- The CIA triad is as the core of information security - Authentication is the validation of a user's identity by presenting one or more of the below factors: - Something you know - Something you have - Something you are - Somewhere you are # Hashing - Passwords are typically stored locally as a hash - Hash functions are designed as one-way mathematical functions - However, some older hash functions have known collisions - Example hash functions MD-5, SHA-256 ```bash echo -n Soccer06! | md5sum echo -n Soccer06! | sha256sum ``` # Rainbow table attack - Rainbow tables are large pre-compiled maps of input and output values for a given hash function - Once we exfiltrated a password hash we can leverage a rainbow table on the attacker machine to attempt to crack the hashed password - Salting and peppering can be used to make a password hash resistant to a rainbow table attack # Brute-force attack - This involves attempting every possible combination of letters, numbers, and symbols until the correct password is discovered - Shorter passwords (<9 characters) are viable brute-0dorce targets, even on consumer HW - As an example, when using a laptop, a tool like `hashcat` might be able to guess over 5M passwords / sec when attacking MD5, while at the same time only managing 10K password / sec when targeting a DCC2 hash # Dictionary attack - Efficient technique for cracking passwords as it uses a list of statistically likely passwords - Also known as a wordlist - `rockyou.txt` is a primary example from `SecLists` - includes 14M real passwords that were leaked when the `RockYou` website was hacked in 2009 - located in `/usr/share/wordlists/rockyou.txt`![[images/Pasted image 20251006085404.png]]