Cracking Passwords in Linux

Lab Steps

lock
Cracking Linux Passwords

The hands-on lab is part of this learning path

Ready for the real environment experience?

DifficultyIntermediate
Time Limit30m
Students693
Ratings
4.6/5
starstarstarstarstar-half

Description

Passwords are the most common factor for authenticating users. There are efforts to reduce our dependence on passwords but they will remain a fact of life for years to come. Passwords provide an authentication challenge to a user allowing them to prove they are who they say they are. This Lab illustrates some of the problems with password-based challenges by showing how to launch a password crack attack on Linux system users. You will learn how to crack passwords and at the same time learn how to defend against password crack attacks.

You will use Kali Linux to perform the password crack attack. Kali Linux includes the password cracking tool used in this Lab by default. The Kali Linux host is running as a virtual machine in a Hyper-V virtual environment.

This Lab is designed for the CREST Practitioner Security Analyst (CPSA) certification examination but is of value to security practitioners in general.

Learning Objectives

Upon completion of this Lab you will be able to:

  • Understand how passwords are stored in Linux
  • Perform basic password crack attacks against Linux users
  • Learn the technique and strategies used to crack passwords
  • Defend against password cracking attacks

Intended Audience

This Lab is intended for:

  • CREST CPSA certification examinees
  • Security practitioners
  • Linux users

Prerequisites

You should be familiar with:

  • Working at the command-line in Linux

You can fulfill the prerequisites by completing the Linux Command Line Byte Session Learning Path.

 

Updates

July 10th, 2020 - Enabled direct browser RDP connection for a streamlined experience

Environment before
PREVIEW
arrow_forward
Environment after
PREVIEW
About the Author
Students178633
Labs210
Courses9
Learning paths49

Logan has been involved in software development and research since 2007 and has been in the cloud since 2012. He is an AWS Certified DevOps Engineer - Professional, AWS Certified Solutions Architect - Professional, Microsoft Certified Azure Solutions Architect Expert, MCSE: Cloud Platform and Infrastructure, Google Cloud Certified Associate Cloud Engineer, Certified Kubernetes Security Specialist (CKS), Certified Kubernetes Administrator (CKA), Certified Kubernetes Application Developer (CKAD), and Certified OpenStack Administrator (COA). He earned his Ph.D. studying design automation and enjoys all things tech.

Covered Topics