Password Cracking Lesson 10. Why crack passwords?

Slides:

Advertisements

Similar presentations

Lecture 6 User Authentication (cont)

Advertisements

Passwords, Authentication, and Access controls Lesson 11.

CMSC 414 Computer and Network Security Lecture 12 Jonathan Katz.

CS426Fall 2010/Lecture 81 Computer Security CS 426 Lecture 8 User Authentication.

Password CrackingSECURITY INNOVATION © Sidebar – Password Cracking We have discussed authentication mechanisms including authenticators. We also.

Section 3.2: Operating Systems Security

CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (7) AUTHENTICATION.

1 Chapter 11: Authentication Basics Passwords. 2 Establishing Identity Authentication: binding of identity to subject One or more of the following –What.

Sanjay Goel, School of Business/NYS Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.

Tom Parker Project Manager Identity Management Team IT Security Group.

Apr 30, 2002Mårten Trolin1 Previous lecture – passwords Passwords for authentication –Storing hashed passwords –Use of salt Passwords for key generation.

Password Attacks Mike. Guessing Default Passwords Many applications and operating systems include built-in default passwords. Lazy administrators Database.

CSCI 530 Lab Authentication. Authentication is verifying the identity of a particular person Example: Logging into a system Example: PGP – Digital Signature.

Linux Security.

Nothing is Safe 1. Overview  Why Passwords?  Current Events  Password Security & Cracking  Tools  Demonstrations Linux GPU Windows  Conclusions.

MS systems use one of the following: LanManager Hash (LM) LanManager Hash (LM) NT LanManager (NTLM) NT LanManager (NTLM) Cached passwords Cached passwords.

Windows This presentation is an amalgam of presentations by Mark Michael, Randy Marchany and Ed Skoudis. I have edited and added material. Dr. Stephen.

Password Policy: The Good, The Bad, and The Ugly Dr. Wayne Summers and Dr. Edward Bosworth TSYS Department of Computer Science Columbus State University.

IS 302: Information Security and Trust Week 7: User Authentication (part I) 2012.

Time-Memory tradeoffs in password cracking 1. Basic Attacks Dictionary attack: –What if password is chosen well? Brute Force (online version): –Try all.

Slides by Kent Seamons and Tim van der Horst Last Updated: Nov 30, 2011.

CIS 450 – Network Security Chapter 8 – Password Security.

File Protection Mechanisms  All-None Protection Lack of trustLack of trust All or nothingAll or nothing Timesharing issuesTimesharing issues ComplexityComplexity.

10/8/20151 Computer Security Authentication. 10/8/20152 Entity Authentication Entity Authentication is the process of verifying a claimed identity It.

Passwords. Outline Objective Authentication How/Where Passwords are Used Why Password Development is Important Guidelines for Developing Passwords Summary.

Identification and Authentication Lesson 11. Authentication & Access Controls.

1 Chapter 11: Authentication Basics Passwords. 2 Establishing Identity Authentication: binding of identity to subject One or more of the following –What.

Chapter 4 – Protection in General-Purpose Operating Systems Section 4.5 User Authentication.

Password authentication Basic idea –User has a secret password –System checks password to authenticate user Issues –How is password stored? –How does system.

 Access Control 1 Access Control  Access Control 2 Access Control Two parts to access control Authentication: Are you who you say you are? – Determine.

6fb52297e004844aa81be d50cc3545bc Hashing!. Hashing  Group Activity 1:  Take the message you were given, and create your own version of hashing.  You.

Identification and Authentication CS432 - Security in Computing Copyright © 2005,2010 by Scott Orr and the Trustees of Indiana University.

Mitch Parks, GSEC/GCWN ITS Desktop Security Analyst

How Safe are They?. Overview Passwords Cracking Attack Avenues On-line Off-line Counter Measures.

Slides by Kent Seamons and Tim van der Horst Last Updated: Nov 30, 2011.

Operating Systems Security 1. The Boot Sequence The action of loading an operating system into memory from a powered-off state is known as booting or.

INTERNET SAFETY FOR KIDS

Password Cracking By Allison Ramondetta & Christine Giordano.

COEN 350: Network Security Authentication. Between human and machine Between machine and machine.

1 Chapter 9 Intruders. 2 Outline Intruders –Intrusion Techniques –Password Protection –Password Selection Strategies –Intrusion Detection Statistical.

CNIT 124: Advanced Ethical Hacking Ch 9: Password Attacks.

Identification Authentication. 2 Authentication Allows an entity (a user or a system) to prove its identity to another entity Typically, the entity whose.

Password cracking Patrick Sparrow, Matt Prestifillipo, Bill Kazmierski.

CSCI 530 Lab Authentication. Authentication is verifying the identity of a particular person Example: Logging into a system Example: PGP – Digital Signature.

Password. On a Unix system without Shadow Suite, user information including passwords is stored in the /etc/passwd file. Each line in /etc/passwd is a.

System Hacking (Gaining Access) Additions to CEH ed 8, Rev 4 CS3695 – Network Vulnerability Assessment & Risk Mitigation–

Password Security Module 8. Objectives Explain Authentication and Authorization Provide familiarity with how passwords are used Identify the importance.

CSCE 201 Identification and Authentication Fall 2015.

Chapter 12: Authentication Basics Passwords Challenge-Response Biometrics Location Multiple Methods Computer Security: Art and Science © Matt.

CSCI 530 Lab Passwords. Overview Authentication Passwords Hashing Breaking Passwords Dictionary Hybrid Brute-Force Rainbow Tables Detection.

Managing Users CSCI N321 – System and Network Administration Copyright © 2000, 2011 by Scott Orr and the Trustees of Indiana University.

CIS 450 – Network Security Chapter 10 – UNIX Password Crackers.

 Encryption provides confidentiality  Information is unreadable to anyone without knowledge of the key  Hashing provides integrity  Verify the integrity.

Chapter Six: Authentication 2013 Term 2 Access Control Two parts to access control Authentication: Are you who you say you are?  Determine whether access.

Understanding Security Policies Lesson 3. Objectives.

1 Web Technologies Website Publishing/Going Live! Copyright © Texas Education Agency, All rights reserved.

7/10/20161 Computer Security Protection in general purpose Operating Systems.

Understanding Security Policies

Chapter 6 – Users, Groups, and Permissions

Module X (Unix/Linux Password Security)

Identification and Authentication

Penetration Testing Offline Password Cracking

I have edited and added material.

Password Cracking Lesson 10.

IIT Indore © Neminah Hubballi

CS 465 PasswordS Last Updated: Nov 7, 2017.

Lesson 16-Windows NT Security Issues

Exercise: Hashing, Password security, And File Integrity

Computer Security Authentication

Computer Security Protection in general purpose Operating Systems

Presentation transcript:

Password Cracking Lesson 10

Why crack passwords?

Where are the passwords stored? In the security database in NT. Sometimes referred to as the SAM (security account manager). In \Windows-directory\system32\config\SAM File is usually world readable, however it is not accessible when the system is running because it is locked by the system kernel. Copy of it may usually be found in Windows- directory\repair\SAM._ (rdisk run with /s argument) then expand it –expand sam._ sam For UNIX/Linux, passwords stored in /etc/passwd or /etc/shadow. Passwords should always be stored in encrypted format, why? What are the steps then in validating a correct password?

NT Password cracking SAM file has two separately hashed versions of the password -- the LanMan version and the NT version. LanMan is the weak method and can easily be cracked. It separates the password into two 7 character parts. Thus you really only have to crack two separate 7 character passwords instead of a 14 character password. It also converts lower case characters to upper case. Because of poor hashing technique, for NT, a 10 character password is actually potentially less secure than a 7 character the second half (last 3 characters) will quickly be cracked and then may provide clue for first part, ex: *******890

So what’s the problem with splitting it in two? Let’s assume lower case characters and numbers only (thus 36 possibilities). If the password can be only 7 characters then (36 Characters) 7 characters in length = 7.8X10 10 choices If we instead had 14 character passwords (36 Characters) 14 characters in length = 6.1X10 21 choices Or, if split in two 2* (7.8X10 10 )=1.56X10 11 choices

(cont) If I can try 1,000,000,000 passwords per day: With two 7 character passwords it would take 156 days to crack any password With one 14 character password it would take 6.1X10 12 days or 1.67X10 10 years to crack any password.

Salts Another issue with NT passwords is the fact that “salts” are not used. A salt is a random string that is combined with a password before it is encrypted. Used because two people who have the same password would normally have them encrypted to the same value. When the user enters a new password, the system first combines the password with the salt and then computes the hashed value. The system stores both the hash and the salt with the ID When a user attempts to authenticate, the system looks up the salt, combines it with the password entered, hashes it, then compares it with the stored value. Without a salt, the hacker only has to compute the hash once for any given password and then compare it with the stored values.

Programs to crack NT passwords L0phtcrack NTSweep NTCrack

UNIX password cracking Generally harder than NT to crack. 3-step process used by cracking programs create file of possible passwords (dictionary file) Encrypt file of possible passwords Compare results with encrypted form of passwords Obvious why it is harder to guess if you don’t use simple words. Dictionary created must include combinations of words with various connectors There are different dictionaries for different environments/countries.

UNIX Password Encryption UNIX uses an encryption algorithm called crypt to encrypt passwords. Crypt is a hash algorithm that performs a one-way transformation. There is thus no way to decrypt a password that has been encrypted with crypt Each encrypted password is 11 characters and is combined with a 2-character salt.

UNIX Password Crackers CRACK John the Ripper XIT Slurpie

Comparison of NT crackers

Comparison of UNIX crackers

Passwords Cracked

Success based on… Password cracker’s ability Dictionary chosen Rules selected

Where can I go to get a cracker?

Protecting against Cracking Have a good password policy Change them on regular basis (how regular?) Lock account after 3 failed attempts Password should contain 1 alpha, 1 number, and one special character. Don’t allow users to reuse previous (5?) passwords. Password should not be word found in a dictionary. - Consider using pass-phrase. Consider use of one-time passwords (most common form is smart-card).

Password Cracking Lab Two password files, one for NT, one for Unix. Linux shadow file NT Sam file Needed to locate, choose, and download password crackers Needed to install programs and let them run You will probably did not get all of the passwords cracked.