The next stage to Enumeration is system hacking and password hacking is one of the crucial part of hacking a system. Depending on how an attacker tries to attack password for hacking password attacks can be classified as follows,
Passive Online Attack
Active Online Attack
Passive Online Attack:
In passive online attacks an attacker don’t contact with authorizing party for stealing password, in other words he attempts password hacking but without communicating with victim or victim account. Types of passive online attacks includes wire sniffing, Man in the middle attack and reply attack.
Active Online Attack:
This type of attack can be directly termed as password guessing. An attacker tries number of passwords one by one against victim to crack his/her password.
Offline password attacks are performed from a location other than the actual computer where the password reside or were used. Offline attacks requires physical access to the computer which stores password file, the attacker copies the password file and then tries to break passwords in his own system. Offline attacks include, dictionary attacks, hybrid attacks, brute force attack, precomputed hash attacks, syllable attacks, rule based attacks and rainbow attacks.
Non Technical Attacks:
This type of attacks does not require any technical knowledge hence termed as non-technical attacks. This kind of attacks may include, social engineering, shoulder surfing, keyboard sniffing and dumpster diving.