SlideShare ist ein Scribd-Unternehmen logo

So whats in a password

•Als PPTX, PDF herunterladen•
•
Rob Gillen
Rob Gillen

Talk from CodeMash on Passwords, cracking them, and intelligent approaches to getting past them. Presented at CodeMash, January 8, 2014

Technologie
1 von 38
So, What’s in a Password? Rob Gillen @argodev This work is licensed under a Creative Commons Attribution 3.0 License.
Don’t Be Stupid The following presentation describes real attacks on real systems. Please note that most of the attacks described would be considered ILLEGAL if attempted on machines that you do not have explicit permission to test and attack. I assume no responsibility for any actions you perform based on the content of this presentation or subsequent conversations. Please remember this basic guideline: With knowledge comes responsibility.
Disclaimer The content of this presentation represents my personal views and thoughts at the present time. This content is not endorsed by, or representative in any way of my employer nor is it intended to be a view into my work or a reflection on the type of work that I or my group performs. It is simply a hobby and personal interest and should be considered as such.
Password Attacks A Year in Review
Pixel Federation In December 2013, a breach of the webbased game community based in Slovakia exposed over 38,000 accounts which were promptly posted online. The breach included email addresses and unsalted MD5 hashed passwords, many of which were easily converted back to plain text. http://haveibeenpwned.com/
Vodafone In November 2013, Vodafone in Iceland suffered an attack attributed to the Turkish hacker collective "Maxn3y". The data was consequently publicly exposed and included user names, email addresses, social security numbers, SMS message, server logs and passwords from a variety of different internal sources. http://haveibeenpwned.com/
Adobe The big one. In October 2013, 153 million accounts were breached with each containing an internal ID, username, email, encrypted password and a password hint in plain text. The password cryptography was poorly done and many were quickly resolved back to plain text. The unencrypted hints also disclosed much about the passwords adding further to the risk that hundreds of millions of Adobe customers already faced. http://haveibeenpwned.com/
Twitter February 2013 - This week, we detected unusual access patterns that led to us identifying unauthorized access attempts to Twitter user data. We discovered one live attack and were able to shut it down in process moments later. However, our investigation has thus far indicated that the attackers may have had access to limited user information – usernames, email addresses, session tokens and encrypted/salted versions of passwords – for approximately 250,000 users. https://blog.twitter.com/2013/keeping-our-users-secure
More… • cvideo.co.il – 10/15/2013 – 3,339 • http://hackread.com/iranian-hackers-hack-israeli-job-site/ • penangmarathon.gov.my – 10/8/2013 – 1,387 • http://www.cyberwarnews.info/2013/10/07/45000-penang-marathonparticipants-personal-details-leaked/ • tomsawyer.com – 10/6/2013 – 57,462 • http://www.cyberwarnews.info/2013/10/07/software-company-tomsawyer-hacked-61000-vendors-accounts-leaked/ • ahashare.com – 10/3/2013 – 169,874 • http://www.cyberwarnews.info/2013/10/04/ahashare-com-hackedcomplete-database-with-190-000-user-credentials-leaked/ • Unknown Israeli website – 7/30/2013 – 26,064 • http://hackread.com/opizzah-opisrael-phr0zenmyst-claims-to-leaklogin-details-of-33895-israelis/ • UK emails – 7/17/2013 – 8,002 • http://www.techworm.in/2013/07/more-than-15000-emails-usernameand.html https://shouldichangemypassword.com/all-sources.php
More… • UK emails (part 2) – 7/17/2013 – 7,514 • http://www.techworm.in/2013/07/more-than-15000-emails-usernameand.html • http://www.pakistanintelligence.com – 5/27/2013 – 75,942 • http://www.ehackingnews.com/2013/05/pakistan-intelligence-jobboard-website.html • McDonalds Taiwan – 3/27/2013 – 185,620 • http://www.cyberwarnews.info/2013/03/28/official-mcdonaldsaustria-taiwan-korea-hacked-over-200k-credentials-leaked/ • karjera.ktu.lt – 3/14/2013 – 14,133 • http://www.cyberwarnews.info/2013/03/14/14000-student-credentialsleaked-from-ktu-career-center-lithuania/ • avadas.de – 3/9/2013 – 3,344 • http://hackread.com/avast-germany-website-hacked-defaced-20000user-accounts-leaked-by-maxney/ • angloplatinum.co.za – 3/5/2013 – 7,967 • http://thehackernews.com/2013/03/worlds-largest-platinum-producerhacked.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Fee d%3A+TheHackersNews+(The+Hackers+News+-+Security+Blog)#_ https://shouldichangemypassword.com/all-sources.php
More… • angloplatinum.com – 3/5/2013 – 723 • http://thehackernews.com/2013/03/worlds-largest-platinum-producerhacked.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Fee d%3A+TheHackersNews+(The+Hackers+News+-+Security+Blog)#_ • Walla.co.il – 2/19/2013 – 531,526 • http://www.haaretz.com/news/national/anonymous-activists-hackinto-600-000-israeli-email-accounts.premium-1.504093 • Bank Executives – 2/4/2013 – 4,596 • http://www.zdnet.com/anonymous-posts-over-4000-u-s-bank-executivecredentials-7000010740/ • bee-network.co.za – 1/29/2013 – 81 • http://www.ehackingnews.com/2013/01/projectsunrise-teamghostshell-leaked.html • omni-id.com – 1/29/2013 – 1,151 • http://www.ehackingnews.com/2013/01/projectsunrise-teamghostshell-leaked.html • moolmans.com – 1/29/2013 – 117 • http://www.ehackingnews.com/2013/01/projectsunrise-teamghostshell-leaked.html https://shouldichangemypassword.com/all-sources.php
More… • servicedesk.ufs.ac.za – 1/29/2013 – 3,952 • http://www.ehackingnews.com/2013/01/projectsunrise-teamghostshell-leaked.html • servicedesk.ufs.ac.za (part 2) – 1/29/2013 – 355 • http://www.ehackingnews.com/2013/01/projectsunrise-teamghostshell-leaked.html • westcol.co.za – 1/29/2013 – 99 • http://www.ehackingnews.com/2013/01/projectsunrise-teamghostshell-leaked.html • digital.postnet.co.za – 1/29/2013 – 45,245 • http://www.ehackingnews.com/2013/01/projectsunrise-teamghostshell-leaked.html • French Chamber of Commerce – 1/29/2013 – 515 • http://news.softpedia.com/news/French-Chamber-of-Commerceand-Industry-Portal-Hacked-by-Tunisian-Cyber-Army324716.shtml https://shouldichangemypassword.com/all-sources.php
Types of Attacks • Algorithm Weaknesses • Implementation Weaknesses • Dictionary Attacks • Brute-Force Attacks • Mask Attacks
Algorithmic Weaknesses • Collision, Second Pre-Image, Pre-Image • Confirmed: • GOST, HAVAL, MD2, MD4, MD5, PANAMA, RadioGatun, RIPEMD, RIPEMD-160, SHA-0, SHA-1, Tiger(2) – 192/160/128, WHIRLPOOL • Theoretical: • SHA-256/224 • SHA-512/384 http://en.wikipedia.org/wiki/Cryptographic_hash_function
Account Hashes • Windows Hash • EAD0CC57DDAAE50D876B7DD6386FA9C7 • Linux Hash • $6$OeKR9qBnzym.Q.VO$hM3uL03hmR4ZqAME/8Ol. xWGYAmVdpi3S4hWGLeugaKNj/HLzQPTz7FhjATYO/ KXCNHZ8P7zJDi2HHb1K.xfE.
File Encryption • MS Office • PDFs • Zip/7z/rar • TrueCrypt
http://www.truecrypt.org/docs/volume-format-specification
How do they work? • Known file-format/implementation weakness • Header data to indicate encryption • Type, keylength, etc. • Often some small portion to decrypt/validate • How is it that changing encryption keys is fast? • Your key encrypts “real” key
Is it really cracking?
Password Guessing char string1[maxPassLength + 1]; char alphanum[63] = "ABCDEFGHIJKLMNOPQRSTUVWXYZ" "abcdefghijklmnopqrstuvwxyz" "0123456789"; for 0  maxLength for each char in alphanum…
Slightly Better… int min = 8; int max = 12; char[] valid = "ABCDEFGHIJKLMNOPQRSTUVWXYZ" "abcdefghijklmnopqrstuvwxyz" "0123456789"; # # # # known rules first & last must be char no consecutive-ordered chars/nums no repeated chars/nums
DEMO: Cracking a Windows Hash With oclHashCat
Image courtesy of xkcd.com (http://imgs.xkcd.com/comics/password_strength.png)
(more) Intelligent Password Guessing • What do people usually use? • What can we do to reduce the set of possibilities? • Cull terms/domain knowledge from relevant data • Dating sites, religious sites, others Best: Already used/real-world passwords
Determine your goals • Cracking a single, specific pwd? • Cracking a large % of an “acquired set”?
• Mark Burnett, author of Perfect Passwords • List of 6,000,000, culled down to 10,000 most frequently used • Top 10,000 passwords are used by 98.8% of all users • 2,342,603 (that’s 99.6%) unique passwords remaining that are in use by only .18% of users! https://xato.net/passwords/more-top-worst-passwords/
• Lots of lists…
https://www.grc.com/haystack.htm
PACK • Password Analysis and Cracking Toolkit • Peter Kacherginsky, PasswordCon, 7/30-7/31 • Intelligent cycle of cracking, analysis, rule generation http://thesprawl.org/projects/pack/
Statistical Analysis • Password Length Analysis • Character Set Analysis • Word Mangling Analysis
Example: Length https://thesprawl.org/media/research/passwords13-smarter-password-cracking-with-pack.pdf
DEMO: Statistics on Real PWs
Advanced Analytics • Levenshtein Edit Distance http://en.wikipedia.org/wiki/Levenshtein_distance
Levenshtein Edit Distance • Minimum number of changes required to change one string into another • Measure distance b/t actual words and cracked list to optimize the word mangling rules • i.e. XX% of words can be achieved with Levenshtein edit distance of <=2 • Only gen rules that match http://www.let.rug.nl/~kleiweg/lev/ http://www.kurzhals.info/static/samples/levenshtein_distance/
What if I don’t have your Password? • Pass the Hash • Demo • But We use Smart Cards!?
Avoidance Techniques • Don’t use “monkey” • Don’t reuse “monkey” • If you must use monkey, require something else as well • Salt is good • Your own salt is better • Utilize memory-hard algorithms • Utilize multiple iterations (a lot) • Your username is half of the equation
References • http://haveibeenpwned.com/ • https://lastpass.com/adobe/ • https://lastpass.com/linkedin/ • https://lastpass.com/lastfm/ • https://shouldichangemypassword.com/al l-sources.php
Questions/Contact Rob Gillen rob@gillenfamily.net http://rob.gillenfamily.net @argodev

Empfohlen

After the Data Breach: Stolen Credentials
After the Data Breach: Stolen CredentialsAfter the Data Breach: Stolen Credentials
After the Data Breach: Stolen CredentialsSBWebinars
 
Enterprise Password Worst Practices
Enterprise Password Worst PracticesEnterprise Password Worst Practices
Enterprise Password Worst PracticesImperva
 
Password cracking and brute force tools
Password cracking and brute force toolsPassword cracking and brute force tools
Password cracking and brute force toolszeus7856
 
Cyber attacks
Cyber attacksCyber attacks
Cyber attacksr_rahulsingh1988
 
5 SEO trends that won’t quit in 2017!
5 SEO trends that won’t quit in 2017!5 SEO trends that won’t quit in 2017!
5 SEO trends that won’t quit in 2017!Tyler Rundle
 
Google Hacking for Cryptographic Secrets
Google Hacking for Cryptographic SecretsGoogle Hacking for Cryptographic Secrets
Google Hacking for Cryptographic SecretsDr. Emin Ä°slam TatlÄą
 
The Ins, Outs, and Nuances of Internet Privacy
The Ins, Outs, and Nuances of Internet PrivacyThe Ins, Outs, and Nuances of Internet Privacy
The Ins, Outs, and Nuances of Internet PrivacyeBoost Consulting
 
CSRF_RSA_2008_Jeremiah_Grossman
CSRF_RSA_2008_Jeremiah_GrossmanCSRF_RSA_2008_Jeremiah_Grossman
CSRF_RSA_2008_Jeremiah_Grossmanguestdb261a
 

Empfohlen

After the Data Breach: Stolen Credentials
After the Data Breach: Stolen CredentialsAfter the Data Breach: Stolen Credentials
After the Data Breach: Stolen CredentialsSBWebinars
 
Enterprise Password Worst Practices
Enterprise Password Worst PracticesEnterprise Password Worst Practices
Enterprise Password Worst PracticesImperva
 
Password cracking and brute force tools
Password cracking and brute force toolsPassword cracking and brute force tools
Password cracking and brute force toolszeus7856
 
Cyber attacks
Cyber attacksCyber attacks
Cyber attacksr_rahulsingh1988
 
5 SEO trends that won’t quit in 2017!
5 SEO trends that won’t quit in 2017!5 SEO trends that won’t quit in 2017!
5 SEO trends that won’t quit in 2017!Tyler Rundle
 
Google Hacking for Cryptographic Secrets
Google Hacking for Cryptographic SecretsGoogle Hacking for Cryptographic Secrets
Google Hacking for Cryptographic SecretsDr. Emin Ä°slam TatlÄą
 
The Ins, Outs, and Nuances of Internet Privacy
The Ins, Outs, and Nuances of Internet PrivacyThe Ins, Outs, and Nuances of Internet Privacy
The Ins, Outs, and Nuances of Internet PrivacyeBoost Consulting
 
CSRF_RSA_2008_Jeremiah_Grossman
CSRF_RSA_2008_Jeremiah_GrossmanCSRF_RSA_2008_Jeremiah_Grossman
CSRF_RSA_2008_Jeremiah_Grossmanguestdb261a
 
Portland Winter2010
Portland Winter2010Portland Winter2010
Portland Winter2010rcostic
 
Girl junior lounge lic line
Girl junior lounge lic lineGirl junior lounge lic line
Girl junior lounge lic lineceeram9
 
Panty programs license
Panty programs licensePanty programs license
Panty programs licenseceeram9
 
Boys yng mens license skate
Boys yng mens license skateBoys yng mens license skate
Boys yng mens license skateceeram9
 
Windows Azure: Lessons From The Field
Windows Azure: Lessons From The FieldWindows Azure: Lessons From The Field
Windows Azure: Lessons From The FieldRob Gillen
 
the best cars
the best carsthe best cars
the best carsjhonshito
 
Girls junior prints
Girls junior printsGirls junior prints
Girls junior printsceeram9
 
Junior missy lounge packaging
Junior missy lounge packagingJunior missy lounge packaging
Junior missy lounge packagingceeram9
 
Password and Account Management Strategies - April 2019
Password and Account Management Strategies - April 2019Password and Account Management Strategies - April 2019
Password and Account Management Strategies - April 2019Kimberley Dray
 
Correcthorsebatterystaple dwsg 07 09-13
Correcthorsebatterystaple dwsg 07 09-13Correcthorsebatterystaple dwsg 07 09-13
Correcthorsebatterystaple dwsg 07 09-13Dallas Web Security Group
 
Cybersecurity for Marketing
Cybersecurity for Marketing Cybersecurity for Marketing
Cybersecurity for Marketing Alert Logic
 
Ethical_Hacking_ppt
Ethical_Hacking_pptEthical_Hacking_ppt
Ethical_Hacking_pptNarayanan
 
Cyber security awareness presentation nepal
Cyber security awareness presentation nepalCyber security awareness presentation nepal
Cyber security awareness presentation nepalICT Frame Magazine Pvt. Ltd.
 
Iron Bastion: How to Manage Your Clients' Data Responsibly
Iron Bastion: How to Manage Your Clients' Data ResponsiblyIron Bastion: How to Manage Your Clients' Data Responsibly
Iron Bastion: How to Manage Your Clients' Data ResponsiblyGabor Szathmari
 
Info Session on Cybersecurity & Cybersecurity Study Jams
Info Session on Cybersecurity & Cybersecurity Study JamsInfo Session on Cybersecurity & Cybersecurity Study Jams
Info Session on Cybersecurity & Cybersecurity Study JamsGDSCCVR
 
How To Keep the Grinch From Ruining Your Cyber Monday
How To Keep the Grinch From Ruining Your Cyber MondayHow To Keep the Grinch From Ruining Your Cyber Monday
How To Keep the Grinch From Ruining Your Cyber MondayMichele Chubirka
 
Computer Hacking - An Introduction
Computer Hacking - An IntroductionComputer Hacking - An Introduction
Computer Hacking - An IntroductionJayaseelan Vejayon
 
Cyber Safety 101
Cyber Safety 101Cyber Safety 101
Cyber Safety 101Jeff Niebaum, M.A
 
Social and Mobile and Cloud OH MY!
Social and Mobile and Cloud OH MY!Social and Mobile and Cloud OH MY!
Social and Mobile and Cloud OH MY!InnoTech
 
How to hack or what is ethical hacking
How to hack or what is ethical hackingHow to hack or what is ethical hacking
How to hack or what is ethical hackingbaabtra.com - No. 1 supplier of quality freshers
 
Ipsec And Ssl Protocols ( Vpn )
Ipsec And Ssl Protocols ( Vpn )Ipsec And Ssl Protocols ( Vpn )
Ipsec And Ssl Protocols ( Vpn )Monique Jones
 
Onlinesecurityrecomendations2014 141230081030-conversion-gate02
Onlinesecurityrecomendations2014 141230081030-conversion-gate02Onlinesecurityrecomendations2014 141230081030-conversion-gate02
Onlinesecurityrecomendations2014 141230081030-conversion-gate02amiinaaa
 

Weitere ähnliche Inhalte

Andere mochten auch

Portland Winter2010
Portland Winter2010Portland Winter2010
Portland Winter2010rcostic
 
Girl junior lounge lic line
Girl junior lounge lic lineGirl junior lounge lic line
Girl junior lounge lic lineceeram9
 
Panty programs license
Panty programs licensePanty programs license
Panty programs licenseceeram9
 
Boys yng mens license skate
Boys yng mens license skateBoys yng mens license skate
Boys yng mens license skateceeram9
 
Windows Azure: Lessons From The Field
Windows Azure: Lessons From The FieldWindows Azure: Lessons From The Field
Windows Azure: Lessons From The FieldRob Gillen
 
the best cars
the best carsthe best cars
the best carsjhonshito
 
Girls junior prints
Girls junior printsGirls junior prints
Girls junior printsceeram9
 
Junior missy lounge packaging
Junior missy lounge packagingJunior missy lounge packaging
Junior missy lounge packagingceeram9
 

Andere mochten auch (8)

Portland Winter2010
Portland Winter2010Portland Winter2010
Portland Winter2010
 
Girl junior lounge lic line
Girl junior lounge lic lineGirl junior lounge lic line
Girl junior lounge lic line
 
Panty programs license
Panty programs licensePanty programs license
Panty programs license
 
Boys yng mens license skate
Boys yng mens license skateBoys yng mens license skate
Boys yng mens license skate
 
Windows Azure: Lessons From The Field
Windows Azure: Lessons From The FieldWindows Azure: Lessons From The Field
Windows Azure: Lessons From The Field
 
the best cars
the best carsthe best cars
the best cars
 
Girls junior prints
Girls junior printsGirls junior prints
Girls junior prints
 
Junior missy lounge packaging
Junior missy lounge packagingJunior missy lounge packaging
Junior missy lounge packaging
 

Ähnlich wie So whats in a password

Password and Account Management Strategies - April 2019
Password and Account Management Strategies - April 2019Password and Account Management Strategies - April 2019
Password and Account Management Strategies - April 2019Kimberley Dray
 
Correcthorsebatterystaple dwsg 07 09-13
Correcthorsebatterystaple dwsg 07 09-13Correcthorsebatterystaple dwsg 07 09-13
Correcthorsebatterystaple dwsg 07 09-13Dallas Web Security Group
 
Cybersecurity for Marketing
Cybersecurity for Marketing Cybersecurity for Marketing
Cybersecurity for Marketing Alert Logic
 
Ethical_Hacking_ppt
Ethical_Hacking_pptEthical_Hacking_ppt
Ethical_Hacking_pptNarayanan
 
Iron Bastion: How to Manage Your Clients' Data Responsibly
Iron Bastion: How to Manage Your Clients' Data ResponsiblyIron Bastion: How to Manage Your Clients' Data Responsibly
Iron Bastion: How to Manage Your Clients' Data ResponsiblyGabor Szathmari
 
Info Session on Cybersecurity & Cybersecurity Study Jams
Info Session on Cybersecurity & Cybersecurity Study JamsInfo Session on Cybersecurity & Cybersecurity Study Jams
Info Session on Cybersecurity & Cybersecurity Study JamsGDSCCVR
 
How To Keep the Grinch From Ruining Your Cyber Monday
How To Keep the Grinch From Ruining Your Cyber MondayHow To Keep the Grinch From Ruining Your Cyber Monday
How To Keep the Grinch From Ruining Your Cyber MondayMichele Chubirka
 
Computer Hacking - An Introduction
Computer Hacking - An IntroductionComputer Hacking - An Introduction
Computer Hacking - An IntroductionJayaseelan Vejayon
 
Social and Mobile and Cloud OH MY!
Social and Mobile and Cloud OH MY!Social and Mobile and Cloud OH MY!
Social and Mobile and Cloud OH MY!InnoTech
 
Ipsec And Ssl Protocols ( Vpn )
Ipsec And Ssl Protocols ( Vpn )Ipsec And Ssl Protocols ( Vpn )
Ipsec And Ssl Protocols ( Vpn )Monique Jones
 
Onlinesecurityrecomendations2014 141230081030-conversion-gate02
Onlinesecurityrecomendations2014 141230081030-conversion-gate02Onlinesecurityrecomendations2014 141230081030-conversion-gate02
Onlinesecurityrecomendations2014 141230081030-conversion-gate02amiinaaa
 
Ethical Hacking & Network Security
Ethical Hacking & Network Security Ethical Hacking & Network Security
Ethical Hacking & Network Security Lokender Yadav
 
The life of breached data and the attack lifecycle
The life of breached data and the attack lifecycleThe life of breached data and the attack lifecycle
The life of breached data and the attack lifecycleJarrod Overson
 
Source Code and Admin Password Shared on Public Site by Developer
Source Code and Admin Password Shared on Public Site by DeveloperSource Code and Admin Password Shared on Public Site by Developer
Source Code and Admin Password Shared on Public Site by DeveloperDigital Shadows
 
An Introduction To IT Security And Privacy In Libraries & Anywhere
An Introduction To IT Security And Privacy In Libraries & AnywhereAn Introduction To IT Security And Privacy In Libraries & Anywhere
An Introduction To IT Security And Privacy In Libraries & AnywhereBlake Carver
 
Password Cracking
Password CrackingPassword Cracking
Password CrackingSagar Verma
 

Ähnlich wie So whats in a password (20)

Password and Account Management Strategies - April 2019
Password and Account Management Strategies - April 2019Password and Account Management Strategies - April 2019
Password and Account Management Strategies - April 2019
 
Correcthorsebatterystaple dwsg 07 09-13
Correcthorsebatterystaple dwsg 07 09-13Correcthorsebatterystaple dwsg 07 09-13
Correcthorsebatterystaple dwsg 07 09-13
 
Cybersecurity for Marketing
Cybersecurity for Marketing Cybersecurity for Marketing
Cybersecurity for Marketing
 
Ethical_Hacking_ppt
Ethical_Hacking_pptEthical_Hacking_ppt
Ethical_Hacking_ppt
 
Cyber security awareness presentation nepal
Cyber security awareness presentation nepalCyber security awareness presentation nepal
Cyber security awareness presentation nepal
 
Iron Bastion: How to Manage Your Clients' Data Responsibly
Iron Bastion: How to Manage Your Clients' Data ResponsiblyIron Bastion: How to Manage Your Clients' Data Responsibly
Iron Bastion: How to Manage Your Clients' Data Responsibly
 
Info Session on Cybersecurity & Cybersecurity Study Jams
Info Session on Cybersecurity & Cybersecurity Study JamsInfo Session on Cybersecurity & Cybersecurity Study Jams
Info Session on Cybersecurity & Cybersecurity Study Jams
 
How To Keep the Grinch From Ruining Your Cyber Monday
How To Keep the Grinch From Ruining Your Cyber MondayHow To Keep the Grinch From Ruining Your Cyber Monday
How To Keep the Grinch From Ruining Your Cyber Monday
 
Computer Hacking - An Introduction
Computer Hacking - An IntroductionComputer Hacking - An Introduction
Computer Hacking - An Introduction
 
Cyber Safety 101
Cyber Safety 101Cyber Safety 101
Cyber Safety 101
 
Social and Mobile and Cloud OH MY!
Social and Mobile and Cloud OH MY!Social and Mobile and Cloud OH MY!
Social and Mobile and Cloud OH MY!
 
How to hack or what is ethical hacking
How to hack or what is ethical hackingHow to hack or what is ethical hacking
How to hack or what is ethical hacking
 
Ipsec And Ssl Protocols ( Vpn )
Ipsec And Ssl Protocols ( Vpn )Ipsec And Ssl Protocols ( Vpn )
Ipsec And Ssl Protocols ( Vpn )
 
Onlinesecurityrecomendations2014 141230081030-conversion-gate02
Onlinesecurityrecomendations2014 141230081030-conversion-gate02Onlinesecurityrecomendations2014 141230081030-conversion-gate02
Onlinesecurityrecomendations2014 141230081030-conversion-gate02
 
Ethical Hacking & Network Security
Ethical Hacking & Network Security Ethical Hacking & Network Security
Ethical Hacking & Network Security
 
The life of breached data and the attack lifecycle
The life of breached data and the attack lifecycleThe life of breached data and the attack lifecycle
The life of breached data and the attack lifecycle
 
Source Code and Admin Password Shared on Public Site by Developer
Source Code and Admin Password Shared on Public Site by DeveloperSource Code and Admin Password Shared on Public Site by Developer
Source Code and Admin Password Shared on Public Site by Developer
 
OlgerHoxha_Thesis_Final
OlgerHoxha_Thesis_FinalOlgerHoxha_Thesis_Final
OlgerHoxha_Thesis_Final
 
An Introduction To IT Security And Privacy In Libraries & Anywhere
An Introduction To IT Security And Privacy In Libraries & AnywhereAn Introduction To IT Security And Privacy In Libraries & Anywhere
An Introduction To IT Security And Privacy In Libraries & Anywhere
 
Password Cracking
Password CrackingPassword Cracking
Password Cracking
 

Mehr von Rob Gillen

CodeStock14: Hiding in Plain Sight
CodeStock14: Hiding in Plain SightCodeStock14: Hiding in Plain Sight
CodeStock14: Hiding in Plain SightRob Gillen
 
What's in a password
What's in a password What's in a password
What's in a password Rob Gillen
 
How well do you know your runtime
How well do you know your runtimeHow well do you know your runtime
How well do you know your runtimeRob Gillen
 
Software defined radio and the hacker
Software defined radio and the hackerSoftware defined radio and the hacker
Software defined radio and the hackerRob Gillen
 
Hiding in plain sight
Hiding in plain sightHiding in plain sight
Hiding in plain sightRob Gillen
 
ETCSS: Into the Mind of a Hacker
ETCSS: Into the Mind of a HackerETCSS: Into the Mind of a Hacker
ETCSS: Into the Mind of a HackerRob Gillen
 
DevLink - WiFu: You think your wireless is secure?
DevLink - WiFu: You think your wireless is secure?DevLink - WiFu: You think your wireless is secure?
DevLink - WiFu: You think your wireless is secure?Rob Gillen
 
You think your WiFi is safe?
You think your WiFi is safe?You think your WiFi is safe?
You think your WiFi is safe?Rob Gillen
 
Anatomy of a Buffer Overflow Attack
Anatomy of a Buffer Overflow AttackAnatomy of a Buffer Overflow Attack
Anatomy of a Buffer Overflow AttackRob Gillen
 
Intro to GPGPU with CUDA (DevLink)
Intro to GPGPU with CUDA (DevLink)Intro to GPGPU with CUDA (DevLink)
Intro to GPGPU with CUDA (DevLink)Rob Gillen
 
AWS vs. Azure
AWS vs. AzureAWS vs. Azure
AWS vs. AzureRob Gillen
 
A Comparison of AWS and Azure - Part2
A Comparison of AWS and Azure - Part2A Comparison of AWS and Azure - Part2
A Comparison of AWS and Azure - Part2Rob Gillen
 
A Comparison of AWS and Azure - Part 1
A Comparison of AWS and Azure - Part 1A Comparison of AWS and Azure - Part 1
A Comparison of AWS and Azure - Part 1Rob Gillen
 
Intro to GPGPU Programming with Cuda
Intro to GPGPU Programming with CudaIntro to GPGPU Programming with Cuda
Intro to GPGPU Programming with CudaRob Gillen
 
Scaling Document Clustering in the Cloud
Scaling Document Clustering in the CloudScaling Document Clustering in the Cloud
Scaling Document Clustering in the CloudRob Gillen
 
Hands On with Amazon Web Services (StirTrek)
Hands On with Amazon Web Services (StirTrek)Hands On with Amazon Web Services (StirTrek)
Hands On with Amazon Web Services (StirTrek)Rob Gillen
 
Amazon Web Services for the .NET Developer
Amazon Web Services for the .NET DeveloperAmazon Web Services for the .NET Developer
Amazon Web Services for the .NET DeveloperRob Gillen
 
05561 Xfer Research 02
05561 Xfer Research 0205561 Xfer Research 02
05561 Xfer Research 02Rob Gillen
 
05561 Xfer Research 01
05561 Xfer Research 0105561 Xfer Research 01
05561 Xfer Research 01Rob Gillen
 
05561 Xfer Consumer 01
05561 Xfer Consumer 0105561 Xfer Consumer 01
05561 Xfer Consumer 01Rob Gillen
 

Mehr von Rob Gillen (20)

CodeStock14: Hiding in Plain Sight
CodeStock14: Hiding in Plain SightCodeStock14: Hiding in Plain Sight
CodeStock14: Hiding in Plain Sight
 
What's in a password
What's in a password What's in a password
What's in a password
 
How well do you know your runtime
How well do you know your runtimeHow well do you know your runtime
How well do you know your runtime
 
Software defined radio and the hacker
Software defined radio and the hackerSoftware defined radio and the hacker
Software defined radio and the hacker
 
Hiding in plain sight
Hiding in plain sightHiding in plain sight
Hiding in plain sight
 
ETCSS: Into the Mind of a Hacker
ETCSS: Into the Mind of a HackerETCSS: Into the Mind of a Hacker
ETCSS: Into the Mind of a Hacker
 
DevLink - WiFu: You think your wireless is secure?
DevLink - WiFu: You think your wireless is secure?DevLink - WiFu: You think your wireless is secure?
DevLink - WiFu: You think your wireless is secure?
 
You think your WiFi is safe?
You think your WiFi is safe?You think your WiFi is safe?
You think your WiFi is safe?
 
Anatomy of a Buffer Overflow Attack
Anatomy of a Buffer Overflow AttackAnatomy of a Buffer Overflow Attack
Anatomy of a Buffer Overflow Attack
 
Intro to GPGPU with CUDA (DevLink)
Intro to GPGPU with CUDA (DevLink)Intro to GPGPU with CUDA (DevLink)
Intro to GPGPU with CUDA (DevLink)
 
AWS vs. Azure
AWS vs. AzureAWS vs. Azure
AWS vs. Azure
 
A Comparison of AWS and Azure - Part2
A Comparison of AWS and Azure - Part2A Comparison of AWS and Azure - Part2
A Comparison of AWS and Azure - Part2
 
A Comparison of AWS and Azure - Part 1
A Comparison of AWS and Azure - Part 1A Comparison of AWS and Azure - Part 1
A Comparison of AWS and Azure - Part 1
 
Intro to GPGPU Programming with Cuda
Intro to GPGPU Programming with CudaIntro to GPGPU Programming with Cuda
Intro to GPGPU Programming with Cuda
 
Scaling Document Clustering in the Cloud
Scaling Document Clustering in the CloudScaling Document Clustering in the Cloud
Scaling Document Clustering in the Cloud
 
Hands On with Amazon Web Services (StirTrek)
Hands On with Amazon Web Services (StirTrek)Hands On with Amazon Web Services (StirTrek)
Hands On with Amazon Web Services (StirTrek)
 
Amazon Web Services for the .NET Developer
Amazon Web Services for the .NET DeveloperAmazon Web Services for the .NET Developer
Amazon Web Services for the .NET Developer
 
05561 Xfer Research 02
05561 Xfer Research 0205561 Xfer Research 02
05561 Xfer Research 02
 
05561 Xfer Research 01
05561 Xfer Research 0105561 Xfer Research 01
05561 Xfer Research 01
 
05561 Xfer Consumer 01
05561 Xfer Consumer 0105561 Xfer Consumer 01
05561 Xfer Consumer 01
 

KĂźrzlich hochgeladen

🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel AraĂşjo
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsRoshan Dwivedi
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilV3cube
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...gurkirankumar98700
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 

KĂźrzlich hochgeladen (20)

🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of Brazil
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 

So whats in a password

  • 1. So, What’s in a Password? Rob Gillen @argodev This work is licensed under a Creative Commons Attribution 3.0 License.
  • 2. Don’t Be Stupid The following presentation describes real attacks on real systems. Please note that most of the attacks described would be considered ILLEGAL if attempted on machines that you do not have explicit permission to test and attack. I assume no responsibility for any actions you perform based on the content of this presentation or subsequent conversations. Please remember this basic guideline: With knowledge comes responsibility.
  • 3. Disclaimer The content of this presentation represents my personal views and thoughts at the present time. This content is not endorsed by, or representative in any way of my employer nor is it intended to be a view into my work or a reflection on the type of work that I or my group performs. It is simply a hobby and personal interest and should be considered as such.
  • 5. Pixel Federation In December 2013, a breach of the webbased game community based in Slovakia exposed over 38,000 accounts which were promptly posted online. The breach included email addresses and unsalted MD5 hashed passwords, many of which were easily converted back to plain text. http://haveibeenpwned.com/
  • 6. Vodafone In November 2013, Vodafone in Iceland suffered an attack attributed to the Turkish hacker collective "Maxn3y". The data was consequently publicly exposed and included user names, email addresses, social security numbers, SMS message, server logs and passwords from a variety of different internal sources. http://haveibeenpwned.com/
  • 7. Adobe The big one. In October 2013, 153 million accounts were breached with each containing an internal ID, username, email, encrypted password and a password hint in plain text. The password cryptography was poorly done and many were quickly resolved back to plain text. The unencrypted hints also disclosed much about the passwords adding further to the risk that hundreds of millions of Adobe customers already faced. http://haveibeenpwned.com/
  • 8. Twitter February 2013 - This week, we detected unusual access patterns that led to us identifying unauthorized access attempts to Twitter user data. We discovered one live attack and were able to shut it down in process moments later. However, our investigation has thus far indicated that the attackers may have had access to limited user information – usernames, email addresses, session tokens and encrypted/salted versions of passwords – for approximately 250,000 users. https://blog.twitter.com/2013/keeping-our-users-secure
  • 9. More… • cvideo.co.il – 10/15/2013 – 3,339 • http://hackread.com/iranian-hackers-hack-israeli-job-site/ • penangmarathon.gov.my – 10/8/2013 – 1,387 • http://www.cyberwarnews.info/2013/10/07/45000-penang-marathonparticipants-personal-details-leaked/ • tomsawyer.com – 10/6/2013 – 57,462 • http://www.cyberwarnews.info/2013/10/07/software-company-tomsawyer-hacked-61000-vendors-accounts-leaked/ • ahashare.com – 10/3/2013 – 169,874 • http://www.cyberwarnews.info/2013/10/04/ahashare-com-hackedcomplete-database-with-190-000-user-credentials-leaked/ • Unknown Israeli website – 7/30/2013 – 26,064 • http://hackread.com/opizzah-opisrael-phr0zenmyst-claims-to-leaklogin-details-of-33895-israelis/ • UK emails – 7/17/2013 – 8,002 • http://www.techworm.in/2013/07/more-than-15000-emails-usernameand.html https://shouldichangemypassword.com/all-sources.php
  • 10. More… • UK emails (part 2) – 7/17/2013 – 7,514 • http://www.techworm.in/2013/07/more-than-15000-emails-usernameand.html • http://www.pakistanintelligence.com – 5/27/2013 – 75,942 • http://www.ehackingnews.com/2013/05/pakistan-intelligence-jobboard-website.html • McDonalds Taiwan – 3/27/2013 – 185,620 • http://www.cyberwarnews.info/2013/03/28/official-mcdonaldsaustria-taiwan-korea-hacked-over-200k-credentials-leaked/ • karjera.ktu.lt – 3/14/2013 – 14,133 • http://www.cyberwarnews.info/2013/03/14/14000-student-credentialsleaked-from-ktu-career-center-lithuania/ • avadas.de – 3/9/2013 – 3,344 • http://hackread.com/avast-germany-website-hacked-defaced-20000user-accounts-leaked-by-maxney/ • angloplatinum.co.za – 3/5/2013 – 7,967 • http://thehackernews.com/2013/03/worlds-largest-platinum-producerhacked.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Fee d%3A+TheHackersNews+(The+Hackers+News+-+Security+Blog)#_ https://shouldichangemypassword.com/all-sources.php
  • 11. More… • angloplatinum.com – 3/5/2013 – 723 • http://thehackernews.com/2013/03/worlds-largest-platinum-producerhacked.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Fee d%3A+TheHackersNews+(The+Hackers+News+-+Security+Blog)#_ • Walla.co.il – 2/19/2013 – 531,526 • http://www.haaretz.com/news/national/anonymous-activists-hackinto-600-000-israeli-email-accounts.premium-1.504093 • Bank Executives – 2/4/2013 – 4,596 • http://www.zdnet.com/anonymous-posts-over-4000-u-s-bank-executivecredentials-7000010740/ • bee-network.co.za – 1/29/2013 – 81 • http://www.ehackingnews.com/2013/01/projectsunrise-teamghostshell-leaked.html • omni-id.com – 1/29/2013 – 1,151 • http://www.ehackingnews.com/2013/01/projectsunrise-teamghostshell-leaked.html • moolmans.com – 1/29/2013 – 117 • http://www.ehackingnews.com/2013/01/projectsunrise-teamghostshell-leaked.html https://shouldichangemypassword.com/all-sources.php
  • 12. More… • servicedesk.ufs.ac.za – 1/29/2013 – 3,952 • http://www.ehackingnews.com/2013/01/projectsunrise-teamghostshell-leaked.html • servicedesk.ufs.ac.za (part 2) – 1/29/2013 – 355 • http://www.ehackingnews.com/2013/01/projectsunrise-teamghostshell-leaked.html • westcol.co.za – 1/29/2013 – 99 • http://www.ehackingnews.com/2013/01/projectsunrise-teamghostshell-leaked.html • digital.postnet.co.za – 1/29/2013 – 45,245 • http://www.ehackingnews.com/2013/01/projectsunrise-teamghostshell-leaked.html • French Chamber of Commerce – 1/29/2013 – 515 • http://news.softpedia.com/news/French-Chamber-of-Commerceand-Industry-Portal-Hacked-by-Tunisian-Cyber-Army324716.shtml https://shouldichangemypassword.com/all-sources.php
  • 13. Types of Attacks • Algorithm Weaknesses • Implementation Weaknesses • Dictionary Attacks • Brute-Force Attacks • Mask Attacks
  • 14. Algorithmic Weaknesses • Collision, Second Pre-Image, Pre-Image • Confirmed: • GOST, HAVAL, MD2, MD4, MD5, PANAMA, RadioGatun, RIPEMD, RIPEMD-160, SHA-0, SHA-1, Tiger(2) – 192/160/128, WHIRLPOOL • Theoretical: • SHA-256/224 • SHA-512/384 http://en.wikipedia.org/wiki/Cryptographic_hash_function
  • 15. Account Hashes • Windows Hash • EAD0CC57DDAAE50D876B7DD6386FA9C7 • Linux Hash • $6$OeKR9qBnzym.Q.VO$hM3uL03hmR4ZqAME/8Ol. xWGYAmVdpi3S4hWGLeugaKNj/HLzQPTz7FhjATYO/ KXCNHZ8P7zJDi2HHb1K.xfE.
  • 16. File Encryption • MS Office • PDFs • Zip/7z/rar • TrueCrypt
  • 18. How do they work? • Known file-format/implementation weakness • Header data to indicate encryption • Type, keylength, etc. • Often some small portion to decrypt/validate • How is it that changing encryption keys is fast? • Your key encrypts “real” key
  • 20. Password Guessing char string1[maxPassLength + 1]; char alphanum[63] = "ABCDEFGHIJKLMNOPQRSTUVWXYZ" "abcdefghijklmnopqrstuvwxyz" "0123456789"; for 0  maxLength for each char in alphanum…
  • 21. Slightly Better… int min = 8; int max = 12; char[] valid = "ABCDEFGHIJKLMNOPQRSTUVWXYZ" "abcdefghijklmnopqrstuvwxyz" "0123456789"; # # # # known rules first & last must be char no consecutive-ordered chars/nums no repeated chars/nums
  • 22. DEMO: Cracking a Windows Hash With oclHashCat
  • 23. Image courtesy of xkcd.com (http://imgs.xkcd.com/comics/password_strength.png)
  • 24. (more) Intelligent Password Guessing • What do people usually use? • What can we do to reduce the set of possibilities? • Cull terms/domain knowledge from relevant data • Dating sites, religious sites, others Best: Already used/real-world passwords
  • 25. Determine your goals • Cracking a single, specific pwd? • Cracking a large % of an “acquired set”?
  • 26. • Mark Burnett, author of Perfect Passwords • List of 6,000,000, culled down to 10,000 most frequently used • Top 10,000 passwords are used by 98.8% of all users • 2,342,603 (that’s 99.6%) unique passwords remaining that are in use by only .18% of users! https://xato.net/passwords/more-top-worst-passwords/
  • 27. • Lots of lists…
  • 29. PACK • Password Analysis and Cracking Toolkit • Peter Kacherginsky, PasswordCon, 7/30-7/31 • Intelligent cycle of cracking, analysis, rule generation http://thesprawl.org/projects/pack/
  • 30. Statistical Analysis • Password Length Analysis • Character Set Analysis • Word Mangling Analysis
  • 33. Advanced Analytics • Levenshtein Edit Distance http://en.wikipedia.org/wiki/Levenshtein_distance
  • 34. Levenshtein Edit Distance • Minimum number of changes required to change one string into another • Measure distance b/t actual words and cracked list to optimize the word mangling rules • i.e. XX% of words can be achieved with Levenshtein edit distance of <=2 • Only gen rules that match http://www.let.rug.nl/~kleiweg/lev/ http://www.kurzhals.info/static/samples/levenshtein_distance/
  • 35. What if I don’t have your Password? • Pass the Hash • Demo • But We use Smart Cards!?
  • 36. Avoidance Techniques • Don’t use “monkey” • Don’t reuse “monkey” • If you must use monkey, require something else as well • Salt is good • Your own salt is better • Utilize memory-hard algorithms • Utilize multiple iterations (a lot) • Your username is half of the equation
  • 37. References • http://haveibeenpwned.com/ • https://lastpass.com/adobe/ • https://lastpass.com/linkedin/ • https://lastpass.com/lastfm/ • https://shouldichangemypassword.com/al l-sources.php