From f97eec55df3e283d4affecbe114460266d42f7bf Mon Sep 17 00:00:00 2001
From: Manuel Thalmann <m@nuth.ch>
Date: Fri, 15 Dec 2023 15:31:21 +0100
Subject: [PATCH] Add notes for Lab 09

---
 Lab 9 - Authentication/.gitignore |  2 ++
 Lab 9 - Authentication/README.md  | 29 +++++++++++++++++++++++++++++
 2 files changed, 31 insertions(+)
 create mode 100644 Lab 9 - Authentication/.gitignore
 create mode 100644 Lab 9 - Authentication/README.md

diff --git a/Lab 9 - Authentication/.gitignore b/Lab 9 - Authentication/.gitignore
new file mode 100644
index 0000000..bdaf65e
--- /dev/null
+++ b/Lab 9 - Authentication/.gitignore	
@@ -0,0 +1,2 @@
+rockyou.txt
+steve_passwords.kdbx
diff --git a/Lab 9 - Authentication/README.md b/Lab 9 - Authentication/README.md
new file mode 100644
index 0000000..8e0bc58
--- /dev/null
+++ b/Lab 9 - Authentication/README.md	
@@ -0,0 +1,29 @@
+# Authentication
+## Download Wordlist
+```sh
+wget https://github.com/brannondorsey/naive-hashcat/releases/download/data/rockyou.txt -O rockyou.txt
+```
+
+## Password Cracking
+Crack Password using `john`:
+
+```sh
+#!/bin/bash
+john --wordlist=./rockyou.txt --format=crypt <(echo '$1$randsalt$1FzqFfQs5tCdStIZl215/.')
+```
+
+As a result we get the password: `topgunner2k7`
+
+## KeePass Cracking
+Download KeePass database:
+
+<https://courses.fit.cvut.cz/BIE-ASB/tutorials/files/steve_passwords.kdbx>
+
+Crack KeePass database password:
+
+```sh
+#!/bin/bash
+john --wordlist=./rockyou.txt <(keepass2john steve_passwords.kdbx)
+```
+
+As a result, we get the password: `dancingdiva11195`