CSCI 530 Lab 4Authentication Week Assigned: 9/25 Week Due: 10/2OverviewInstructionsAssignmentCSCI 530 Lab 4AuthenticationWeek Assigned: 9/25Week Due: 10/2OverviewIn this lab, students will create user accounts with various passwords on a Linux Virtual Machine. Students will then make a copy of the password file, and copy it to the host system, which is a Windows XP system. Students will use a tool called “John the Ripper” to crack the passwords stored in this file. Students will gain experience with all three techniques that John theRipper uses: dictionary attack, hybrid attack, and combination attack.Instructions1. Starting up the Linux Virtual Machinea. Open up VMWare by going to Start VMWare VMWare Workstationb. Click on the Fedora Core 2 line under the “Favorites” Panel on the Left-hand side.c. Under Commands, select “Start this Virtual Machine.”d. Wait the lengthy process until the Linux virtual machine starts up. It will have completely started up when you get a prompt for a user name. If at any time, you need the cursor back at the main system, press the CTRL and ALT keys at the same time.e. Once the Linux virtual machine has started up, enter root as the username and password as the password.2. Installing VMToolsa. We need VM tools installed so that you are able to copy the password file out of the virtual machine and onto the Windows system.b. Start up the Linux Virtual Machine.c. At the login prompt, enter root as the username and password for the passwordd. Press CTRL-ALT to gain the cursor back to the host machine.e. Go to the menu and go to VM Install VM Tools… Press Installf. Click on the linux screen to get back to the Linux virtual machine.g. Enter the command cd mnt to get to the mnt directoryh. Enter the command mount cdromi. Enter the command cd cdrom, then enter ls. If you see two files starting with VMWare, then everything is proceeding as normal. Otherwise, ask your Lab Assistant for assistance.j. Enter the command cp VMwareTools-5.0.0-13124.tar.gz /k. Enter the command cd /l. Enter the command tar xzf VMwareTools-5.0.0-13124.tar.gzThis will create a directory called vmware-tools-distrib in the root directorym. Go to this directory by entering cd vmware-tools-distribn. Enter the command ./vmware-install.pl to install vmtoolso. You will be asked for a lot of input regarding directories for install and paths. Everything is default, so at every prompt, just hit Enter.p. Once you are back at the normal command prompt, enter the command cd /mnt, then enter the command ls. If you see a directory called hgfs, then you can proceed with the lab.3. Creating the user accountsa. At the command prompt, enter useradd user1b. At the next command prompt, enter passwd user1i. You will be prompted for a password. Enter hello as the password. You will be given a message saying the password is a weak password, but you will be allowed to use it. Reenter the password when prompted.c. Repeat these steps for the following usernamesUsername Passworduser2 123user3 Floweruser4 Dragonuser5 Hellodragonuser6 123Hellouser7 H3110123!4. Getting the password filea. Enter the command cd /mnt/hgfs/SharedYou will be moved to the directory Shared, which is the same directory as C:\Sharedb. The usernames and passwords are kept in a file called shadow, which is kept in the directory /etc. Enter the commandcp /etc/shadow .this will copy the /etc/shadow file to the C:\Shared directory5. Loading John the Rippera. We will be using John the ripper to break the passwords. If John the Ripper is not already on the system, download it from http://www.openwall.com/john/e/john171w.zipb. Extract John the Ripper to the main C: directory. This will make life easier since John the Ripper is a command line tool. c. Go to the C:\Shared directory, and copy the shadow file to the run directory of John the Ripper, which should be C:\d. Go to StartRun, and enter cmd. Press enter.e. Go to the main directory by entering cd c:\f. Go to the directory with John the Ripper by entering cd john171w\john1701\run\g. Enter the command dir to see all the files in this directory.6. Executing a dictionary attack.a. A dictionary attack uses a word database, and tries it repeatedly. John the Ripper has this capability. Enter dir and see that there is a file called password.lst, which,when opened with notepad, you see that it is a list of potential passwords.b. Enter the following command to launch a dictionary attack:john-386.exe –w:password.lst shadowc. Note the passwords it was able to crack and the time it took.d. Delete the cracked password list by entering the commanddel john.pot7. Executing a “hybrid” attacka. A hybrid attack checks for variations of a word or a combination of dictionary words.b. Enter the following command to launch a hybrid attack:john-386.exe –w:password.lst –rules shadowc. Note the passwords it was able to crack and the time it took..d. Delete the cracked password list.8. Executing a combination attacka. John the Ripper’s default usage executes a dictionary, hybrid, and bruteforce attack.b. Enter the following command to launch a combination attack:john-386.exe shadowc. This could take forever, so if it is taking too long, you can hit CTRL-C to stop the run.d. Note the time it took and the passwords it was able to crack.9. Cleaning upa. YOU MUST DO THESE STEPS, OTHERWISE YOU WILL NOT RECEIVE CREDIT FOR THIS LABb. Go to the directory C:\Shared on the host system (Windows system). c. Delete all files in this directory.d. To shutdown the Linux Virtual Machine, enter the command halt at the commandprompt.AssignmentWrite down the time it took and the passwords it was able to crack in each case. Then e-mail thatto your Lab T.A., along with the answers to the following questions:1. What are some of the limitations to breaking passwords in this way?2. The password file is /etc/passwd for linux. Where are passwords stored for Windows Systems (Clients, not
View Full Document
Unlocking...