An auditor is reviewing the following output from a password-cracking tool:
User:1: Password1
User2: Recovery!
User3: Alaskan10
User4: 4Private
User5: PerForMance2
Which of the following methods did the author MOST likely use?
A. Hybrid
B. Dictionary
C. Brute force
D. Rainbow table
Good find. definitely says A is the Answer. Which makes sense, as it B was the answer, then would have to ask “that the hell is is hybrid attack?”
This is definitely a Hybrid attack. Read the following article and it will make perfect sense.
https://www.cyclonis.com/what-is-hybrid-password-attack-how-used-password-cracking/
B is correct.
Brute force: Uses different kind of possible key combination. A large number of key combinations are possible. Easy to crack when the length is small. And lot difficult when length is large.
Dictionary: Uses list of known password. Limited numbers of common keys . Easy to crack when the password is common.
Fundamentally, all dictionary attacks are brute force. One difference is that dictionary is sort of a “smart” attack, such that it doesn’t try words that aren’t in the dictionary. BUT you still have to run through “password1”, “password2”, “password3”, etc.