Passwords: Am i a joke to you?

Menu:
0:00 ▶ It's not my fault!
0:49 ▶ David - you're dumb and other TH-cam comments
1:16 ▶ John quick demo
2:50 ▶ Daniel's favourite hacking tools
4:03 ▶ Script kiddie demo
4:38 ▶ Shadow file
7:10 ▶ Copy hashes to a text file
10:20 ▶ John demo
11:29 ▶ Start John
12:30 ▶ Password complexity discussion
14:58 ▶ You want an 8 hour video?
16:30 ▶ People still use bad passwords
17:30 ▶ It's your fault!
18:20 ▶ Favourite password manager
18:55 ▶ What is rockyou file?
21:55 ▶ True brute foce
24:09 ▶ A long password doesn't help you
24:31 ▶ Mutate the wordlist
25:35 ▶ Custom rules for John the Ripper
26:37 ▶ Humans make the same passwords
27:36 ▶ Where to find wordlists
30:33 ▶ Stupid ones in production
32:19 ▶ Is my password in the rockyou file
34:34 ▶ Have I been pwned:
36:19 ▶ Hashcat vs John
37:38 ▶ ophcrack
38:54 ▶ John options
39:55 ▶ Hash types
40:58 ▶ John makes it easy
Previous video: th-cam.com/video/ES2P2hWuzDo/w-d-xo.html
Passwords: Am i a joke to you?
Big thanks to ITPro.TV for sponsoring this video.
In future videos, Daniel will show us additional tools.
================
Links:
================
ITProTV Free Training: davidbombal.wiki/freeitprotv
My ITProTV affiliate link: davidbombal.wiki/itprotv
========================
Mentioned in the video:
========================
Darknet Diaries: darknetdiaries.com/episode/33/
Custom rules for John the Ripper: gracefulsecurity.com/custom-rules-for-john-the-ripper/
have i been pwned: haveibeenpwned.com/
====================
Connect with Daniel:
====================
LinkedIn: www.linkedin.com/in/daniellowrie
Blog: blog.itpro.tv/author/daniellowrie/
================
Connect with me:
================
Discord: discord.com/invite/usKSyzb
Twitter: twitter.com/davidbombal
Instagram: instagram.com/davidbombal
LinkedIn: www.linkedin.com/in/davidbombal
Facebook: facebook.com/davidbombal.co
TikTok: tiktok.com/@davidbombal
TH-cam: th-cam.com/users/davidbombal
Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel!

best line "It's not my fault that you use a weak password"

I'd like to thank you again David for the video you released some time ago. I think more about what I should do about tomorrow rather than today.

Hello.
Amazing content.
Definitly not a joke.
I'm always inspired by the daily affirmations and have missed them the last two days.
I hope this finds you well.
Good luck.

These collaborations with Daniel are amazing!!!

"if you have never done password cracking it is a time consuming operation"..... I can attest to this, as it took me around 2-3 months to learn to write a python script that cracks hashes of MD5, salted MD5, salted SHA 256 and salted SHA 512. My script cracked 556 of 1000 hashes and got me a pass for my programming module :)
Thank you for the great cyber content, it is helping me through some of my modules

Another cool content from two great heroes

I've went ahead and knocked on all my neighbors doors and gave them their wifi passwords and told them to change it. They've been good I can still find them but they got much better. Making me and my family's neighborhood safer because im bored at night sometimes.

Would be interesting to dive a bit deeper into the various options hashcat and john are offering to use: for example markov chaining or prince statistical manipulation of password files.

Some of these tools have been around since the 90s....john still works

thank u guys so much for this vid.

Thanks for the great content David!!!! And keep up the great work you do at spreading knowledge.

Brought back in time again!

Thanks David for creating such wonderful videos

Please, can anyone tell me how he managed to get the hashes for the users??!

I was looking for good wordlists. Thank you!!!

Again this is amazing 😂😂
Now david might think why he is saying same thing every time 😂😂😂😂😂

A few days ago I wondered if I shouldn't use a password manager.
I tried a couple and realized: "Wait, those passwords are actually much weaker than what I use".
This is a shame lol. I used a kind of short pass phrase with variation every time, a few numbers and special characters.
So I guess I will keep used my good old way till my head betrays me :D

Finally
A step by step video to john the ripper.....
Do you even know how long I've waited for this !!

Thanks David, you're the #1 of them all online. I have learned so incredibly much here during only 2 wks. You made me addicted to your Channel 😂
Thanks for sharing absolutely top-notch info🎉🎉🎉

Now this is exactly what someone learning this stuff wants to see! Perfect!👌🏻👌🏻👌🏻
Thank you David for making these videos for us nubies 🤓

David sir , next up please introduce us with what is rainbow tables , how to use em n all , was a good session tho , love this collaboration big shout out to ITPROTV ♥️ n Daniel Sir

I loved learning that grep command was in Kali. Best part for me.

I enjoyed meeting Daniel and everyone else at IT Pro TV some years back at their open house event...

you can check if your passwords have been breached at any time and where & when it happened, then you know if it needs to be changed.
email too.

33.04
David: Your banking password.
Me: on standby mode to used his teachings against him.
Dan: That’s not happening, my man.

I love that u are getting better content for us

I like this guy on IT pro

Thank you so much David. Learned a lot from you and Chuck.

oh! LOL I guess they shared the same thing I did, I didn't make it that far into the video untill now ha ha. Im surprised not a lot of people do.

Big yes for 8 hour video!

i just like watching this dude explain, he is soo fun

we want more like those videos 50min flies to fast

Hey I have a question, I did everything Daniel did and john no work? Any idea?

Interesting choice of the video title there, really hooks the viewers😂😂👍

David you god them a good interviewer

love the intro

Welcome, I came after two years ‏‪0:30‬‏

we love you david ♥️♥️ your videos is very very useful

Hi, nice tut. But missed examples in John, like use custom rules with JTR...

David, if you made an online hacking lab, that would be amazing!!!

... gosh ... really informative and knowledgable - thanQ for sharing: what about (re. Password lists) Eastern / Asian / European hacker languages, esp. Chinese / Japanese script (Hirigana / Katana, etc.), Russian Cyrylic), Arabic, etc. Aren't we in the West vulnerable to those kind of hacks more .. given "they" speak western languages fluently or use our own lists "against us" ?

This was great. Thanks David.

Your videos are always interesting 😇😇

Sorry if this is a silly question but is there a reason why most of you clear the screen followed by enter enter enter enter before typing in the command? Is there a reason for this or is it just the cool thing to do? serious question here, not just trying to be funny or something

David Is cisco is linked up with any game company ?

My neighbor´s wifi password is : eeeeeeee ;
(no kidding really), it took wifite like 0.05 second to crack it, and I use a 2007 old Macbook.

Great video... Thanks. Could anyone please provide a link or a resource in which i can learn more about hashcat and john. Especially with examples.

I have a question, how would you go about informing/educating users to use passphrases instead of passwords? Is it naive to think it can be done? Thank you for great content

Was expecting complete tutorial of JTR. ., but yh its fine learned a life lesson.😄

Making a video on how to crack a hard password is actually what a lot of people want. Editing the video would keep the video from taking 8 hours long. I don't understand how that's unreasonable to be honest.

That’s a long one, but thanks David

Really good and useful…Keep going guys

This was needed 🎉🔥🥳

what if we don't know the parameters and length of the password; how can we perform a brute force attack

Great video David

a great pass maneger is keepass2 open scource loca db and you can use 3 lock at same time

So maybe keep a password book - you know - a paper book with your complex passwords. People can be so lazy. Case in point- I told my relatives to have complex passwords, like 14+ characters instead of 1234 - which they used for their bank account. Even after two of them had 40K stolen, they still don’t get it. People are just tech illiterate.

As usual great stuff👍

Hey Professor,
Question in your course from udemy CCNA, any ideas where I can get a switch from? Which one you can recommend that is not expensive but good to follow along in your course? Let me know when you get a chance.
Thank you Jose

Thank you Daniel.

David sir,I have a serious question please help. What should I do my phone and windows PC was hacked all my social media accounts were also hacked? can resetting and then changing all passwords remove hacker?....
After doing all that I have a tooooooo silly question does sim card data pack also get malwares??
Should I change sim card also??

E: Unable to locate package
I had put respiratory but it doesn't solve that problem.. Please give any idea of that

Thank you so much bro. Sending virtual hugs. Worked like a charm ;-)

Passphrases are very good to use 😄

Great information sir, I really love your content....

Sir full Tutorial brut fource attack and rainbow table

Today completed hashing room of thm
And here's david with the same thing.

Fantastic video.

You are amazing, thank you for all you do

Sir plz make video on fluxion

Thanks for your information Sir 👍

Hello sir how to create strong password safe in hacker how many digit

Sir, in which year you launched ccna course in udemy

you are doing great sir.I am waiting for more videos from you sir

David I have tried the airmon check kill cmd at that time wifi adaptor get killed and it's not enable back is there any solution for that

You guys are the best . Thx .

My passwords are hacker horror; I seem to have a weak life security profile. Fine balance in protection from hacking and all out paranoia. I'm just now seeing my vulnerabilities and it's shocking.

Sir can we hack any wifi which is protected by a fireboll

Amazinggg videooo siirr!!

if only I wasnt dumb

ssh: yes

I'm not hacker,I'm gamer pal

If you have root access (read-write the shadow file), can't you just change the hashes to whatever you'd like?

Using default input encoding: UTF-8
Loaded 1 password hash (Raw-MD5 [MD5 256/256 AVX2 8x3])
No password hashes left to crack (see FAQ)
Error

Where re you from? 'Bombal' isnt a Polish surname?🤔

The best and easiest way to get password ethically is just ask them!

Hey David please make a video in metasploit because I my handler fails to bind with the ip.

hi my software activation key not found but it is correct becouse i have been used before in other pc, what can i do?

So the requirements to enter kinds of characters imposed upon us, help the hackers guess what we will enter - interesting!

I LOVE YOU DAVID

Informative as always ..👍🏻

I want to know the platform they are hacking is it a software a login a computer? How do you apply this to a Google account for example

Nice video David sir I need this thanks for providing content free!

Thanks david

1:18 may i know what is the tool that you using and how to install it to pc?

why i'm getting this error???? | Using default input encoding: UTF-8
No password hashes loaded (see FAQ)|

David sir really want the bank password 😁😂😂

Great video, but how do you get the hashes in the first place?

Hello. But which password manager would you guys recommend?