Advances in Open Source Password Cracking
1 like2,893 views
This document summarizes recent advances in open-source password cracking tools. It discusses John the Ripper, a password cracking tool that now supports cracking passwords and hashes for many formats through community patches. It also discusses Ettercap, a tool for man-in-the-middle attacks that can intercept passwords on networks. Specific techniques are described for cracking passwords for protocols like Kerberos and attacking Microsoft Active Directory infrastructure through password cracking and decrypting encrypted files like PDFs. Future work is planned to expand password cracking abilities and create fake servers to enable additional attacks.
Advances in Open Source Password Cracking
- 1. ADVANCES IN OPEN-SOURCE PASSWORD CRACKING [email protected]
- 2. Agenda John the Ripper Ettercap Attacks on M$ AD / Kerberos infrastructure Misc. Stuff Current and future work
- 3. John the Ripper John the Ripper is a free open-source password cracking software tool (http://www.openwall.com/) Traditionally supports cracking hashes (LM, FreeBSD, DES crypt etc.) $ cat lm-hash user:fda95fbeca288d44aad3b435b51404ee $ john -format:lm lm-hash Loaded 1 password hash (LM ...) HELLO (user)
- 4. Jumbo patch community-enhanced version of JtR, available in almost all Linux distributions Add tons of formats for cracking hashes as well as “non- hashes” Hashes: e.g. MD5, LM “non-hashes” : e.g. PDF or other types of files Can use GPU to accelerate cracking (Speedups > 150X possible)
- 5. Jumbo patch supports cracking 1Password, Clipperz, Apple DMG images, EncFS, EPiServer, GPG private keys, IKE PSK, Apple Keychain, GNOME Keyring, KDE KWallet, KeePass, LastPass, Mozilla Master Passwords, MongoDB, MS-CHAP, MySQL authentication protocol, M$ Office, OpenOffice, PDF, O5LOGON, Password Safe, ZIP, RAR, Apple 10.8 hashes, GRUB 2, PFX, SSH keys, PuTTY keys, PostgresSQL, M$ PST, RACF, etc Above list *only* includes formats I have worked on Lot of these formats are faster than commercial products. Many formats are not even supported by commercial products
- 6. Example: cracking password protected SSH keys Two-step process Use one of the many *2john utilities $ sshng2john.py key-catch22 > ssh-hash $ john ssh-hash Loaded 1 password hash (ssh-ng ...) catch22 (key-catch22)
- 7. Example: using GPU Build GPU-enabled JtR (e.g. make linux-x86-64-opencl) $ john -fo:keychain -t Benchmarking: Mac OS X Keychain ... Raw: 1331 c/s real, 1331 c/s virtual $ john -fo:keychain-opencl -t # ATI 7970 GPU OpenCL platform 1: AMD Accelerated Parallel Processing ... Benchmarking: Mac OS X Keychain ... Raw: 208537 c/s real, 92758 c/s virtual Greater than 150X speedup
- 8. JtR community http://www.openwall.com/lists/john-users/ Join “john-users” mailing list for general discussion and help Join “john-dev” if you are interested in JtR development #openwall channel on Freenode IRC network Writing a plug-in (called format) is easy enough (start contributing!) https://github.com/magnumripper/JohnTheRipper
- 9. Ettercap Ettercap is free, open source network security tool for doing MiTM attacks. Allows interception and modifications of packets on the fly. Can be extended by writing plug-ins
- 10. Example: Facebook password sniffing Facebook loads login form over HTTP which POSTs credentials to a HTTPS link. Modified HTTP dissector (ec_http.c) to replace “https” with “ http”. Login form is now posted over HTTP Ettercap filter functionality can be used to do the same.
- 11. Example: Facebook password sniffing Only 12 lines of code added to ec_http.c 6 lines to avoid gzip encoding and 6 lines to avoid SSL
- 12. Example: works for Flipkart and Rediffmail too Ettercap automatically prints credentials sent over HTTP Don’t expose / load resources over HTTP
- 13. Ettercap: My contributions MySQL v5 challenge-response PostgreSQL challenge-response VNC challenge-response O5LOGON protocol (used by Oracle DB) MongoDB challenge-response Kerberos MiTM etype downgrade attack MongoDB MiTM fixed salt attack
- 14. Ettercap community https://github.com/Ettercap/ #ettercap-project channel on Freenode IRC network Writing a plug-in (called dissector) is easy once the protocol is understood (use Wireshark)
- 15. Attacks on Kerberos and M$ AD infrastructure Popular network authentication protocol used to implement SSO Uses shared secret/symmetric keys (which don’t travel over the network) Uses timestamp pre-authentication in which timestamp is encrypted with a key (derived from the user password) We capture encrypted timestamp and mount offline brute- force attack
- 16. Kerberos: Key Derivation The “string-to-key” function used to convert a user password to a secret key in Kerberos is dependent upon the encryption type (called etype) being used. etype functions differ in cost etype negotiation process can be attacked to downgrade etype (and make offline attacks faster)
- 17. Kerberos: etype downgrade attacks Downgrade etype 18 (aes256-cts-hmac-sha1-96, very expensive) to etype 23 (rc4-hmac, very fast) etype 18 brute-force attack, 380 tries per second on CPU, 125K on ATI 7970 GPU etype 23 brute-force attack, 728K tries per second on CPU Speedup > 1900X
- 18. Kerberos: etype downgrade attacks These attacks have been talked about previously but tools were not published (maybe not even made). My Ettercap plug-in is the first public tool to make these attacks practical. Only 16 lines of code.
- 19. Misc : Guaranteed cracking of PDF files using RC4 40-bit encryption RC4 40-bit is still popular among banks and income tax department. https://github.com/kholia/RC4-40-brute-pdf https://github.com/kholia/qpdf Should take less than 2 days on AMD FX-8120 (8- core Bulldozer)
- 20. Misc : Guaranteed cracking of PDF files using RC4 40-bit encryption Three-step process $ npdf2john test.pdf test.pdf:$npdf$1*2*40*4*1*16*c56b… $ RC4-40-brute ‘test.pdf:$npdf$1*2*40*4…’ Key is : 9296c944ee $ qpdf --key=9296c944e --decrypt test.pdf output.pdf
- 21. Current and future work Dropbox account “hijacker” Metasploit post script for doing the same Offline attacks on LastPass password manager Fake VMware vCenter (and ESX) server for Metasploit project Fake LDAP server for Metasploit project
- 22. Questions