Password CrackingSECURITY INNOVATION ©2003 1 Sidebar – Password Cracking We have discussed...

Password CrackingSECURITY INNOVATION ©2003

1

Sidebar – Password Cracking

• We have discussed authentication mechanisms including <username, password > authenticators. We also indicated that anything short of one-time passwords was not strong password authentication.

• So… how are passwords broken – GUESSING AND CRACKING.

• Guessing – Find or guess a user’s identifier– Create a list of possible password– Try each one– On success you are in, else keep trying

• Hampered by unsuccessful login timeout – If (n) attempts are unsuccessful, lock the system for (m) minutes – n & m variable.


2

Windows NT PasswordsWindows NT Passwords

• Length– Anywhere from 0 to 14 characters

• Characters– All letters (upper and lowercase), numbers,

and symbols are acceptable

• Stored in SAM database


3

Windows NT SecurityWindows NT Security

• Local Security Authority (LSA)– Determines whether a logon attempt is valid

• Security Accounts Manager (SAM)– Receives user logon information and checks

it with its database to verify a correct username/password

• SAM Database– Stores the LM and NT password hashes


4

CrackingCracking

• Obtain copy of SAM and run L0phtCrack • BUT – can’t get “real” SAM if system

uses Active Directory• UNLESS, use PWDUMP3 first…


5

Password Cracking – Off Password Cracking – Off LineLine

• Most cracking is done off-line to avoid the timeout problem.

• Major steps:– Find user ids– Get encrypted or hashed passwords or password files– Create a list of trial passwords– Encrypt or hash the trial passwords

• See if there is a match


6

Password Cracking – Off Password Cracking – Off LineLine

• Attacks:– Dictionary attacks (build a dictionary of

passwords). – Brute force (try all possible passwords).– Hybrid attacks (modified dictionary attack

using altered dictionary words (party becomes p$art%y).

• This really is still guessing – these systems don’t break encryption!


7

Password Cracking - Password Cracking - Starters Starters

• What can we find out up front – What can we find out up front – commercial systems?commercial systems?– Format for user id. Format for user id. – Some user ids (e.g., guest, system, Some user ids (e.g., guest, system,

administrator)administrator)– Password minimum/maximum length, legal Password minimum/maximum length, legal

characters.characters.– Rules of construction.Rules of construction.– The encryption or hash algorithm.The encryption or hash algorithm.– Where the password file is stored by default.Where the password file is stored by default.


8

Password Cracking – Generic Password Cracking – Generic Methods Methods

• Assume we have an encrypted or hashed passwords – the following methods are used to recover the plaintext password.

• Create a dictionary of words – encrypt or hash each word and test to

• see if the result matches the original encrypted/hashed password.

• Many Internet sites have downloadable dictionaries.


9

Password Cracking – Generic Password Cracking – Generic MethodsMethods

• Pros/Cons– Brute force means trying every possible

combination (e.g., a, aa, aaa to zzzzzzzzzzzzzz, azbycx, etc.). This method will always recover the password sooner or later – later may be a long time, but gets shorter with each new technology advance

– Hybrid methods use a dictionary, but insert special characters (e.g., %, $ # or r0ya1- Zero for o and one for l) and/or permute words.


10

Password Cracking – How Do Password Cracking – How Do We get the Passwords?We get the Passwords?

• If administrator – Dump the hashes to a file• If not administrator – Sniff the passwords off

the network– Get administrator privilege– Boot another OS and read the file– Copy from backup– Copy from emergency repair disk

• Reminder to physically protect the system and all media.

• Also to install patches that allow intrusions that result in root or

• administrator access.


11

NTFSDos and SAMDumpNTFSDos and SAMDump

• NTFSDos– Utility that allows DOS

to view NTFS partitions

– Can be placed on a boot disk and used to access files that can’t be accessed in Windows

• SAMDump– Utility that “dumps”

the password hashes in the SAM database

– Can be used to view the password hashes or to export them into a text file

– If Syskey is used, displayed hashes will be incorrect


12

PWDump3PWDump3

• A utility similar to SAMDump• Grabs password hashes from memory

instead of the SAM database– Because of this, it will work with Syskey

enabled

• Can only be used by the Administrator on each system


13

Password Cracking Tools – Password Cracking Tools – L0phtCrack L0phtCrack

• The windows tool of choice – Win 9x, NT, 2000, XP.

• Cracks two types or passwords – LANMAN/NT.• LAN MANager – Older network password

system used to log onto a Microsoft network domain – used for mixed 9x & NT/2000/XP nets.

• NT – Newer network password system used in NT/2000/XP-only nets.

• Fully featured tool:– Sniffs passwords– Dumps passwords from the registry– Cracks passwords– Easy to use Graphical user Interface (GUI)


14

Windows NT PasswordsWindows NT Passwords

• LM Password– Used for backward

compatibility– Stores passwords in CAPS– Much easier to crack than

NT Hashes– Password is not hashed or

encrypted– Broken up into 2 groups of 7

characters– Usually gives away the NT

password if cracked

• NT Password– Used for compatibility

with Windows NT/2000 systems

– Stores password exactly how they were entered by the user

– Uses a series of 2 one way hashes to hash the password

– Does not salt passwords like Unix


15

LM Passwords VS. NT LM Passwords VS. NT PasswordsPasswords

• An 8 character LM password is 890 times easier to crack than an 8 character NT password

• A 14 character LM password is 450 trillion times easier to crack than a 14 character NT Password– 450 trillion = 450,000,000,000,000


16

LANMAN Passwords LANMAN Passwords

• Maximum Length – 14 Characters (128 bits).• Case – Converted to all upper case before

processing.• Processing – Split 14 characters into 2 7-Byte

halves.• Use each half as a DES key.• Multiple encrypt each half and store in the

Security Account Manager (SAM) database. • Trouble is: Encryption algorithm is known.

– Only uses a 7-Byte key (56 bits).– Easy to find the key.– Why??


17

LANMAN Passwords – Easy LANMAN Passwords – Easy Cracking Cracking

• Character Set = Uppercase alpha, numeric, specials, and punctuation.

• About 80 symbols.• N = SL = 807 ~ 2.1 x 1013• Time = (2.1 x 1013)/(108 sec)(1/60x60x24) =

2.4 days (really easier).• Password = Choose “Karen12$”.

– Becomes KAREN12$ (convert to upper case).– Becomes KAREN12 & $_______ (split & pad).– KAREN12 breaks with dictionary.– $_______ breaks with brute force.– More like minutes to break!


18

NT PasswordsNT Passwords

• 1. Hashed using RSA MD4 function– Not reversable! But can be replicated…

• 2. Hashed again using MS function into SAM– Reversable and fairly simple

• 3. Encrypted using Syskey function– Strong encryption of SAM on disk


19

NT Passwords – Not So Easy NT Passwords – Not So Easy Cracking Cracking

• Character Set = Upper & lower case alpha, numeric, specials and punctuation – about 106 characters– N = SL = 807 ~ 2.26 x 1028– Time = (2.26 x 1028)/(108 sec)(1/60x60x24) ~ 2.62 x

1015 days (harder)

• Now issue becomes the quality of construction – remember we are assuming that all passwords are equally likely – this is theory!

• The real result is the historical work function for a large set of user generated passwords. If poorly constructed, the dictionary will get them.

• Makes a very, very good audit tool for security folks!


20

Unix Passwords – John The Unix Passwords – John The RipperRipper

• Very capable password cracker for Unix systems including S/Key files and Kerberos Ticket Granting Tickets for the Andrew File System.

• Runs cross platform (Unix, DOE, 9x, NT).• Takes a Unix password file as input - etc/passwd

or etc/shadow.– etc/passwd is a user-level public file– etc/shadow requires root-level access

• Modes:– Dictionary (called wordlist) – specify a text file to use

as a dictionary.– Brute force (called incremental mode) – tries all

possible combinations.


21

Unix Passwords – John The Unix Passwords – John The RipperRipper

• Modes:• Single Crack mode – simplest mode.• External mode – provides the means to add

external functions that can be used to generate passwords to try.

• Since Unix uses different hash/encryption algorithms, the program

• Detects the encryption type:– DES and double length DES– BSDI’s DES,– OpenBSD’s Blowfish,– FreeBSD’s MD5 hashes

• Others are out there: Crack, Cracker Jack

Password CrackingSECURITY INNOVATION ©2003 1 Sidebar – Password Cracking We have discussed...

Documents

Transcript of Password CrackingSECURITY INNOVATION ©2003 1 Sidebar – Password Cracking We have discussed...