SlideShare a Scribd company logo

Ijsrp p8748

•
•
A
Alin Boncioaga

Ayo is a powerful password generation tool that is capable of learning any word order derived from PDF books. Basically, it can process PDF books in a matter of minutes if not seconds and will learn the normal flow of words in a sentence to generate language-specific possibilities. Masks help to generate custom passwords with special characters and/or numbers.

Software
1 of 4
Download to read offline
International Journal of Scientific and Research Publications, Volume 9, Issue 3, March 2019 306 ISSN 2250-3153 http://dx.doi.org/10.29322/IJSRP.9.03.2019.p8748 www.ijsrp.org Ayo Tool An Advanced Password Cracking Technique If Dictionary and Brute Force Attacks Have Failed Alin Boncioaga | orcid.org/0000-0002-8871-6235 Bucharest | Romania | 2019 alin.boncioaga@gmail.com Code on Github : https://goo.gl/d2GgSY DOI: 10.29322/IJSRP.9.03.2019.p8748 http://dx.doi.org/10.29322/IJSRP.9.03.2019.p8748 Abstract Ayo is a POC tool that’s designed to make password cracking techniques easier. It should only be used if the following strategies have failed: ● dictionary attack (including rainbow tables). ● brute force attack (including masks). ● password profiling (including Cewl, Wyd, and Cupp). Ayo is a powerful password generation tool that is capable of learning any word order derived from PDF books. Basically, it can process PDF books in a matter of minutes if not seconds and will learn the normal flow of words in a sentence to generate language-specific possibilities. Masks help to generate custom passwords with special characters and/or numbers. Keywords Password profiling, big data password profiling. 1. Introduction For the purpose of illustration, a real-world pen test scenario is used. A contract has been awarded for pen testing a Spanish legal firm. However, due to the rules of engagement, social engineering and other techniques cannot be considered. The team has access to the company’s premises and has managed to extract some WPA hashes with a simple airodump–ng scan. However, after several attempts, the team is not able to crack any other hashes using the most commonly available methods, such as dictionary attack, brute force attack, Cewl, Wyd and Cupp. Using the keywords “Spanish company” and “company in the legal sector,” domain-specific passwords are generated in the target language using Ayo. A number of legal PDF books written in the Spanish language are fed to the tool for this case. Initially, this generates a number of questions: ● Is this feasible? ● Would the result crack any actual hashes? ● Would this generate an overwhelming number of passwords? 2. Data Structures Once the PDF books have been processed, the word order is retained in a tool-specific data structure. This resembles a neural network-like web. 2.1 Example The word “blue” is used in this example. In a typical English sentence, this would be followed by a word such as sky, car, or eyes and not by words such as cow or dog. Learn Mode will store all the words in the following structure: Dictionary<string, Dictionary<string, int>> Each example will list the words that have occurred after it, plus the number of occurrences. This structure will be written by Learn Mode in JSON format and placed in a separate file. 2.2 Scalability This is a Dictionary within Dictionary software design
International Journal of Scientific and Research Publications, Volume 9, Issue 3, March 2019 307 ISSN 2250-3153 http://dx.doi.org/10.29322/IJSRP.9.03.2019.p8748 www.ijsrp.org Search Operation O(1). However, there are two main issues related to memory object size and output file size, and further development is needed to improve scalability. 3. Usage Ayo will run in three distinct modes. They are designed to be run in sequence as the output of each mode becomes the input for the following one. While any tool in the marketplace can be used for the third functionality mode, Learn Mode and Generate Mode specifically introduce new ideas to the field of academic cryptography. 3.1 Learn Mode The objective is to learn the sequence of words from PDF books in order to generate smart possible passwords. The output of this mode is a JSON extension file that holds the word structure. The data is stored in such a way that it generates constant complexity (O(1)) within the search operation. The full command examples provided in the help menu have been tested and found to be 100% functional. However, due to time restrictions and modest financial resources, there remain many untested workflows and possible bugs within the current POC implementation. 3.1.1 Clean Operation - - clean 30 eliminates 30% of the words with the least connections. The clean operation O(n*n) is only performed once and is therefore negligible. 3.1.2 Example Ayo.exe – learn – path % path_to_folder % -- write % path_to_folder% --clean 30 3.2 Generate Mode This generates a password based on the JSON extension file created during the previous step and a mask. that’s been chosen for its speed within 3.2.1 Mask Options x – word. c – capitalise the first letter of next word. C – capitalise all letters of the next word. n – numbers. s – special character. 3.2.2 Example example: ayo.exe --generate --json % path_to_json% -- write %path_to_txt_file% -wnsw --nr 10000 4. User Interface Ayo generates a simple Windows CLI. For example, ayo -- help will generate the following: Figure 1 5. Results It’s important to remember that this is a simple tool using clean and basic code. The main benefits of Ayo can be found in what it brings to the password profiling niche. 5.1 Adjustable Parameters To obtain the best results, it’s important to focus on two parameters in detail – “ --clean” from Learn Mode and “ -- nr” from Generate Mode.
International Journal of Scientific and Research Publications, Volume 9, Issue 3, March 2019 308 ISSN 2250-3153 http://dx.doi.org/10.29322/IJSRP.9.03.2019.p8748 www.ijsrp.org “ --nr” refers to the number of passwords required. “ --clean” will erase the words with the least connections to leave only those that have been encountered most often in linguistic situations using the chosen domain/language/PDF Book. 5.2 Big Data Password Profiling Typically, password profiling tools generate a string based on a word combination, such as dog name, date of birth, mother’s maiden name, friend’s name, favourite sport, and so on. This tool allows the password profiling niche to work with large datasets. It will always generate consistent results. Nearly all the generated strings are good candidates of being able to crack the hash. 5.3 Examples of Generate Mode The following CLI commands exclude “ --json” and “ -- write” arguments. 5.2.1 --generate -cwcw --nr 3 Result 1: EncodeArbitrary Result 2: RulesApply Result 3: ReusableProofs 5.2.1 --generate -cwncwncw --nr 3 Result 1: Added886To839Catch Result 2: Nearzero390By189Yonatan Result 3: Solutions668To580Spend 5.2.2 --generate -cwscwnCw --nr 3 Result 1: Use"Two37WAYS Result 2: Similar!To85ME Result 3: Sign%The781FORM 6. Limitations At the moment, the tool only supports the Learn Mode and Generate Mode apps. It is written in C# as a Windows tool and works in English only for WPA hashes. Ayo tool takes this a step further toward a big data password profiling environment. However, support for any language can be added to the modular architecture of the tool. This can be achieved by replacing language specific characters with ASCII ones. For example, replace 'ù' with 'u'. Note that Cracking Mode is not developed yet. The tool is a POC. While comprehensive tests have been performed, if more than 200 PDF books (with more than 500 pages each) are loaded, users may encounter bugs. 7. Future Plans Ayo has solid architecture and design patterns. Consequently, its tools can easily be maintained or extended. Future plans include: ● Learn Mode to process PDFs in multiple languages. ● Crack Mode to work with multiple hashing/encryption algorithms. ● Linux CLI./GUI ● Windows GUI 8. Artificial Intelligence in Password Profiling Ayo is a very flexible and powerful tool. As it simply relies upon PDF files for input, any number of subjects, areas of interest or languages can be introduced. With “clean operation,” many of the more unusual word combinations can be filtered out. While it would have been possible to add any number of additional or more complex features, simplicity was deemed to be critical and the tool's most important asset. Remember that the resulting JSON structure holds the sentence structure learned by the tool. From this point, knowledge gathered from the PDF books can be used to construct possible passwords. 9. Conclusion This tool successfully demonstrates that password cracking can extend beyond dictionary and brute force attacks. Even though tools like Cewl, Wyd and Cupp have proven that custom targeted password generation is very useful, the
International Journal of Scientific and Research Publications, Volume 9, Issue 3, March 2019 309 ISSN 2250-3153 http://dx.doi.org/10.29322/IJSRP.9.03.2019.p8748 www.ijsrp.org About the Author : Alin Boncioaga is a passionate software developer from Romania, active in the cybersecurity space and has a few companies of his own. Open Source enthusiast. Acknowledgments : A warm ‘Thank You’ to Vlad Monescu and Ioana Cristina Plajer, Transilvania University Romania, for they passion for algorithms and teaching. References: [1] S.O.L.I.D: The First 5 Principles of Object Oriented Design by Robert Martin, 2000. [2] WHY PROGRAMS FAIL: A Guide to Systematic Debugging by Andreas Zeller, 2009. [3] Design Principles and Design Patterns by Robert Martin https://fi.ort.edu.uy/innovaportal/file/2032/1/design_principl es.pdf, 2000. [4] Handbook of Applied Cryptography (Discrete Mathematics and Its Applications) by Alfred J. Menezes, Paul C. van Oorschot and Scott A. Vanstone, 2001. [5] Aircrack-ng by Ronald Cohn Jesse Russell, 2012. [6] Mastering Kali Linux for Advanced Penetration Testing: Secure your network with Kali Linux - the ultimate white hat hackers' toolkit, 2nd Edition by Vijay Kumar Velu, 2017. [7] Wireshark Network Analysis: The Official Wireshark Certified Network Analyst Study Guide by Laura Chappell, 2010. [8] Seven Deadliest Wireless Technologies Attacks by Brad Haines, 2010.

Recommended

IRJET - Analysis on Code-Mixed Data for Movie Reviews
IRJET - Analysis on Code-Mixed Data for Movie ReviewsIRJET - Analysis on Code-Mixed Data for Movie Reviews
IRJET - Analysis on Code-Mixed Data for Movie Reviews
IRJET Journal
 
IRJET- QUEZARD : Question Wizard using Machine Learning and Artificial Intell...
IRJET- QUEZARD : Question Wizard using Machine Learning and Artificial Intell...IRJET- QUEZARD : Question Wizard using Machine Learning and Artificial Intell...
IRJET- QUEZARD : Question Wizard using Machine Learning and Artificial Intell...
IRJET Journal
 
A black-box-approach-for-response-quality-evaluation-of-conversational-agent-...
A black-box-approach-for-response-quality-evaluation-of-conversational-agent-...A black-box-approach-for-response-quality-evaluation-of-conversational-agent-...
A black-box-approach-for-response-quality-evaluation-of-conversational-agent-...
Cemal Ardil
 
IRJET- College Enquiry Chatbot System(DMCE)
IRJET- College Enquiry Chatbot System(DMCE)IRJET- College Enquiry Chatbot System(DMCE)
IRJET- College Enquiry Chatbot System(DMCE)
IRJET Journal
 
Detection of slang words in e data using semi supervised learning
Detection of slang words in e data using semi supervised learningDetection of slang words in e data using semi supervised learning
Detection of slang words in e data using semi supervised learning
ijaia
 
IRJET - A Web-based College Enquiry Chatbot using .Net and Dataset
IRJET - A Web-based College Enquiry Chatbot using .Net and DatasetIRJET - A Web-based College Enquiry Chatbot using .Net and Dataset
IRJET - A Web-based College Enquiry Chatbot using .Net and Dataset
IRJET Journal
 
Chat bot in_pythion
Chat bot in_pythionChat bot in_pythion
Chat bot in_pythion
ShivendraPratapSingh84
 
Resume parser
Resume parserResume parser
Resume parser
Akrita Agarwal
 

Recommended

IRJET - Analysis on Code-Mixed Data for Movie Reviews
IRJET - Analysis on Code-Mixed Data for Movie ReviewsIRJET - Analysis on Code-Mixed Data for Movie Reviews
IRJET - Analysis on Code-Mixed Data for Movie Reviews
IRJET Journal
 
IRJET- QUEZARD : Question Wizard using Machine Learning and Artificial Intell...
IRJET- QUEZARD : Question Wizard using Machine Learning and Artificial Intell...IRJET- QUEZARD : Question Wizard using Machine Learning and Artificial Intell...
IRJET- QUEZARD : Question Wizard using Machine Learning and Artificial Intell...
IRJET Journal
 
A black-box-approach-for-response-quality-evaluation-of-conversational-agent-...
A black-box-approach-for-response-quality-evaluation-of-conversational-agent-...A black-box-approach-for-response-quality-evaluation-of-conversational-agent-...
A black-box-approach-for-response-quality-evaluation-of-conversational-agent-...
Cemal Ardil
 
IRJET- College Enquiry Chatbot System(DMCE)
IRJET- College Enquiry Chatbot System(DMCE)IRJET- College Enquiry Chatbot System(DMCE)
IRJET- College Enquiry Chatbot System(DMCE)
IRJET Journal
 
Detection of slang words in e data using semi supervised learning
Detection of slang words in e data using semi supervised learningDetection of slang words in e data using semi supervised learning
Detection of slang words in e data using semi supervised learning
ijaia
 
IRJET - A Web-based College Enquiry Chatbot using .Net and Dataset
IRJET - A Web-based College Enquiry Chatbot using .Net and DatasetIRJET - A Web-based College Enquiry Chatbot using .Net and Dataset
IRJET - A Web-based College Enquiry Chatbot using .Net and Dataset
IRJET Journal
 
Chat bot in_pythion
Chat bot in_pythionChat bot in_pythion
Chat bot in_pythion
ShivendraPratapSingh84
 
Resume parser
Resume parserResume parser
Resume parser
Akrita Agarwal
 
A REPORT On DETECTION OF PHISHING WEBSITE USING MACHINE LEARNING
A REPORT On DETECTION OF PHISHING WEBSITE USING MACHINE LEARNINGA REPORT On DETECTION OF PHISHING WEBSITE USING MACHINE LEARNING
A REPORT On DETECTION OF PHISHING WEBSITE USING MACHINE LEARNING
Emma Burke
 
Az4301280282
Az4301280282Az4301280282
Az4301280282
IJERA Editor
 
NEURAL NETWORK BOT
NEURAL NETWORK BOTNEURAL NETWORK BOT
NEURAL NETWORK BOT
IRJET Journal
 
F21SC Industrial Programming CW2 Data Analytics (35) 20192.docx
F21SC Industrial Programming CW2 Data Analytics (35) 20192.docxF21SC Industrial Programming CW2 Data Analytics (35) 20192.docx
F21SC Industrial Programming CW2 Data Analytics (35) 20192.docx
lmelaine
 
History Of C Essay
History Of C EssayHistory Of C Essay
History Of C Essay
Melissa Williams
 
School updated
School updatedSchool updated
School updated
skumartarget
 
Advanced Virtual Assistant Based on Speech Processing Oriented Technology on ...
Advanced Virtual Assistant Based on Speech Processing Oriented Technology on ...Advanced Virtual Assistant Based on Speech Processing Oriented Technology on ...
Advanced Virtual Assistant Based on Speech Processing Oriented Technology on ...
ijtsrd
 
Introduction to python
Introduction to pythonIntroduction to python
Introduction to python
sjagadeeswari
 
What makes python 3.11 special
What makes python 3.11 special What makes python 3.11 special
What makes python 3.11 special
Moon Technolabs Pvt. Ltd.
 
Grade 11-Q1_W3-PECS_AQS.pdf
Grade 11-Q1_W3-PECS_AQS.pdfGrade 11-Q1_W3-PECS_AQS.pdf
Grade 11-Q1_W3-PECS_AQS.pdf
Victor Sinangote
 
IRJET - Pseudocode to Python Translation using Machine Learning
IRJET - Pseudocode to Python Translation using Machine LearningIRJET - Pseudocode to Python Translation using Machine Learning
IRJET - Pseudocode to Python Translation using Machine Learning
IRJET Journal
 
Recent Trends in Translation of Programming Languages using NLP Approaches
Recent Trends in Translation of Programming Languages using NLP ApproachesRecent Trends in Translation of Programming Languages using NLP Approaches
Recent Trends in Translation of Programming Languages using NLP Approaches
IRJET Journal
 
Ethnograph 11 Jul07
Ethnograph 11 Jul07Ethnograph 11 Jul07
Ethnograph 11 Jul07
Clara Kwan
 
IRJET- Voice to Code Editor using Speech Recognition
IRJET- Voice to Code Editor using Speech RecognitionIRJET- Voice to Code Editor using Speech Recognition
IRJET- Voice to Code Editor using Speech Recognition
IRJET Journal
 
Utilizing the natural langauage toolkit for keyword research
Utilizing the natural langauage toolkit for keyword researchUtilizing the natural langauage toolkit for keyword research
Utilizing the natural langauage toolkit for keyword research
Erudite
 
nullcon 2011 - Fuzzing with Complexities
nullcon 2011 - Fuzzing with Complexitiesnullcon 2011 - Fuzzing with Complexities
nullcon 2011 - Fuzzing with Complexities
n|u - The Open Security Community
 
OOP ppt.pdf
OOP ppt.pdfOOP ppt.pdf
OOP ppt.pdf
ArpitaJana28
 
The Concept Of Abstract Data Types
The Concept Of Abstract Data TypesThe Concept Of Abstract Data Types
The Concept Of Abstract Data Types
Katy Allen
 
Algorithms and Application Programming
Algorithms and Application ProgrammingAlgorithms and Application Programming
Algorithms and Application Programming
ahaleemsl
 
Why Python in required in Civil Engineering
Why Python in required in Civil EngineeringWhy Python in required in Civil Engineering
Why Python in required in Civil Engineering
Rushikesh Kolhe
 
AzureNativeQumulo_HPC_Cloud_Native_Benchmarks.pdf
AzureNativeQumulo_HPC_Cloud_Native_Benchmarks.pdfAzureNativeQumulo_HPC_Cloud_Native_Benchmarks.pdf
AzureNativeQumulo_HPC_Cloud_Native_Benchmarks.pdf
ryanfarris8
 
WSO2Con2024 - Software Delivery in Hybrid Environments
WSO2Con2024 - Software Delivery in Hybrid EnvironmentsWSO2Con2024 - Software Delivery in Hybrid Environments
WSO2Con2024 - Software Delivery in Hybrid Environments
WSO2
 

More Related Content

Similar to Ijsrp p8748

Az4301280282
Az4301280282Az4301280282
Az4301280282
IJERA Editor
 
F21SC Industrial Programming CW2 Data Analytics (35) 20192.docx
F21SC Industrial Programming CW2 Data Analytics (35) 20192.docxF21SC Industrial Programming CW2 Data Analytics (35) 20192.docx
F21SC Industrial Programming CW2 Data Analytics (35) 20192.docx
lmelaine
 
Advanced Virtual Assistant Based on Speech Processing Oriented Technology on ...
Advanced Virtual Assistant Based on Speech Processing Oriented Technology on ...Advanced Virtual Assistant Based on Speech Processing Oriented Technology on ...
Advanced Virtual Assistant Based on Speech Processing Oriented Technology on ...
ijtsrd
 
Ethnograph 11 Jul07
Ethnograph 11 Jul07Ethnograph 11 Jul07
Ethnograph 11 Jul07
Clara Kwan
 
The Concept Of Abstract Data Types
The Concept Of Abstract Data TypesThe Concept Of Abstract Data Types
The Concept Of Abstract Data Types
Katy Allen
 
Algorithms and Application Programming
Algorithms and Application ProgrammingAlgorithms and Application Programming
Algorithms and Application Programming
ahaleemsl
 

Similar to Ijsrp p8748 (20)

A REPORT On DETECTION OF PHISHING WEBSITE USING MACHINE LEARNING
A REPORT On DETECTION OF PHISHING WEBSITE USING MACHINE LEARNINGA REPORT On DETECTION OF PHISHING WEBSITE USING MACHINE LEARNING
A REPORT On DETECTION OF PHISHING WEBSITE USING MACHINE LEARNING
 
Az4301280282
Az4301280282Az4301280282
Az4301280282
 
NEURAL NETWORK BOT
NEURAL NETWORK BOTNEURAL NETWORK BOT
NEURAL NETWORK BOT
 
F21SC Industrial Programming CW2 Data Analytics (35) 20192.docx
F21SC Industrial Programming CW2 Data Analytics (35) 20192.docxF21SC Industrial Programming CW2 Data Analytics (35) 20192.docx
F21SC Industrial Programming CW2 Data Analytics (35) 20192.docx
 
History Of C Essay
History Of C EssayHistory Of C Essay
History Of C Essay
 
School updated
School updatedSchool updated
School updated
 
Advanced Virtual Assistant Based on Speech Processing Oriented Technology on ...
Advanced Virtual Assistant Based on Speech Processing Oriented Technology on ...Advanced Virtual Assistant Based on Speech Processing Oriented Technology on ...
Advanced Virtual Assistant Based on Speech Processing Oriented Technology on ...
 
Introduction to python
Introduction to pythonIntroduction to python
Introduction to python
 
What makes python 3.11 special
What makes python 3.11 special What makes python 3.11 special
What makes python 3.11 special
 
Grade 11-Q1_W3-PECS_AQS.pdf
Grade 11-Q1_W3-PECS_AQS.pdfGrade 11-Q1_W3-PECS_AQS.pdf
Grade 11-Q1_W3-PECS_AQS.pdf
 
IRJET - Pseudocode to Python Translation using Machine Learning
IRJET - Pseudocode to Python Translation using Machine LearningIRJET - Pseudocode to Python Translation using Machine Learning
IRJET - Pseudocode to Python Translation using Machine Learning
 
Recent Trends in Translation of Programming Languages using NLP Approaches
Recent Trends in Translation of Programming Languages using NLP ApproachesRecent Trends in Translation of Programming Languages using NLP Approaches
Recent Trends in Translation of Programming Languages using NLP Approaches
 
Ethnograph 11 Jul07
Ethnograph 11 Jul07Ethnograph 11 Jul07
Ethnograph 11 Jul07
 
IRJET- Voice to Code Editor using Speech Recognition
IRJET- Voice to Code Editor using Speech RecognitionIRJET- Voice to Code Editor using Speech Recognition
IRJET- Voice to Code Editor using Speech Recognition
 
Utilizing the natural langauage toolkit for keyword research
Utilizing the natural langauage toolkit for keyword researchUtilizing the natural langauage toolkit for keyword research
Utilizing the natural langauage toolkit for keyword research
 
nullcon 2011 - Fuzzing with Complexities
nullcon 2011 - Fuzzing with Complexitiesnullcon 2011 - Fuzzing with Complexities
nullcon 2011 - Fuzzing with Complexities
 
OOP ppt.pdf
OOP ppt.pdfOOP ppt.pdf
OOP ppt.pdf
 
The Concept Of Abstract Data Types
The Concept Of Abstract Data TypesThe Concept Of Abstract Data Types
The Concept Of Abstract Data Types
 
Algorithms and Application Programming
Algorithms and Application ProgrammingAlgorithms and Application Programming
Algorithms and Application Programming
 
Why Python in required in Civil Engineering
Why Python in required in Civil EngineeringWhy Python in required in Civil Engineering
Why Python in required in Civil Engineering
 

Recently uploaded

What Goes Wrong with Language Definitions and How to Improve the Situation
What Goes Wrong with Language Definitions and How to Improve the SituationWhat Goes Wrong with Language Definitions and How to Improve the Situation
What Goes Wrong with Language Definitions and How to Improve the Situation
Juha-Pekka Tolvanen
 
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...
Bert Jan Schrijver
 
Architecture decision records - How not to get lost in the past
Architecture decision records - How not to get lost in the pastArchitecture decision records - How not to get lost in the past
Architecture decision records - How not to get lost in the past
Papp KrisztiĂĄn
 
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
masabamasaba
 

Recently uploaded (20)

AzureNativeQumulo_HPC_Cloud_Native_Benchmarks.pdf
AzureNativeQumulo_HPC_Cloud_Native_Benchmarks.pdfAzureNativeQumulo_HPC_Cloud_Native_Benchmarks.pdf
AzureNativeQumulo_HPC_Cloud_Native_Benchmarks.pdf
 
WSO2Con2024 - Software Delivery in Hybrid Environments
WSO2Con2024 - Software Delivery in Hybrid EnvironmentsWSO2Con2024 - Software Delivery in Hybrid Environments
WSO2Con2024 - Software Delivery in Hybrid Environments
 
WSO2CON 2024 - Does Open Source Still Matter?
WSO2CON 2024 - Does Open Source Still Matter?WSO2CON 2024 - Does Open Source Still Matter?
WSO2CON 2024 - Does Open Source Still Matter?
 
WSO2CON 2024 - How CSI Piemonte Is Apifying the Public Administration
WSO2CON 2024 - How CSI Piemonte Is Apifying the Public AdministrationWSO2CON 2024 - How CSI Piemonte Is Apifying the Public Administration
WSO2CON 2024 - How CSI Piemonte Is Apifying the Public Administration
 
What Goes Wrong with Language Definitions and How to Improve the Situation
What Goes Wrong with Language Definitions and How to Improve the SituationWhat Goes Wrong with Language Definitions and How to Improve the Situation
What Goes Wrong with Language Definitions and How to Improve the Situation
 
WSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open Source
WSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open SourceWSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open Source
WSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open Source
 
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...
 
WSO2Con2024 - Unleashing the Financial Potential of 13 Million People
WSO2Con2024 - Unleashing the Financial Potential of 13 Million PeopleWSO2Con2024 - Unleashing the Financial Potential of 13 Million People
WSO2Con2024 - Unleashing the Financial Potential of 13 Million People
 
WSO2CON 2024 - Designing Event-Driven Enterprises: Stories of Transformation
WSO2CON 2024 - Designing Event-Driven Enterprises: Stories of TransformationWSO2CON 2024 - Designing Event-Driven Enterprises: Stories of Transformation
WSO2CON 2024 - Designing Event-Driven Enterprises: Stories of Transformation
 
WSO2CON 2024 - Unlocking the Identity: Embracing CIAM 2.0 for a Competitive A...
WSO2CON 2024 - Unlocking the Identity: Embracing CIAM 2.0 for a Competitive A...WSO2CON 2024 - Unlocking the Identity: Embracing CIAM 2.0 for a Competitive A...
WSO2CON 2024 - Unlocking the Identity: Embracing CIAM 2.0 for a Competitive A...
 
WSO2CON 2024 - How to Run a Security Program
WSO2CON 2024 - How to Run a Security ProgramWSO2CON 2024 - How to Run a Security Program
WSO2CON 2024 - How to Run a Security Program
 
WSO2Con2024 - GitOps in Action: Navigating Application Deployment in the Plat...
WSO2Con2024 - GitOps in Action: Navigating Application Deployment in the Plat...WSO2Con2024 - GitOps in Action: Navigating Application Deployment in the Plat...
WSO2Con2024 - GitOps in Action: Navigating Application Deployment in the Plat...
 
WSO2CON 2024 Slides - Unlocking Value with AI
WSO2CON 2024 Slides - Unlocking Value with AIWSO2CON 2024 Slides - Unlocking Value with AI
WSO2CON 2024 Slides - Unlocking Value with AI
 
WSO2Con2024 - Enabling Transactional System's Exponential Growth With Simplicity
WSO2Con2024 - Enabling Transactional System's Exponential Growth With SimplicityWSO2Con2024 - Enabling Transactional System's Exponential Growth With Simplicity
WSO2Con2024 - Enabling Transactional System's Exponential Growth With Simplicity
 
WSO2CON 2024 - Building the API First Enterprise – Running an API Program, fr...
WSO2CON 2024 - Building the API First Enterprise – Running an API Program, fr...WSO2CON 2024 - Building the API First Enterprise – Running an API Program, fr...
WSO2CON 2024 - Building the API First Enterprise – Running an API Program, fr...
 
WSO2CON 2024 - How CSI Piemonte Is Apifying the Public Administration
WSO2CON 2024 - How CSI Piemonte Is Apifying the Public AdministrationWSO2CON 2024 - How CSI Piemonte Is Apifying the Public Administration
WSO2CON 2024 - How CSI Piemonte Is Apifying the Public Administration
 
Architecture decision records - How not to get lost in the past
Architecture decision records - How not to get lost in the pastArchitecture decision records - How not to get lost in the past
Architecture decision records - How not to get lost in the past
 
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
 
WSO2CON 2024 Slides - Open Source to SaaS
WSO2CON 2024 Slides - Open Source to SaaSWSO2CON 2024 Slides - Open Source to SaaS
WSO2CON 2024 Slides - Open Source to SaaS
 
WSO2Con2024 - Low-Code Integration Tooling
WSO2Con2024 - Low-Code Integration ToolingWSO2Con2024 - Low-Code Integration Tooling
WSO2Con2024 - Low-Code Integration Tooling
 

Ijsrp p8748

  • 1. International Journal of Scientific and Research Publications, Volume 9, Issue 3, March 2019 306 ISSN 2250-3153 http://dx.doi.org/10.29322/IJSRP.9.03.2019.p8748 www.ijsrp.org Ayo Tool An Advanced Password Cracking Technique If Dictionary and Brute Force Attacks Have Failed Alin Boncioaga | orcid.org/0000-0002-8871-6235 Bucharest | Romania | 2019 alin.boncioaga@gmail.com Code on Github : https://goo.gl/d2GgSY DOI: 10.29322/IJSRP.9.03.2019.p8748 http://dx.doi.org/10.29322/IJSRP.9.03.2019.p8748 Abstract Ayo is a POC tool that’s designed to make password cracking techniques easier. It should only be used if the following strategies have failed: ● dictionary attack (including rainbow tables). ● brute force attack (including masks). ● password profiling (including Cewl, Wyd, and Cupp). Ayo is a powerful password generation tool that is capable of learning any word order derived from PDF books. Basically, it can process PDF books in a matter of minutes if not seconds and will learn the normal flow of words in a sentence to generate language-specific possibilities. Masks help to generate custom passwords with special characters and/or numbers. Keywords Password profiling, big data password profiling. 1. Introduction For the purpose of illustration, a real-world pen test scenario is used. A contract has been awarded for pen testing a Spanish legal firm. However, due to the rules of engagement, social engineering and other techniques cannot be considered. The team has access to the company’s premises and has managed to extract some WPA hashes with a simple airodump–ng scan. However, after several attempts, the team is not able to crack any other hashes using the most commonly available methods, such as dictionary attack, brute force attack, Cewl, Wyd and Cupp. Using the keywords “Spanish company” and “company in the legal sector,” domain-specific passwords are generated in the target language using Ayo. A number of legal PDF books written in the Spanish language are fed to the tool for this case. Initially, this generates a number of questions: ● Is this feasible? ● Would the result crack any actual hashes? ● Would this generate an overwhelming number of passwords? 2. Data Structures Once the PDF books have been processed, the word order is retained in a tool-specific data structure. This resembles a neural network-like web. 2.1 Example The word “blue” is used in this example. In a typical English sentence, this would be followed by a word such as sky, car, or eyes and not by words such as cow or dog. Learn Mode will store all the words in the following structure: Dictionary<string, Dictionary<string, int>> Each example will list the words that have occurred after it, plus the number of occurrences. This structure will be written by Learn Mode in JSON format and placed in a separate file. 2.2 Scalability This is a Dictionary within Dictionary software design
  • 2. International Journal of Scientific and Research Publications, Volume 9, Issue 3, March 2019 307 ISSN 2250-3153 http://dx.doi.org/10.29322/IJSRP.9.03.2019.p8748 www.ijsrp.org Search Operation O(1). However, there are two main issues related to memory object size and output file size, and further development is needed to improve scalability. 3. Usage Ayo will run in three distinct modes. They are designed to be run in sequence as the output of each mode becomes the input for the following one. While any tool in the marketplace can be used for the third functionality mode, Learn Mode and Generate Mode specifically introduce new ideas to the field of academic cryptography. 3.1 Learn Mode The objective is to learn the sequence of words from PDF books in order to generate smart possible passwords. The output of this mode is a JSON extension file that holds the word structure. The data is stored in such a way that it generates constant complexity (O(1)) within the search operation. The full command examples provided in the help menu have been tested and found to be 100% functional. However, due to time restrictions and modest financial resources, there remain many untested workflows and possible bugs within the current POC implementation. 3.1.1 Clean Operation - - clean 30 eliminates 30% of the words with the least connections. The clean operation O(n*n) is only performed once and is therefore negligible. 3.1.2 Example Ayo.exe – learn – path % path_to_folder % -- write % path_to_folder% --clean 30 3.2 Generate Mode This generates a password based on the JSON extension file created during the previous step and a mask. that’s been chosen for its speed within 3.2.1 Mask Options x – word. c – capitalise the first letter of next word. C – capitalise all letters of the next word. n – numbers. s – special character. 3.2.2 Example example: ayo.exe --generate --json % path_to_json% -- write %path_to_txt_file% -wnsw --nr 10000 4. User Interface Ayo generates a simple Windows CLI. For example, ayo -- help will generate the following: Figure 1 5. Results It’s important to remember that this is a simple tool using clean and basic code. The main benefits of Ayo can be found in what it brings to the password profiling niche. 5.1 Adjustable Parameters To obtain the best results, it’s important to focus on two parameters in detail – “ --clean” from Learn Mode and “ -- nr” from Generate Mode.
  • 3. International Journal of Scientific and Research Publications, Volume 9, Issue 3, March 2019 308 ISSN 2250-3153 http://dx.doi.org/10.29322/IJSRP.9.03.2019.p8748 www.ijsrp.org “ --nr” refers to the number of passwords required. “ --clean” will erase the words with the least connections to leave only those that have been encountered most often in linguistic situations using the chosen domain/language/PDF Book. 5.2 Big Data Password Profiling Typically, password profiling tools generate a string based on a word combination, such as dog name, date of birth, mother’s maiden name, friend’s name, favourite sport, and so on. This tool allows the password profiling niche to work with large datasets. It will always generate consistent results. Nearly all the generated strings are good candidates of being able to crack the hash. 5.3 Examples of Generate Mode The following CLI commands exclude “ --json” and “ -- write” arguments. 5.2.1 --generate -cwcw --nr 3 Result 1: EncodeArbitrary Result 2: RulesApply Result 3: ReusableProofs 5.2.1 --generate -cwncwncw --nr 3 Result 1: Added886To839Catch Result 2: Nearzero390By189Yonatan Result 3: Solutions668To580Spend 5.2.2 --generate -cwscwnCw --nr 3 Result 1: Use"Two37WAYS Result 2: Similar!To85ME Result 3: Sign%The781FORM 6. Limitations At the moment, the tool only supports the Learn Mode and Generate Mode apps. It is written in C# as a Windows tool and works in English only for WPA hashes. Ayo tool takes this a step further toward a big data password profiling environment. However, support for any language can be added to the modular architecture of the tool. This can be achieved by replacing language specific characters with ASCII ones. For example, replace 'Ăš' with 'u'. Note that Cracking Mode is not developed yet. The tool is a POC. While comprehensive tests have been performed, if more than 200 PDF books (with more than 500 pages each) are loaded, users may encounter bugs. 7. Future Plans Ayo has solid architecture and design patterns. Consequently, its tools can easily be maintained or extended. Future plans include: ● Learn Mode to process PDFs in multiple languages. ● Crack Mode to work with multiple hashing/encryption algorithms. ● Linux CLI./GUI ● Windows GUI 8. Artificial Intelligence in Password Profiling Ayo is a very flexible and powerful tool. As it simply relies upon PDF files for input, any number of subjects, areas of interest or languages can be introduced. With “clean operation,” many of the more unusual word combinations can be filtered out. While it would have been possible to add any number of additional or more complex features, simplicity was deemed to be critical and the tool's most important asset. Remember that the resulting JSON structure holds the sentence structure learned by the tool. From this point, knowledge gathered from the PDF books can be used to construct possible passwords. 9. Conclusion This tool successfully demonstrates that password cracking can extend beyond dictionary and brute force attacks. Even though tools like Cewl, Wyd and Cupp have proven that custom targeted password generation is very useful, the
  • 4. International Journal of Scientific and Research Publications, Volume 9, Issue 3, March 2019 309 ISSN 2250-3153 http://dx.doi.org/10.29322/IJSRP.9.03.2019.p8748 www.ijsrp.org About the Author : Alin Boncioaga is a passionate software developer from Romania, active in the cybersecurity space and has a few companies of his own. Open Source enthusiast. Acknowledgments : A warm ‘Thank You’ to Vlad Monescu and Ioana Cristina Plajer, Transilvania University Romania, for they passion for algorithms and teaching. References: [1] S.O.L.I.D: The First 5 Principles of Object Oriented Design by Robert Martin, 2000. [2] WHY PROGRAMS FAIL: A Guide to Systematic Debugging by Andreas Zeller, 2009. [3] Design Principles and Design Patterns by Robert Martin https://fi.ort.edu.uy/innovaportal/file/2032/1/design_principl es.pdf, 2000. [4] Handbook of Applied Cryptography (Discrete Mathematics and Its Applications) by Alfred J. Menezes, Paul C. van Oorschot and Scott A. Vanstone, 2001. [5] Aircrack-ng by Ronald Cohn Jesse Russell, 2012. [6] Mastering Kali Linux for Advanced Penetration Testing: Secure your network with Kali Linux - the ultimate white hat hackers' toolkit, 2nd Edition by Vijay Kumar Velu, 2017. [7] Wireshark Network Analysis: The Official Wireshark Certified Network Analyst Study Guide by Laura Chappell, 2010. [8] Seven Deadliest Wireless Technologies Attacks by Brad Haines, 2010.