Download presentation
Presentation is loading. Please wait.
1
Password Attacks Mike
2
Guessing Default Passwords Many applications and operating systems include built-in default passwords. Lazy administrators Database of default passwords is publicly available at http://www.phenoelit.de/dpl/dpl.html http://www.phenoelit.de/dpl/dpl.html
3
Let ’ s Crack Those Passwords Stealing the encrypted passwords and trying to recover the clear-text password. Create a password guess Encrypt the guess Compare encrypted guess with encrypted value from the stolen password file If match,you’ve got the password! Else,loop back. Dictionary Brute-force cracking Hybrid password cracking Loop
4
Cracking Windows NT/2000 Passwords Using LC5 One of the most hyped security/attack tools. Focuses only on cracking Windows passwords. Available at: http://www.atstake.com/products/lc/downloa d_thanks.html
5
Get Encrypted Passwords Local machine Remote machine
6
Choose Auditing Method Simple checks Normal checks Strong checks
7
Pick Reporting Style The types of report.
8
Auditing Options Import Character type
9
Import
10
Audit Start Got the passwords
11
Report
12
Remote machine Remote machine Check type
13
Remote machine The types of report
14
Remote machine Administrator Passwords
15
Remote machine Start Got it!
16
John the Ripper Focues on cracking UNIX passwords. Available at: –http://www.openwall.com/john/b/john- 1.6.tar.gz Current version 1.6
17
John the Ripper Download John the Ripper Download complete Unzip
18
John the Ripper compiler Start
19
John the Ripper Cracking the password Got the password Try the password
20
Defenses against Password- Cracking Attacks Strong Password Policy User Awareness Password-Filtering Software –UNIX Npasswd Passwd+ –Windows Strongpass…
21
Defenses against Password- Cracking Attacks(cont.) Conduct Your Own Regular Password-Cracking Tests. Protect Your Encrypted/Hashed Password Files.
22
Web Application Attacks
23
Account Harvesting Targeting the authentication process when an application requests a userID and password. Invalid userID Correct userID Incorrect password
24
Account Harvesting Defenses When userID or password was incorrect,all accompanying information sent back to the browser must be completely consistent. Includes: –HTML –URL –Cookies –Hidden form elements
25
Correct userID Incorrect password(123456789)
26
Invalid userID
27
Undermining Web Application Session Tracking Web applications generate a session ID to track user actions. Session ID –Application-level data –Generated by the application
28
Attacking Session Tracking Mechanisms Establish a session,get assigned a session ID,and alter the session ID. The attacker usurps the legitimate user’s session ID to do anything.
29
Achilles Achilles available at http://www.mavensecurity.com/achilles Current version 0.27 Web browser Achilles(proxy) Internet
30
Achilles Start Intercept Modes Intercept information
31
Defending against Web Application Session-Tracking Attacks Ensure the integrity of all session- tracking elements –Digitally sign or session-tracking information using a cryptographic algorithm. –Encrypt the information in the URL, –Hidden form element,or cookie. –Long session IDs. –Dynamic session IDs. –Apply a timestamp.
32
Conclusions Attacker can use to gain access to a target machine by attacking applications.
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.