This is an old revision of the document!
Table of Contents
Brute Force Attacks
Brute forcing is a method of cracking passwords. It involves rotating through a series of potential passwords (or “strings”) until the correct one is discovered. Depending on the complexity of the password and the power of the computer involved, this can take no time at all, or it can take forever.
There are two forms of brute force attacks: The first is dictionary style, in which many predefined strings from a wordlist (or “dictionary”) are tried. In the second form, random strings are created from random numbers/integers. The former is faster, but does not always work, while the latter is slower but will eventually get it.
Brute force attacks can be done both locally and remotely. Local attacks are for times like, when you have physical access to someone's machine, or a copy of someone's password-protected file on your own computer. Remote attacks are, as the term implies, done remotely over a network or the internet, in situations like getting access to someone's web site or web server. Because many servers are designed to automatically ban the IP addresses of anyone performing multiple login attempts, remote attacks are harder and more time consuming to pull off than local attacks.
Software
Simple brute force attacks can be done manually. However, it is very slow to do it that way, so hackers have created a litany of tools that will perform this type of attack automatically. Here are a few of them:
Note: These links are from the old Insurgency Wiki page, and still need to be gone through and updated. — Humphrey Boa-Gart 2024/10/02 07:17
Wordlists/Dictionaries
A file that contains a large number of words, used for dictionary style attacks. Normally in a .txt format or some other easily readable and editable format.
Note: These links are from the old Insurgency Wiki page, and still need to be gone through and updated. — Humphrey Boa-Gart 2024/10/02 07:17
Find this page online at: https://bestpoint.institute/tactics/brute-force