Cracking the Passwords
Table of Contents
1 What is Password Cracking?
Given an "encoded" (may be salted) password, (re-) construct its plain text version. A login Trojan, a keyboard logger, un-encrypted communication with an ISP or website, …, can all get the plain text password. We (should) call this stealing – not cracking.
Prerequisite: ../Passwords/ hashes, salting, MD5, SHA512, Linux /etc/shadow
1.1 Caution
When you crack passwords, you could be breaking the law. Do it only in the context of our course.
1.2 Overview
- Terminology: Lookup Tables, password lists, crack hashes.
- https://haveibeenpwned.com/ Check if you have an account that has been compromised in a data breach!
- https://www.onlinehashcrack.com/ A password recovery service assisting pen-testers & security experts since 2008. Non-profit.
- Penetration testing includes password audit.
- https://www.kali.org/news/kali-linux-aws-cloud/ December 2016 Kali Linux full images are free on the Amazon AWS marketplace. Make sure to fill out the Amazon penetration testing request form.
- https://github.com/offensive-security/kali-cloud-build Kali bootstrapping script for Amazon Machine Images (AMI)
- There are many other penetrations distros. Visit http://distrowatch.com
2 Cracking Ideas Overview
2.1 Stealing the Passwords
A login Trojan, a keyboard logger, un-encrypted communication with an ISP or website, …, can all get the plain text password. We (should) call this stealing – not cracking.
2.2 Social Engineering
- [From "The New Hacker's Dictionary" aka Jargon File] Social engineering is a term used among crackers and samurai for stealing (cracking?) techniques that rely on weaknesses in wetware rather than software; the aim is to trick people into revealing passwords or other information that compromises a target system's security.
- Classic scams include phoning up a mark who has the required information and posing as a field service tech or a fellow employee with an urgent access problem.
2.3 Causing a Password Reset
- A now common stealing (cracking?) technique is to attempt to login at a site, and cause a password reset request to be sent to the email address on record, which the attacker has gathered through other techniques. This email is then intercepted.
2.4 Fooling Finger Prints
Read smartphone fingerprint scanners are they secure?. Read also How To Fool a Fingerprint Security System at http://www.instructables.com/. Does this really work? May be not always. But, as can be seen, this is mostly a question of perfecting such techniques. Here is more advice: why you should not use the new smartphone fingerprint readers.
2.5 What Are Hashes?
- What exactly are rainbow tables cannot be explained without first talking about crypto hashes, hash chains etc.
- Hash functions are used in data bases, etc. Every hash function maps a large domain into a small range of numbers. Thus, there always will be collisions, i.e., for two a, b, (hash) = hash(b). Note also that the inverse of a hash function is not a function.
- Crypto-hash functions, chash, are used in storing passwords, etc. A few famous crypto hash functions are MD5, SHA1, SHA512. Every crypto hash function is an ordinary hash function also.
- The result r of chash(a) is known as a hash of a. The r is not considered an encryption of a.
- The crypto hash functions are so carefully designed/ constructed/ implemented that, until recently (?), there was no "computationally feasible" algorithm that can be applied to the following problem. Because of this they are also called one-way.
- Suppose we already know, chash(a) = y, where a is a plain text input, and y was the result of a crypto-hash function chash. Discover a b so that: chash(b) = y.
- For MD5 and SHA1, in the last few years, the above problem has been solved.
- http://en.wikipedia.org/wiki/Cryptographic_hash_function
2.6 Dictionary Attack
- Brute force "decryption"
- Crackers obtain
/etc/passwd
and/etc/shadow
files through other techniques, and crack the encoded passwords on their own computer systems. - To speed up password cracking, a dictionary of words and well-known
passwords are encoded using all possible salt values. These are
compared with the encoded passwords in the
/etc/shadow
file. These are compared with the encoded passwords in the/etc/shadow
file. Several machine-readable collections of dictionaries are available for various uses, including cracking. - An 8 character password encodes, with salt, to one of 4096 * 13 character strings. So, a dictionary of say 2,000,000 common words, names, passwords, and simple variations would amount to some 20 GB.
2.7 Rainbow Tables
- ./Rainbow-Tables What are Rainbow Tables? These use good amount of discrete math.
2.8 Cracking Services
- https://haveibeenpwned.com/ Check if you have an account that has been compromised in a data breach!
- https://www.onlinehashcrack.com/ "Online Hash Crack is a password recovery service assisting pen-testers & security experts since 2008." Non-profit.
3 Some Well Known Cracking Tools
- Crack programs now use GPUs (visit e.g., http://www.cryptohaze.com/) in parallelizing and can try billions of hashes per second.
- http://sectools.org/tag/pass-audit/ Password Audit tools. Ranked by votes.
3.1 John-the-Ripper
- JTR is a password cracker. Linux/Unix, Windows. Command line.
apt-get install john
Installsjohn
,unshadow
, etc. https://github.com/magnumripper/JohnTheRipper - Suppose we have a file of salted and encoded passwords, such as
/etc/shadow of Linux. John can try hard to crack these into plain
text. Can take hours.
sudo apt-get install john sudo unshadow /etc/passwd /etc/shadow > /tmp/mypasswd.txt john /tmp/mypasswd.txt
- Attempts (i) a dictionary attack, (ii) combined dictionary words, (iii) hybrid attack of dictionary words with special characters and numbers, (iv) brute force.
- John prints a status line when a key is pressed. John can create multiple named sessions. http://www.openwall.com/john/doc full docs, including download links, etc.
- http://rafaveguim.github.io/cracking/passwords/jtr/2016/05/05/jtr-research-lab/
Generate charts with
--external=AutoStatus
andchart_logs.py
. 2016. - ./john.html
3.2 Hashcat
- Hashcat is a "password recovery" utility, using CPUs, GPUs, and other hardware accelerators on Linux, Windows, and OSX. Can do distributed password cracking.
- ./HashCat/hashcat-wip.html
3.3 RainbowCrack
- http://project-rainbowcrack.com/ RainbowCrack uses rainbow tables to crack unsalted hashes. It differs from brute force hash crackers. GPU acceleration is a key feature of RainbowCrack. It can offload most runtime computation to GPUs (NVIDIA/ AMD).
- http://project-rainbowcrack.com/table.htm A List of Rainbow Tables. Key space of 13,759,005,997,841,642. Several TB of generated rainbow tables for LM, NTLM, MD5 and SHA1 are listed. Not (all) free.
- http://project-rainbowcrack.com/ has freely downloadable
executables for all major OS:
- rtgen: generate rainbow tables,
- rsort: sort the rainbow table;
- rcrack: find the password.
3.4 CrackStation
- https://crackstation.net/ CrackStation uses massive pre-computed lookup tables created by extracting every word from the Wikipedia databases and adding with every public password list.
- Buy crackstation-wordlist password-cracking dictionary. Their lookup table implementation (PHP and C) is available at https://github.com/defuse/crackstation-hashdb
3.5 Hydra
- Attempting to visit http://www.thc.org/ may produce the ominous Google warning: "The site ahead contains harmful programs". Personally, I think, this site is safe to visit. But, go with your own instincts.
- "Hydra is a parallelized login cracker which supports numerous protocols to attack. It is very fast and flexible, and new modules are easy to add. This tool makes it possible for researchers and security consultants to show how easy it would be to gain unauthorized access to a system remotely."
- "When you need to brute force crack a remote authentication service, Hydra is often the tool of choice. It can perform rapid dictionary attacks against more than 50 protocols, including telnet, ftp, http, https, smb, several databases, and much more. Like THC Amap this release is from the fine folks at THC." – http://sectools.org/tool/hydra/
apt-get install hydra
https://www.thc.org/thc-hydra/ ; https://github.com/vanhauser-thc/thc-hydra; http://tools.kali.org/password-attacks/hydra- THC-Hydra http://sectools.org/tool/hydra/ "When you need to brute force crack a remote authentication service, Hydra is often the tool of choice. It can perform rapid dictionary attacks against more than 50 protocols, including telnet, ftp, http, https, smb, several databases, and much more." Multi platform.
- Hydra can generate passwords.
hydra -t 128 -l user_name -V -x '4:4:aA1"@#$!()=`~?><;:%^&*_-+/,.\ ' localhost ssh
Read the manual for details.
- Cracking
hydra -l pmateti -P passwordhashes.txt 192.168.17.223 ssh
3.6 Brutus
- Brutus https://github.com/mjosaarinen/brutus is an open source online password cracking tool. For both Linux and Windows. HTTP, POP3, FTP, SMB, Telnet, IMAP, NNTP, NetBus, etc.
3.7 Medusa
apt-get install medusa
- http://foofus.net/goons/jmk/medusa/medusa.html Medusa Parallel Network Login Auditor.
3.8 L0phtCrack/ Ophcrack
- Ubuntu:
apt-get install ophcrack
http://ophcrack.sourceforge.net/ - OphCrack is a free rainbow-table based password cracking tool for Windows, Linux and MacOS. It cracks LM and NTLM hashes. Free and premium rainbow tables. It is among the most popular Windows password cracking tools (Cain and Abel is probably the most popular; see below).
- L0phtCrack is an alternative to OphCrack. It attempts to crack Windows passwords. It also uses dictionary and brute force attacks for generating and guessing passwords.
- L0phtCrack was acquired by Symantec and they promptly discontinued it in 2006. Later, L0phtCrack developers re-acquired this tool and re-released it in 2009.
3.9 PACK
- http://thesprawl.org/projects/pack/ Password Analysis and Cracking Kit (PACK) of Defcon 2010.
3.10 Cain-and-Able For Windows
- http://www.oxid.it/ last release 2014; Cain and Abel is a password "recovery tool" for Windows. "It allows easy recovery of various kind of passwords by sniffing the network, cracking encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, recovering wireless network keys, revealing password boxes, uncovering cached passwords and analyzing routing protocols."
- "Cain and Abel can crack passwords using a dictionary attack, rainbow attack, and brute force. … It is also a great ARP Poisoning and MiTM tool."
- https://software-tips.wonderhowto.com/how-to/hack-md5-passwords-with-cain-and-abel-356762/
3.11 Aircrack-Ng
- http://www.aircrack-ng.org/ Aircrack-NG can crack WEP or WPA2 passwords. It uses the FMS attack along with other useful attack techniques for cracking password. For Linux and Windows. Capable of creating an Evil Twin, etc.
3.12 Miscellaneous
- http://wfuzz.org/ + https://github.com/xmendez/wfuzz Wfuzz is a Python based flexible web application brute forcer which supports various methods and techniques to expose web application …
- Crack programs now use GPUs (visit e.g., http://www.cryptohaze.com/) in parallelizing and can try billions of hashes per second.
- Application Specific Crack tools
- http://sectools.org/tag/pass-audit/ Password Audit tools. Ranked by votes.
4 Password Cracking using Cloud Services
4.1 CrackStation
https://crackstation.net/ CrackStation uses massive pre-computed lookup tables to store a mapping between the hash of a password, and the correct password for that hash.
"The hash values are indexed so that it is possible to quickly search the database for a given hash. If the hash is present in the database, the password can be recovered in a fraction of a second. This only works for "unsalted" hashes. For information on password hashing systems that are not vulnerable to pre-computed lookup tables, see our hashing security page."
Crackstation's lookup tables were created by extracting every word from the Wikipedia databases and adding with every password list we could find. We also applied intelligent word mangling (brute force hybrid) to our wordlists to make them much more effective. For MD5 and SHA1 hashes, we have a 190GB, 15-billion-entry lookup table, and for other hashes, we have a 19GB 1.5-billion-entry lookup table.
4.2 Kali Linux on Cloud
- https://www.kali.org/news/kali-linux-aws-cloud/ December 2, 2016 "We’re happy to announce that we’ve once again listed our Kali Linux images on the Amazon AWS marketplace. You can now spin up an updated Kali machine easily through your EC2 panel. Our current image is a “full” image, which contains all the standard tools available in a full Kali release. Once your instance is running, connect to it with your SSH private key using the “ec2-user” account. Don’t forget to update your Kali instance to get the latest packages and bug fixes. Type as root (or sudo): apt update && apt dist-upgrade. We are “selling” these images on the marketplace for free, so other than the regular Amazon charges, there are no extras to pay. The Kali team would like to take this opportunity to thank r0kh for his efforts of getting Kali back on track (no pun intended) and working flawlessly in AWS. If you plan to use these Kali images for penetration testing in an AWS environment, make sure you check out the Amazon penetration testing request form."
- https://www.kali.org/news/azure-marketplace-weekly-iso-builds/ September 13, 2016
- https://github.com/offensive-security/kali-cloud-build Kali bootstrapping script for Amazon Machine Images (AMI)
5 Lab Experiments on Passwords and Cracking
Objectives: To help you gauge the level of security offered by the typical password systems. The goal is to crack as many passwords as possible in the inputs described below. This can take hours on fast laptops/ desktops in 2017, if you do not take advantage of multiple cores or GPU. Our goal in cloud computing is to crack as fast as possible.
Record how many pass words can be cracked and how fast. Try John the Ripper and one other of your own choice.
The following summarizes ./password-labs.html
5.1 Example Inputs
- You may want to construct your own examples of the passwd and shadow files, where you know the passwords you used.
- Design a password that is not crackable by any of the tools.
5.1.1 Example #1 Three User Names and Passwords
- MD5 examples shown from machine M1 in the
/etc/shadow
file format. Just three entries.student:$1$l67ia9iK$x80ABcEExHYMVpMx.Bls5.:13749:0:99999:7::: jsmith:$1$Y4.kjoQ2$GIuEZcnQVPYi7RPWrQRTE.:14036:0:99999:7::: jtripper:$1$WH2SxqnX$rL0J6JYshB3wl6yBm90Bd1:13887:0:99999:7:::
5.1.2 Example #2 from a Real Linux Machine Setup
- ./Linux/etc/shadow file is taken from one of our lab accounts from a previous term. Uses salted MD5.
5.1.3 Example #3: SHA512 Password Hashes
- Since MD5 is considered "broken", Linux distributions have moved to
using salted SHA512 password hashes (crypt id 6, i.e.,
$6$
), which are several orders of magnitude more difficult to brute-force or generate rainbow tables for. Example lines from machine M2:root:$6$vPVevCXV$Pj2yIpQhprsMifm7i4X7F6IioqAQxJCyrhNjH4zK0fGYUc2gWjGJjobIwRp7wT5spTlLEywDW0ySmgB0XkVBs/:15401:0:99999:7::: ceg442091:$6$03bKILGu$pgsg2fOTpYyhcPGSaJZfbVEFPgyle5YtGR1wY2ChuxSv7C4lEfdES26qAXa9UHqt04ap5v0AXF0DuWMXdeaWY0:15295:0:99999:7::: ceg235013:$6$T6Yj4GYP$MjioJv3VqkU5WOx5gruV2fSHgitkSHMLvSx5M.KL5JCDsVIVKqf3uo0DGTV.CLar0dW4eV5VYTzbfSi9rA1g8/:15398:0:99999:7:::
- The lines below are the same as above but split into muliple lines
for readability:
root:$6$vPVevCXV$Pj2yIpQhprsMifm7i4X7F6IioqAQxJCyrhNjH4zK0fG YUc2gWjGJjobIwRp7wT5spTlLEywDW0ySmgB0XkVBs/:15401:0:99999:7::: ceg442091:$6$03bKILGu$pgsg2fOTpYyhcPGSaJZfbVEFPgyle5YtGR1wY2Ch uxSv7C4lEfdES26qAXa9UHqt04ap5v0AXF0DuWMXdeaWY0:15295:0:99999:7::: ceg235013:$6$T6Yj4GYP$MjioJv3VqkU5WOx5gruV2fSHgitkSHMLvSx5M.KL5JCDs VIVKqf3uo0DGTV.CLar0dW4eV5VYTzbfSi9rA1g8/:15398:0:99999:7:::
5.2 Password Cracking Word Lists
- The following are readily available "word lists" in the context of choosing good passwords. This is obviously not an exhaustive list. Note also that some files are populated at multiple sites. These are collections of broken password databases.
/usr/share/wordlists/*
of the Kali Linux distribution.- ./500-worst-passwords.txt Worst passwords that were actually in use.
- http://weakpass.com/lists More of the above kind. A large collection. Totaling in the GB range.
- https://github.com/danielmiessler/SecLists/ is the security tester's companion. It is a collection of multiple types of lists used during security assessments. List types include usernames, passwords, URLs, sensitive data grep strings, fuzzing payloads, and many more. It includes a collection of password lists. It includes the RockYou lists.
- http://contest-2010.korelogic.com/wordlists.html wordlists used in "Crack Me If You Can" contest of DEFCON 2010.
- https://wiki.skullsecurity.org/Passwords Passwords that were leaked or stolen from sites.
- http://www.justpain.com/ut_maps/wordlists/ Not just passwords. Words tokenized from books, etc.
- http://www.adeptus-mechanicus.com/codex/hashpass/hashpass.php Hashdumps and Passwords 2014
- http://www.openwall.com/wordlists/ "This wordlists collection is a result of processing many hundreds of public domain wordlist files." Full version is not free. The reduced freely downloadable version is available at https://download.openwall.net/pub/.
- Mark Burnett, Today I Am Releasing Ten Million Passwords, 2015. "This is completely absurd that I have to write an entire article justifying the release of this data out of fear of prosecution."
5.3 Cracking Tools
- Download (or find/ discover in Kali/ BT5) at least two password cracking programs. You can find several by searching the web.
- Depending on the tools downloaded, you will need to build differently. Do this as an ordinary user, not as root, unless impossible. You may also need to download "dictionaries" for use by the tools.
- John the Ripper (
john
) is a fast password cracker.
6 References
- http://fsecurify.com/using-ordered-markov-chains-and-user-information-to-speed-up-password-cracking/ Reference
- http://www.admin-magazine.com/Articles/John-the-Ripper Checking Password Complexity with John the Ripper, 2013? Recommended Reading
- https://labs.mwrinfosecurity.com/blog/a-practical-guide-to-cracking-password-hashes/ Recommended Reading
- http://rafaveguim.github.io/cracking/passwords/jtr/2016/05/05/jtr-research-lab/ Uses hashcat, hashcat utils and PACK. Reference