Being able to achieve entry to a system that you’re not believed to have entry to is known as Hacking. For example, login into an email account without permission is considered hacking that account. Gaining access to a remote computer without permission is hacking that computer. So you can see that there are a large number of ways to hack into a system and the word hacking can direct to several specialties but the main concept is the same. Acquiring entry or being able to do things that you’re not supposed to be capable to do, is considered hacking.
Ethical hacking:
To crack passwords or to rob data? No, it is much more additional than that. Ethical hacking is scanning susceptibilities to find possible threats on a computer or network. An ethical hacker finds the weak points or loopholes in a computer, web application, or network and registers them to the organization. So, let’s study more about Ethical Hacking step-by-step.
There are various types of hackers:
1. Black hat hackers:
Here, the organization doesn’t allow the user to push it. They unethically penetrate inside the website and swipe data from the admin panel or exploit the data. They only focus on themselves and the benefits they will get from personal data for personal financial gain. They can cause major harm to the company by altering the functions which leads to the loss of the company to a much more elevated extent. This can even lead you to harsh consequences.
2. White hat hackers:
Here, we look for bugs and ethically inform them to the organization. We are authorized as a user to test for bugs in a website or network and inform them. White hat hackers typically get all the needed information about the application or network to test for, from the association itself. They use their skills to test it before the website goes live or is attacked by nasty hackers.
3. Grey hat hackers:
They sometimes have access to the data and disregard the law. But never have the same purpose as Black hat hackers, they often operate for the common good. The main difference is that they manipulate vulnerability publicly whereas white hat hackers do it secretly for the company.
Why Python Programming For Hacking
Programming languages like Python are widely used for general-purpose and high-level applications. Python is a very straightforward language yet powerful scripting language, it’s open-source and object-oriented and it has great libraries that can be used both for hacking and for writing very useful normal programs different from hacking programs. In the future and present generation python is very popular and it’s easy to learn, learning to hack with python will be fun and you will learn python programming in the best way. There is a great market for python developers in the market.
How Password Are Hacked
Everyone knows that passwords are not kept a plain text in the website’s database. When you find a password that has been encrypted (md5), we are going to see how to hack it. So we take the input_hash(hashed password in the database) and try to contact it with the md5 hash of every plain text password which is in a password file(pass_doc) and when the hashes are compared we only display the plain text password which is in the password file(pass_doc). If the password is not present in the input password file it will say the password is not found, this occurs only if buffer overflow doesn’t occur. This type of attack can be thought a dictionary attack.
Below is the implementation. Let’s suppose the text file including a list of passwords is password.txt.
import hashlib
print("**************PASSWORD CRACKER ******************")
# To check if the password
# found or not.
pass_found = 0
input_hash = input("Enter the hashed password:")
pass_doc = input("\nEnter passwords filename including path(root / home/):")
try:
# trying to open the password file.
pass_file = open(pass_doc, 'r')
except:
print("Error:")
print(pass_doc, "is not found.\nPlease give the path of file correctly.")
quit()
# comparing the input_hash with the hashes
# of the words in password file,
# and finding password.
for word in pass_file:
# encoding the word into utf-8 format
enc_word = word.encode('utf-8')
# Hashing a word into md5 hash
hash_word = hashlib.md5(enc_word.strip())
# digesting that hash into a hexa decimal value
digest = hash_word.hexdigest()
if digest == input_hash:
# comparing hashes
print("Password found.\nThe password is:", word)
pass_found = 1
break
# if password is not found.
if not pass_found:
print("Password is not found in the", pass_doc, "file")
print('\n')
print("***************** Thank you **********************")
Input:
Enter the hashed password : 061a01a98f80f415431236b62bb10b
Enter passwords filename including path(root/home/) : password.txt
Output:
Password found.
The password is :Rahul
Input:
Enter the hashed password : aae039d6aa239cfc1213a825210fa3
Enter passwords filename including path(root/home/) : password.txt
Output:
Password found.
The password is :Aklak