylogger Application/Engine Hole Insecure protocol/line http://google.com/search?q=y3dips
  13. 13. Ahmad Muammar W. K. http://google.com/search?q=y3dips
  14. 14. Browser Ability Wand/Remember Password History Cache ability etc http://google.com/search?q=y3dips
  15. 15. Ahmad Muammar W. K. http://google.com/search?q=y3dips
  16. 16. Keylogger Malicious Program Key stroke Passive tools http://google.com/search?q=y3dips
  17. 17. Ahmad Muammar W. K. http://google.com/search?q=y3dips
  18. 18. Bugs in Application Application/Engine Vulnerability Information disclosure e.g: phpnuke, postnuke, mambo http://google.com/search?q=y3dips
  19. 19. Ahmad Muammar W. K. http://google.com/search?q=y3dips
  20. 20. Insecure Line Plaintext protocol ( http, tcp, smtp ) Plaintext Data Sniff it & collect it ( ethereal, ettercap, dsniff, etc) http://google.com/search?q=y3dips
  21. 21. http:// clear text
  22. 22. Ahmad Muammar W. K. http://google.com/search?q=y3dips
  23. 23. Survive Using a better pass phrase Using secure line/protocol Encryption Securing tools (firewall, antivirus) Update info E.t.c http://google.com/search?q=y3dips
  24. 24. Ahmad Muammar W. K. http://google.com/search?q=y3dips

×