Network Wizkid's Technical Knowledge Base

In this article, I would like to highlight the importance of using complex passwords when hashed with the MD5 128-bit algorithm. I will demonstrate the cracking of MD5 salted passwords using Kali Linux and a password cracking tool, John the Ripper. Cisco IOS devices use the MD5 algorithm to hash username passwords created by administrators. When weak password strings are used that are protected with MD5 they become susceptible to attacks. MD5 passwords use something called salted hash, this is a four-character phrase that is generated and combined with the password. Extracts of the following demonstration are taken from a CCNA Security lab I have been working on. It was such an informative lab, I decided to document it and share it with the SYNACK community. To carry out MD5 cracking we will use John the Ripper to crack a weak hashed password and then we will use a custom dictionary to carry out the second attack. Step 1. Produce a one-way transform (MD5 hash) using Kali Linux Open Ter

In this article I will explain demultiplexing and how it works by walking through a .pcap file taken from the lab in the screenshot below. We will focus on the data flowing from PC1 and SW1 to R1’s ingress port. Demultiplexing (DEMUX) is the method in which the TCP/IP stack uses to determine if datagrams have been received correctly and if so, how should they be processed. Demultiplexing looks at certain fields at each layer of the TCP/IP stack, these fields include MAC addresses, IP addresses, protocols and ports. Checksums are also accounted for to verify the datagram hasn’t been damaged during transit. Physical I sent a DHCP request from PC1 into the network and captured the request on the Gigabyte interface connecting SW1 and R1, we will use the DISCOVER .pcap file to walk through demultiplexing. As shown in figure .1 , the Ethernet frame enters the ingress interface of R1 from PC1. We have lots of information to accompany the datagram but our main focus is the Encapsulation type w