Hey, guys, smarttechbuzz is back with an interesting topic how to hack passwords and how hackers crack passwords for Facebook, Twitter, wifi, Gmail, Instagram.
Contents
HOW HACKERS CRACK PASSWORDS
Today’s these current scenarios every one want to know how to hack someone’s account and how to know enormous secrets to crack unknowingly , so here the smarttechbuzz can explain how to hack the passwords without any permission and most of the hackers can choose these following steps to hack each and everyone password or valuable information with these following guidelines.
Before getting into hacking procedure we can clear about the doubts of all tech people these following procedure can explain and clear with the questions like how to account hack? how to figure out someone’s password? and also like facebook password hacker, Gmail password hack, wifi password hacker, Instagram password cracker these all questions are to be cleared.
In this world how hackers crack passwords, codes, valuable information and many other, just they can fallow only this procedure and steps.
How passwords are really cracked passwords are not saved as plain texts any website of this age on the internet uses a hashing algorithm to encrypt and manage passwords there are many types of hashing algorithms like the sha-1 md5 etc.
How Facebook Password will be Hacked: As an example let’s consider Facebook in order to log into your Facebook account you enter your email and password and click on log in the first time you create a Facebook account you are asked to fill in a form like this which contains your name your email address and it asks you to choose a password your birth date.
Hackers crack passwords.
And your gender, once you click on sign up this data, is sent to the Facebook’s back-end database in the Facebook’s database your name your gender your age and your email or phone is saved as it is but what about the password.
As I told you a password will never be saved as a plain text in a website’s database so this password is given as input to a hashing algorithm and the output given by this hashing algorithm is the encrypted form of the password which appears to be random but is not this hashed password is saved in the Facebook’s database but not the plain text.
which means the password which you entered will never be saved on Facebook’s database as a plain text instead only it’s encrypted or in other words the hashed password is saved in the Facebook’s database now suppose.
Facebook had a data breach and hackers managed to gain access to Facebook’s user info which included their name age gender email and password though hackers have this information they will not be able to log in to any specific user account because the password is encrypted.
If the hacker tries to log in to any specific user account with the hashed password he will not be provided access he only needs to enter the password which is in the plaintext form.
So what do the hacker do know intuitively the only possible way is to reverse the hash into its plaintext form but this is highly impossible because a hash is a one-way function and the plaintext form of a hash cannot be obtained from the hash itself that is how hashing algorithms are designed.
So what now this is when the strength of the password comes into the play if you are using a common password like test one two three four five six which I used earlier to sign up for Facebook then the hacker will easily able to know the plaintext form of your password from the hash string there is something known as rainbow tables.
These rainbow tables contain the password hashes of numerous commonly used passwords along with their plaintext forms so the password hacker will be able to do a simple search with the password hash that he has and if the password hash exists in the rainbow table that means that the password is successfully cracked and we now have the password in a plaintext form remember the rainbow tables contain the password hashes of only the passwords.
which are commonly used as a reference you can try it yourself at crack station dotnet but what if the password is not a commonly used password in that case rainbow tables are of no use so there comes dictionary attack and brute-force attack both are quite similar in picks area attack you have a word list a word list is nothing but a huge text file with loads of passwords in this attack the hacker writes a code which compares.
The password has to be correct with the password hash of each and every password that exists in the world list file if any hashes match then it means that the cracking is successful and we now have the plain text of the hashed password now this attack can be target specific as well.
Which means you can actually create your own word list targeting a specific individual provided that you know some basic details about him and assuming that he used his basic details to frame his password this attack can be a success or a failure based on the quality of the word list that you are using in a brute-force attack each and every combination of letters symbols and numbers are converted into their hash forms and are then compared with the password.
Hash which is to be cracked in other words you are literally taking every possible password that can exist convert it into its hash and check if the hashes match so yes it literally takes forever to crack a strong password using this method, however, the computer’s processing speed is fast enough then yep simple passwords can be cracked easily by this method a new technique called salting is introduced by security analysts to care hackers a hard time in cracking passwords in this technique.
a specific combination of characters are inserted at specific positions of the plaintext password before hashing every company has its own salting algorithm and they don’t make their salting algorithm public.
For example, let’s say Facebook salting algorithm inserts a string F ampersand to P at the beginning after the third character and at the end of the plaintext password after salting the password the salted password is then hashed by a hashing algorithm.
So when a salt is used rainbow tables are of no use even if the password to be cracked is a weak and commonly used password because the hash of the password without salting does not match the hash of the password.
Which is salted also brute-force attack and dictionary attack are not effective to crack salted passwords unless the hacker already knows the salting algorithm employed by a company.