VK
Uploaded byVlatko Kosturjak
ODP, PPTX10,128 views

Cryptography implementation weaknesses: based on true story

Vlatko Kosturjak discusses weaknesses found in a Cisco SHA256 password hash implementation. He describes how he was able to determine the hash was using an insecure custom charset and no salt or iterations. This allowed him to crack the hash using rainbow tables. He created tools to convert Cisco configuration files to the John the Ripper format and cracked multiple passwords. His recommendations include implementing stronger cryptography, avoiding password reuse, and working with security researchers to improve implementations.

Embed presentation

Download as ODP, PPTX
#fsec Cryptography implementation weaknesses based on true story Vlatko Kosturjak https://twitter.com/k0st BM-2D972vHJXV8nwaFG6vUfEmy5tFjrE97edN
Agenda ● True story – my perspective ● I got this hash... – What it is? – Is it vulnerable? – How I can crack it? ● Recommendations ● Summary ● Questions
Elephant in the room...
Let's start with the hashes! :) http://www.openwall.com/lists/john-dev/2013/03/15/10
Somewhere in the galaxy... http://www.openwall.com/lists/john-dev/2013/03/06/5
Let's look closer! Same hash for same password different user? ● Password reuse identification ● Password frequency ● Memory-time trade off vulnerability ● Rainbow tables ● Lookup ● Pot file ● Database ● On-line
Story goes on... http://www.openwall.com/lists/john-dev/2013/03/12/5
Finding what it is.. ● “...My only advise is to just pretend you found this hash and have no clue where it came from. Now try the first two things that you should do when you find a 43 character hash with uppercase and lowercase letters, numbers, dot, and forward slash. Hmm that might be too much info...” Sc00bz64 on john-dev ● Formats – Crypt – Hex – Base64 – ...
So, what it is? In short, please! ● BASE64 with custom charset – ./0123456789ABCDEFGHIJKLMNOPQRSTUVWXY Zabcdefghijklmnopqrstuvwxyz ● SHA256 ● No salt ● No iteration ● Length – 1-25 characters
Cisco SHA256 implementation ● First implementation in PHP – http://pastebin.com/1yCLwyVY ● First implementation in Perl – http://www.openwall.com/lists/john-dev/2013/03/16/12 – https://gist.github.com/kost/5177541 ● Time to crack! :) https://twitter.com/k0st/status/312988851138355201
First C implementation as new format type in john http://www.openwall.com/lists/john-dev/2013/03/16/7 https://github.com/kholia/JohnTheRipper/tree/cisco-type-4
Wait a minute? ● It is Base64 with custom iteration – Decode it! – And encode it correctly ● How john likes it ;) ● What that means? – No need for new john format – SHA256 exists already ● CPU ● GPU
Over? Not yet!
cisco2john.pl $ ./cisco2john.pl cisco.conf >cisco.in 2>cisco.seed $ cat cisco.in enable_secret_level_2:5e884898da28047151d0e56f8dc62 92773603d0d6aabbdd62a11ef721d1542d8 enable_secret:$1$4C5N$JCdhRhHmlH4kdmLz.vsyq0 $ ./john -wo:cisco.seed -rules cisco.in https://github.com/magnumripper/JohnTheRipper/blob/unstable-jumbo/run/cisco2john.pl
cisco2john.pl multiple configurations $ ls *conf 127.0.0.1-startup-config 127.0.0.1-running-config [..] 192.168.1.1-startup-config 192.168.1.1-running-config $ cat *.conf | ./cisco2john.pl >cisco.in 2>cisco.seed $ ./john -wo:cisco.seed -rules cisco.in https://github.com/magnumripper/JohnTheRipper/blob/unstable-jumbo/run/cisco2john.pl
Public advisory http://tools.cisco.com/security/center/content/CiscoSecurityResponse/cisco-sr-20130318-type4
Password types sorted by recommendations Password type Method 5 MD5 4 SHA256 (no salt) 7 Decode 0 Plaintext
Recommendations ● Implementators – Think about implementation of your crypto ● Even big guys missed it – Implement basic checks ● Users – Don't use type 4, use 5 – Don't use 7/0/4 in short ;) – Password reuse is problem – Don't mix same passwords with different password types
Summary ● Crypto implementations can be bad – Nothing new ● “Improving” crypto is two way direction ● Working together – Less time – more rock – There are smart people out there ● John-dev ● Nmap-dev ● Metasploit ● ...
Thanks for your time Questions? https://twitter.com/k0st BM-2D972vHJXV8nwaFG6vUfEmy5tFjrE97edN

More Related Content

PPT
my portfoliopresentation
byJoseReyes
 
DOCX
Perfiles
byDianaPaolaFrancoGavi
 
TXT
New text document
bysskchaitu
 
PDF
Roll your own web crawler. RubyDay 2013
byFrancesco Laurita
 
PDF
Linux Privilege Escalation with Lin Security.
byDeepanshu Gajbhiye
 
PDF
CODE BLUE 2014 : マイクロソフトの脆弱性調査 : ベンダーでありながら発見者となるために by デイヴィッド・シードマン David Se...
byCODE BLUE
 
PDF
CODE BLUE 2014 : BadXNU、イケてないリンゴ! by ペドロ・ベラサ PEDRO VILAÇA
byCODE BLUE
 
PPTX
JS in Space
byRyan Kotzen
 
my portfoliopresentation
byJoseReyes
 
Perfiles
byDianaPaolaFrancoGavi
 
New text document
bysskchaitu
 
Roll your own web crawler. RubyDay 2013
byFrancesco Laurita
 
Linux Privilege Escalation with Lin Security.
byDeepanshu Gajbhiye
 
CODE BLUE 2014 : マイクロソフトの脆弱性調査 : ベンダーでありながら発見者となるために by デイヴィッド・シードマン David Se...
byCODE BLUE
 
CODE BLUE 2014 : BadXNU、イケてないリンゴ! by ペドロ・ベラサ PEDRO VILAÇA
byCODE BLUE
 
JS in Space
byRyan Kotzen
 

What's hot

PDF
iOS Zagreb Meetup #02 -
byInfinum
 
PDF
Stephen Ridley - Greyhat Ruby
bySource Conference
 
PPTX
Cocina conxamarin
byJosé Manuel Montero Ortega
 
DOCX
Office doc (10)
byly2wf
 
PDF
File hosting search engines
byUmar Ali
 
DOCX
Link download
byNadzirah Md Rashid
 
PDF
Palestra "Do PHP ao Rails"
byAlmir Mendes
 
iOS Zagreb Meetup #02 -
byInfinum
 
Stephen Ridley - Greyhat Ruby
bySource Conference
 
Cocina conxamarin
byJosé Manuel Montero Ortega
 
Office doc (10)
byly2wf
 
File hosting search engines
byUmar Ali
 
Link download
byNadzirah Md Rashid
 
Palestra "Do PHP ao Rails"
byAlmir Mendes
 

Similar to Cryptography implementation weaknesses: based on true story

PDF
Cryto Party at CCU
byJose L. Quiñones-Borrero
 
PPT
[ENG] IPv6 shipworm + My little Windows domain pwnie
byZoltan Balazs
 
PPTX
Blockchain Fundamentals
byBruno Lowagie
 
PPTX
Linux securities
byGaurav Mishra
 
PPTX
Hacs workshop
byAmrita University
 
PPTX
04 - I love my OS, he protects me (sometimes, in specific circumstances)
byAlexandre Moneger
 
PDF
Filip palian mateuszkocielski. simplest ownage human observed… routers
byYury Chemerkin
 
PDF
Simplest-Ownage-Human-Observed… - Routers
byLogicaltrust pl
 
ODP
Introduction To Encryption in Lasso 8.5
bybilcorry
 
PDF
Cryptography (under)engineering
byslicklash
 
PPTX
Django cryptography
byErik LaBianca
 
PPTX
Introduction to Cryptography & PGP
byRayed Alrashed
 
PDF
A CTF Hackers Toolbox
byStefan
 
PPT
SSH.ppt
byPandiya Rajan
 
PDF
Cryptography Attacks and Applications
byUTD Computer Security Group
 
ODP
The Good News on Cryptography
byMartijn Grooten
 
PDF
HackIM 2012 CTF Walkthrough
byHimanshu Kumar Das
 
PPSX
Bleeding secrets
byOfer Rivlin, CISSP
 
PDF
Crypto Strikes Back! (Google 2009)
byNate Lawson
 
PDF
blobargasa hahahaha foooolz gold xd lol bla
byde43ed186b
 
Cryto Party at CCU
byJose L. Quiñones-Borrero
 
[ENG] IPv6 shipworm + My little Windows domain pwnie
byZoltan Balazs
 
Blockchain Fundamentals
byBruno Lowagie
 
Linux securities
byGaurav Mishra
 
Hacs workshop
byAmrita University
 
04 - I love my OS, he protects me (sometimes, in specific circumstances)
byAlexandre Moneger
 
Filip palian mateuszkocielski. simplest ownage human observed… routers
byYury Chemerkin
 
Simplest-Ownage-Human-Observed… - Routers
byLogicaltrust pl
 
Introduction To Encryption in Lasso 8.5
bybilcorry
 
Cryptography (under)engineering
byslicklash
 
Django cryptography
byErik LaBianca
 
Introduction to Cryptography & PGP
byRayed Alrashed
 
A CTF Hackers Toolbox
byStefan
 
SSH.ppt
byPandiya Rajan
 
Cryptography Attacks and Applications
byUTD Computer Security Group
 
The Good News on Cryptography
byMartijn Grooten
 
HackIM 2012 CTF Walkthrough
byHimanshu Kumar Das
 
Bleeding secrets
byOfer Rivlin, CISSP
 
Crypto Strikes Back! (Google 2009)
byNate Lawson
 
blobargasa hahahaha foooolz gold xd lol bla
byde43ed186b
 

More from Vlatko Kosturjak

PPTX
Linux Improvements in Memory Corruption Based Protections
byVlatko Kosturjak
 
PDF
Porting your favourite cmdline tool to Android
byVlatko Kosturjak
 
ODP
Getting access to Lantronix devices: exploring treasures of 77FEh at Confiden...
byVlatko Kosturjak
 
ODP
Wonderful world of (distributed) SCM or VCS
byVlatko Kosturjak
 
ODP
Ripping web accessible .git files
byVlatko Kosturjak
 
ODP
Perl Usage In Security and Penetration testing
byVlatko Kosturjak
 
Linux Improvements in Memory Corruption Based Protections
byVlatko Kosturjak
 
Porting your favourite cmdline tool to Android
byVlatko Kosturjak
 
Getting access to Lantronix devices: exploring treasures of 77FEh at Confiden...
byVlatko Kosturjak
 
Wonderful world of (distributed) SCM or VCS
byVlatko Kosturjak
 
Ripping web accessible .git files
byVlatko Kosturjak
 
Perl Usage In Security and Penetration testing
byVlatko Kosturjak
 

Recently uploaded

PDF
February 2026 Patch Tuesday hosted by Chris Goettl and Todd Schell
byIvanti
 
PDF
Escape from the Forbidden Zone: Smuggling green and inclusive tech past the g...
byBookNet Canada
 
PPTX
Celonis Optimizing your future with process
bydevjeremyappleyard
 
PPTX
CTO Strategy OS 2026: The Tech, AI & Cloud Playbook Boards Want
byridwansassman
 
PPTX
Microsoft Azure News - February 2026 - BAUG
byDaniel Toomey
 
PDF
final.pdf
byomarbishtawi04
 
PDF
Explaining the flow of purpose-specific BOM
byakipii ogaoga
 
PDF
Chapter 5 Security Mechanisms iin computer security.pdf
byGetnet Tigabie Askale -(GM)
 
PDF
apidays Paris 2025 | Zero Trust By Design
byapidays
 
PDF
Explaining specific examples of purpose-specific BOM
byakipii ogaoga
 
PPTX
The Transformative Technology in Contemporary Businesses
bygreyaudrina
 
PDF
Automated Governance for FME Flow: Smarter Admin at Scale
bySafe Software
 
PDF
Odoo Implementation Checklist: A Strategic ERP Blueprint for Business-Ready D...
byBANIBRO IT SOLUTION
 
PDF
How does MES(Manufacturing Execution System) work?
byakipii ogaoga
 
PDF
From Hallucinations to High-Confidence AI with Data Enrichment.pdf
byPrecisely
 
PDF
Effortless Distributed Systems with Aspire.pdf
byParticular Software
 
PPTX
GenerationAI Paris 2025 | AI in Tech: Beyond Expectations, Into Execution
byapidays
 
PPTX
Introducing VisualSim 2610 The Next Leap in System Level Modeling
byDeepak Shankar
 
PDF
GDG Cloud Southlake #49: Pradeep R Kumar: Implications of Agentic AI for Iden...
byJames Anderson
 
PDF
shayk.online - Anonymous chat with Sinatra and WebSockets
byEleanor McHugh
 
February 2026 Patch Tuesday hosted by Chris Goettl and Todd Schell
byIvanti
 
Escape from the Forbidden Zone: Smuggling green and inclusive tech past the g...
byBookNet Canada
 
Celonis Optimizing your future with process
bydevjeremyappleyard
 
CTO Strategy OS 2026: The Tech, AI & Cloud Playbook Boards Want
byridwansassman
 
Microsoft Azure News - February 2026 - BAUG
byDaniel Toomey
 
final.pdf
byomarbishtawi04
 
Explaining the flow of purpose-specific BOM
byakipii ogaoga
 
Chapter 5 Security Mechanisms iin computer security.pdf
byGetnet Tigabie Askale -(GM)
 
apidays Paris 2025 | Zero Trust By Design
byapidays
 
Explaining specific examples of purpose-specific BOM
byakipii ogaoga
 
The Transformative Technology in Contemporary Businesses
bygreyaudrina
 
Automated Governance for FME Flow: Smarter Admin at Scale
bySafe Software
 
Odoo Implementation Checklist: A Strategic ERP Blueprint for Business-Ready D...
byBANIBRO IT SOLUTION
 
How does MES(Manufacturing Execution System) work?
byakipii ogaoga
 
From Hallucinations to High-Confidence AI with Data Enrichment.pdf
byPrecisely
 
Effortless Distributed Systems with Aspire.pdf
byParticular Software
 
GenerationAI Paris 2025 | AI in Tech: Beyond Expectations, Into Execution
byapidays
 
Introducing VisualSim 2610 The Next Leap in System Level Modeling
byDeepak Shankar
 
GDG Cloud Southlake #49: Pradeep R Kumar: Implications of Agentic AI for Iden...
byJames Anderson
 
shayk.online - Anonymous chat with Sinatra and WebSockets
byEleanor McHugh
 

Cryptography implementation weaknesses: based on true story

  • 1.
    #fsec Cryptography implementation weaknesses basedon true story Vlatko Kosturjak https://twitter.com/k0st BM-2D972vHJXV8nwaFG6vUfEmy5tFjrE97edN
  • 2.
    Agenda ● True story– my perspective ● I got this hash... – What it is? – Is it vulnerable? – How I can crack it? ● Recommendations ● Summary ● Questions
  • 3.
  • 4.
    Let's start withthe hashes! :) http://www.openwall.com/lists/john-dev/2013/03/15/10
  • 5.
    Somewhere in thegalaxy... http://www.openwall.com/lists/john-dev/2013/03/06/5
  • 6.
    Let's look closer! Samehash for same password different user? ● Password reuse identification ● Password frequency ● Memory-time trade off vulnerability ● Rainbow tables ● Lookup ● Pot file ● Database ● On-line
  • 7.
  • 8.
    Finding what itis.. ● “...My only advise is to just pretend you found this hash and have no clue where it came from. Now try the first two things that you should do when you find a 43 character hash with uppercase and lowercase letters, numbers, dot, and forward slash. Hmm that might be too much info...” Sc00bz64 on john-dev ● Formats – Crypt – Hex – Base64 – ...
  • 9.
    So, what itis? In short, please! ● BASE64 with custom charset – ./0123456789ABCDEFGHIJKLMNOPQRSTUVWXY Zabcdefghijklmnopqrstuvwxyz ● SHA256 ● No salt ● No iteration ● Length – 1-25 characters
  • 10.
    Cisco SHA256 implementation ●First implementation in PHP – http://pastebin.com/1yCLwyVY ● First implementation in Perl – http://www.openwall.com/lists/john-dev/2013/03/16/12 – https://gist.github.com/kost/5177541 ● Time to crack! :) https://twitter.com/k0st/status/312988851138355201
  • 11.
    First C implementationas new format type in john http://www.openwall.com/lists/john-dev/2013/03/16/7 https://github.com/kholia/JohnTheRipper/tree/cisco-type-4
  • 12.
    Wait a minute? ●It is Base64 with custom iteration – Decode it! – And encode it correctly ● How john likes it ;) ● What that means? – No need for new john format – SHA256 exists already ● CPU ● GPU
  • 13.
  • 14.
    cisco2john.pl $ ./cisco2john.pl cisco.conf>cisco.in 2>cisco.seed $ cat cisco.in enable_secret_level_2:5e884898da28047151d0e56f8dc62 92773603d0d6aabbdd62a11ef721d1542d8 enable_secret:$1$4C5N$JCdhRhHmlH4kdmLz.vsyq0 $ ./john -wo:cisco.seed -rules cisco.in https://github.com/magnumripper/JohnTheRipper/blob/unstable-jumbo/run/cisco2john.pl
  • 15.
    cisco2john.pl multiple configurations $ ls*conf 127.0.0.1-startup-config 127.0.0.1-running-config [..] 192.168.1.1-startup-config 192.168.1.1-running-config $ cat *.conf | ./cisco2john.pl >cisco.in 2>cisco.seed $ ./john -wo:cisco.seed -rules cisco.in https://github.com/magnumripper/JohnTheRipper/blob/unstable-jumbo/run/cisco2john.pl
  • 16.
  • 17.
    Password types sorted byrecommendations Password type Method 5 MD5 4 SHA256 (no salt) 7 Decode 0 Plaintext
  • 18.
    Recommendations ● Implementators – Thinkabout implementation of your crypto ● Even big guys missed it – Implement basic checks ● Users – Don't use type 4, use 5 – Don't use 7/0/4 in short ;) – Password reuse is problem – Don't mix same passwords with different password types
  • 19.
    Summary ● Crypto implementationscan be bad – Nothing new ● “Improving” crypto is two way direction ● Working together – Less time – more rock – There are smart people out there ● John-dev ● Nmap-dev ● Metasploit ● ...
  • 20.
    Thanks for yourtime Questions? https://twitter.com/k0st BM-2D972vHJXV8nwaFG6vUfEmy5tFjrE97edN