Identify and describe the phases that are involved in an ethical hacking exercise. Describe how an ethical hacker can also perform these steps, and whether a not a boundary exists in the steps that an ethical hacker should not cross. If is there is a line
education
Description
Identify and describe the phases that are involved in an ethical hacking exercise. Describe how an ethical hacker can also perform these steps, and whether a not a boundary exists in the steps that an ethical hacker should not cross. If is there is a line, why should it not be crossed? A task that may be conducted during a vulnerability assessment or penetration test is to ascertain the strength or weaknesses of the passwords on a system. This may take the shape of simply running a test against known passwords or exploiting vulnerability and stealing the password hashes and trying to crack them. In either case, the concept is the same; the difference is how the password hashes are obtained. There are many tools available to perform this task. To help give an understanding of these tools, this activity will have you explore some of these tools and analyze them to find the right fit for you and your organization. Complete the following steps: Research and find a method to extract or access password hashes for your server that meet your needs (this could be the attack or target platform from your lab environment that has been used in previous assignments). Extract the password hashes from a machine. With the extracted password hashes, try to crack them by using the program that you selected in Activity 2. Submit an obfuscated list of users and cracked passwords, output generated from the program.
