SlideShare a Scribd company logo

How-to crack 43kk passwords while drinking your juice/smoozie in the Hood

Download as PPTX, PDF
Y
Yurii Bilyk

Analysis of leaked LinkedIn dumps, methods of cracking passwords, what hardware do you need and how long it could take, some interesting statistics

Technology
1 of 42
Yurii Bilyk | 2016 How-to crack 43kk passwords while drinking your in the Hood
WHO AM I 26 vs 27.5 vs 29
TEAM  WE are Security Group  WE are ALL Engineers (Almost;)  WE are OWASP Lviv Chapter  WE are Legio… oops blog: http://owasp-lviv.blogspot.com skype: y.bilyk
o But WHY??!! o Our CRACKING RIG o Different obvious methods o Not so obvious methods o Some interesting statistics Agenda
Tell Me WHY!? what’s wrong with you?
The Reason Just for FUN Good example of Open Source Intelligence You can really test your skills in password cracking
Some Info LinkedIn DB contains 250 758 057 e-mails Only 61 829 208 contains unique hashes File size of all unique hashes is 2.5 GB
Our CRACKING RIG because we can
P - Podgotovka LinkedIn DB contains unsalted SHA-1 hashes GPU should be best option for such type of hashes Best tool for this case is HashCat
GTX 1080 SHA-1 Benchmark 8xGPU SHA-1 crack speed: 68 771.0 MH/s 8xCHARS password Z!sN0/7u: 95 symbols length alphabet 6.70 X 1015 search space 1 days 3 hours 4 minutes 54 seconds to brute ALL combinations
Question of Money 738x8 = 5904 $$$
Amazon K80 SHA-1 Benchmark 36xGPU SHA-1 crack speed: 75 200.0 MH/s 8xCHARS password Z!sN0/7u: 95 symbols length alphabet 6.70 X 1015 search space 1 days 45 minutes 59 seconds to brute ALL combinations
So You’ve said Amazon? (14.4+14.4+7.2)x25 = 900 $$$
Rainbow Alternatives 1000 $$$
RainBow Seek SHA-1 Benchmark SHA-1 crack speed: 3 880 000.0 MH/s for 1 hash 784 000.0 MH/s for 10 hashes 8xCHARS password Z!sN0/7u: 95 symbols length alphabet 6.70 X 1015 search space 28 minutes <-> 2 hours 22 minutes to brute ALL combinations
Return to Reality Intel Core i5-3570 @ 3.4Ghz SHA-1 crack speed: ~120.0 MH/s NVIDIA 750GT (Mobile): SHA-1 crack speed: ~120.0 MH/s
1xi5-3570 SHA-1 Benchmark SHA-1 crack speed: 120.0 MH/s 8xCHARS password Z!sN0/7u: 95 symbols length alphabet 6.70 X 1015 search space 1 years 281 days 10 hours 30 minutes 48 seconds to brute ALL combinations
Some OBVIOUS STEPS let’s play
Where to Start? We used dictionary attack as the first attempt You need good dictionary. We started with rockyou.txt You need memory for your hashes. It could be problem for GPU
So First Try Cracked around 20% of all hashes (with rockyou.txt dictionary) It took around 5 mins  And now you have to think what to do next 
We need moar dictionaries! RockYou contains 14 344 391 words We tried different dictionaries. The biggest was 1 212 356 398 words and 15 GB in size All this gives us approx 35% of all hashes
Let’s brute it! We selected up to 6 char passwords with full set of characters It took around 2 hours All this gives us approx 45% of all hashes
Magic of STATISTICS new is well-forgotten old
What we can do get moar? HashCat has rules of transformation It mutates original word Quality of your dictionary is essential. Size doesn’t rly matters Using rules is more time consuming than just dictionary attack
What rules are effective? We used best64, InsidePro- PasswordsPro and d3ad0ne rules It was very effective in terms of number of hashes All this gives us approx 60% of all hashes
Time to go smarter way We have 36 millions of cracked passwords We can analyze cracked password to determine patters This patterns can produce more efficient bruteforce masks
Meet PACK Tool http://thesprawl.org/projects/pack/
PACK Tool Features Can analyze list of password and generate bruteforce mask You can specify password length, time, complexity constrains Gives you some idea what type of passwords are popular
Is PACK effective? It can crack similar passwords according that you already have You can flexibly choose best masks regarding constrains All this gives us approx 65% of all hashes
Other types of attacks PRINCE attack, somehow similar to the using PACK tool + mutation Combination of TWO and more dictionaries Hybrid attack, that uses dictionaries + rules + bruteforce masks
Some CHARTS It’s easy
Length of password (Our)
Length of password (Korelogic)
Character-set of password (Our)
Most Popular Passwords (Korelogic)
Mails (Korelogic)
Base Words (Korelogic)
Thank YOU!

Recommended

The Cryptography has YOU
The Cryptography has YOUThe Cryptography has YOU
The Cryptography has YOU
Yurii Bilyk
 
SSL/POODLE: History repeats itself
SSL/POODLE: History repeats itselfSSL/POODLE: History repeats itself
SSL/POODLE: History repeats itself
Yurii Bilyk
 
Collision vulnerability for hash data structures in web platforms
Collision vulnerability for hash data structures in web platformsCollision vulnerability for hash data structures in web platforms
Collision vulnerability for hash data structures in web platforms
Berescu Ionut
 
Message Authentication using Message Digests and the MD5 Algorithm
Message Authentication using Message Digests and the MD5 AlgorithmMessage Authentication using Message Digests and the MD5 Algorithm
Message Authentication using Message Digests and the MD5 Algorithm
Ajay Karri
 
Message authentication with md5
Message authentication with md5Message authentication with md5
Message authentication with md5
志璿 楊
 
Hash Techniques in Cryptography
Hash Techniques in CryptographyHash Techniques in Cryptography
Hash Techniques in Cryptography
Basudev Saha
 
Password Security
Password SecurityPassword Security
Password Security
Alex Hyer
 
Hash crypto
Hash cryptoHash crypto
Hash crypto
Harry Potter
 

Recommended

The Cryptography has YOU
The Cryptography has YOUThe Cryptography has YOU
The Cryptography has YOU
Yurii Bilyk
 
SSL/POODLE: History repeats itself
SSL/POODLE: History repeats itselfSSL/POODLE: History repeats itself
SSL/POODLE: History repeats itself
Yurii Bilyk
 
Collision vulnerability for hash data structures in web platforms
Collision vulnerability for hash data structures in web platformsCollision vulnerability for hash data structures in web platforms
Collision vulnerability for hash data structures in web platforms
Berescu Ionut
 
Message Authentication using Message Digests and the MD5 Algorithm
Message Authentication using Message Digests and the MD5 AlgorithmMessage Authentication using Message Digests and the MD5 Algorithm
Message Authentication using Message Digests and the MD5 Algorithm
Ajay Karri
 
Message authentication with md5
Message authentication with md5Message authentication with md5
Message authentication with md5
志璿 楊
 
Hash Techniques in Cryptography
Hash Techniques in CryptographyHash Techniques in Cryptography
Hash Techniques in Cryptography
Basudev Saha
 
Password Security
Password SecurityPassword Security
Password Security
Alex Hyer
 
Hash crypto
Hash cryptoHash crypto
Hash crypto
Harry Potter
 
MD5
MD5MD5
MD5
rokham khawaja
 
Hash Function & Analysis
Hash Function & AnalysisHash Function & Analysis
Hash Function & Analysis
Pawandeep Kaur
 
Stripe CTF3 wrap-up
Stripe CTF3 wrap-upStripe CTF3 wrap-up
Stripe CTF3 wrap-up
Stripe
 
6.hash mac
6.hash mac6.hash mac
6.hash mac
Virendrakumar Dhotre
 
Academy PRO: Cryptography 3
Academy PRO: Cryptography 3Academy PRO: Cryptography 3
Academy PRO: Cryptography 3
Binary Studio
 
MD5Algorithm
MD5AlgorithmMD5Algorithm
MD5Algorithm
Mirza Tarannum
 
Cryptography - Simplified - Hash Functions
Cryptography - Simplified - Hash FunctionsCryptography - Simplified - Hash Functions
Cryptography - Simplified - Hash Functions
Abdul Manaf Vellakodath
 
IPv6 for Pentester
IPv6 for PentesterIPv6 for Pentester
IPv6 for Pentester
Amish Patadiya
 
MD-5 : Algorithm
MD-5 : AlgorithmMD-5 : Algorithm
MD-5 : Algorithm
Sahil Kureel
 
Password Security
Password SecurityPassword Security
Password Security
CSCJournals
 
Cryptographic Hashing Functions
Cryptographic Hashing FunctionsCryptographic Hashing Functions
Cryptographic Hashing Functions
Yusuf Uzun
 
Hash function
Hash functionHash function
Hash function
Harry Potter
 
Strong cryptography in PHP
Strong cryptography in PHPStrong cryptography in PHP
Strong cryptography in PHP
Enrico Zimuel
 
Cryptography For The Average Developer - Sunshine PHP
Cryptography For The Average Developer - Sunshine PHPCryptography For The Average Developer - Sunshine PHP
Cryptography For The Average Developer - Sunshine PHP
Anthony Ferrara
 
Cryptography in PHP: use cases
Cryptography in PHP: use casesCryptography in PHP: use cases
Cryptography in PHP: use cases
Enrico Zimuel
 
Secure password - CYBER SECURITY
Secure password - CYBER SECURITYSecure password - CYBER SECURITY
Secure password - CYBER SECURITY
SupanShah2
 
Hash Function
Hash FunctionHash Function
Hash Function
Siddharth Srivastava
 
Information and data security cryptographic hash functions
Information and data security cryptographic hash functionsInformation and data security cryptographic hash functions
Information and data security cryptographic hash functions
Mazin Alwaaly
 
Cryptographic hash function md5
Cryptographic hash function md5Cryptographic hash function md5
Cryptographic hash function md5
Khulna University, Khulna, Bangladesh
 
Rainbow Tables
Rainbow TablesRainbow Tables
Rainbow Tables
Panggi Libersa
 
Techniques for password hashing and cracking
Techniques for password hashing and crackingTechniques for password hashing and cracking
Techniques for password hashing and cracking
Nipun Joshi
 
Password Storage And Attacking In PHP - PHP Argentina
Password Storage And Attacking In PHP - PHP ArgentinaPassword Storage And Attacking In PHP - PHP Argentina
Password Storage And Attacking In PHP - PHP Argentina
Anthony Ferrara
 

More Related Content

What's hot

MD5
MD5MD5
MD5
rokham khawaja
 
Hash Function & Analysis
Hash Function & AnalysisHash Function & Analysis
Hash Function & Analysis
Pawandeep Kaur
 
Stripe CTF3 wrap-up
Stripe CTF3 wrap-upStripe CTF3 wrap-up
Stripe CTF3 wrap-up
Stripe
 
6.hash mac
6.hash mac6.hash mac
6.hash mac
Virendrakumar Dhotre
 
Academy PRO: Cryptography 3
Academy PRO: Cryptography 3Academy PRO: Cryptography 3
Academy PRO: Cryptography 3
Binary Studio
 
MD5Algorithm
MD5AlgorithmMD5Algorithm
MD5Algorithm
Mirza Tarannum
 
Cryptography - Simplified - Hash Functions
Cryptography - Simplified - Hash FunctionsCryptography - Simplified - Hash Functions
Cryptography - Simplified - Hash Functions
Abdul Manaf Vellakodath
 
IPv6 for Pentester
IPv6 for PentesterIPv6 for Pentester
IPv6 for Pentester
Amish Patadiya
 
MD-5 : Algorithm
MD-5 : AlgorithmMD-5 : Algorithm
MD-5 : Algorithm
Sahil Kureel
 
Password Security
Password SecurityPassword Security
Password Security
CSCJournals
 
Cryptographic Hashing Functions
Cryptographic Hashing FunctionsCryptographic Hashing Functions
Cryptographic Hashing Functions
Yusuf Uzun
 
Hash function
Hash functionHash function
Hash function
Harry Potter
 
Strong cryptography in PHP
Strong cryptography in PHPStrong cryptography in PHP
Strong cryptography in PHP
Enrico Zimuel
 
Cryptography For The Average Developer - Sunshine PHP
Cryptography For The Average Developer - Sunshine PHPCryptography For The Average Developer - Sunshine PHP
Cryptography For The Average Developer - Sunshine PHP
Anthony Ferrara
 
Cryptography in PHP: use cases
Cryptography in PHP: use casesCryptography in PHP: use cases
Cryptography in PHP: use cases
Enrico Zimuel
 
Secure password - CYBER SECURITY
Secure password - CYBER SECURITYSecure password - CYBER SECURITY
Secure password - CYBER SECURITY
SupanShah2
 
Hash Function
Hash FunctionHash Function
Hash Function
Siddharth Srivastava
 
Information and data security cryptographic hash functions
Information and data security cryptographic hash functionsInformation and data security cryptographic hash functions
Information and data security cryptographic hash functions
Mazin Alwaaly
 
Cryptographic hash function md5
Cryptographic hash function md5Cryptographic hash function md5
Cryptographic hash function md5
Khulna University, Khulna, Bangladesh
 
Rainbow Tables
Rainbow TablesRainbow Tables
Rainbow Tables
Panggi Libersa
 

What's hot (20)

MD5
MD5MD5
MD5
 
Hash Function & Analysis
Hash Function & AnalysisHash Function & Analysis
Hash Function & Analysis
 
Stripe CTF3 wrap-up
Stripe CTF3 wrap-upStripe CTF3 wrap-up
Stripe CTF3 wrap-up
 
6.hash mac
6.hash mac6.hash mac
6.hash mac
 
Academy PRO: Cryptography 3
Academy PRO: Cryptography 3Academy PRO: Cryptography 3
Academy PRO: Cryptography 3
 
MD5Algorithm
MD5AlgorithmMD5Algorithm
MD5Algorithm
 
Cryptography - Simplified - Hash Functions
Cryptography - Simplified - Hash FunctionsCryptography - Simplified - Hash Functions
Cryptography - Simplified - Hash Functions
 
IPv6 for Pentester
IPv6 for PentesterIPv6 for Pentester
IPv6 for Pentester
 
MD-5 : Algorithm
MD-5 : AlgorithmMD-5 : Algorithm
MD-5 : Algorithm
 
Password Security
Password SecurityPassword Security
Password Security
 
Cryptographic Hashing Functions
Cryptographic Hashing FunctionsCryptographic Hashing Functions
Cryptographic Hashing Functions
 
Hash function
Hash functionHash function
Hash function
 
Strong cryptography in PHP
Strong cryptography in PHPStrong cryptography in PHP
Strong cryptography in PHP
 
Cryptography For The Average Developer - Sunshine PHP
Cryptography For The Average Developer - Sunshine PHPCryptography For The Average Developer - Sunshine PHP
Cryptography For The Average Developer - Sunshine PHP
 
Cryptography in PHP: use cases
Cryptography in PHP: use casesCryptography in PHP: use cases
Cryptography in PHP: use cases
 
Secure password - CYBER SECURITY
Secure password - CYBER SECURITYSecure password - CYBER SECURITY
Secure password - CYBER SECURITY
 
Hash Function
Hash FunctionHash Function
Hash Function
 
Information and data security cryptographic hash functions
Information and data security cryptographic hash functionsInformation and data security cryptographic hash functions
Information and data security cryptographic hash functions
 
Cryptographic hash function md5
Cryptographic hash function md5Cryptographic hash function md5
Cryptographic hash function md5
 
Rainbow Tables
Rainbow TablesRainbow Tables
Rainbow Tables
 

Similar to How-to crack 43kk passwords while drinking your juice/smoozie in the Hood

Techniques for password hashing and cracking
Techniques for password hashing and crackingTechniques for password hashing and cracking
Techniques for password hashing and cracking
Nipun Joshi
 
Password Storage And Attacking In PHP - PHP Argentina
Password Storage And Attacking In PHP - PHP ArgentinaPassword Storage And Attacking In PHP - PHP Argentina
Password Storage And Attacking In PHP - PHP Argentina
Anthony Ferrara
 
Password (in)security
Password (in)securityPassword (in)security
Password (in)security
Enrico Zimuel
 
Password Storage and Attacking in PHP
Password Storage and Attacking in PHPPassword Storage and Attacking in PHP
Password Storage and Attacking in PHP
Anthony Ferrara
 
P@ssw0rds
P@ssw0rdsP@ssw0rds
P@ssw0rds
Will Alexander
 
Stu r33 b (2)
Stu r33 b (2)Stu r33 b (2)
Stu r33 b (2)
SelectedPresentations
 
Iam r31 a (2)
Iam r31 a (2)Iam r31 a (2)
Iam r31 a (2)
SelectedPresentations
 
Password Storage Sucks!
Password Storage Sucks!Password Storage Sucks!
Password Storage Sucks!
nerdybeardo
 
Kieon secure passwords theory and practice 2011
Kieon secure passwords theory and practice 2011Kieon secure passwords theory and practice 2011
Kieon secure passwords theory and practice 2011
Kieon
 
Passwords, Passwords and more Passwords
Passwords, Passwords and more PasswordsPasswords, Passwords and more Passwords
Passwords, Passwords and more Passwords
clcewing
 
The Hacker's Guide to JWT Security
The Hacker's Guide to JWT SecurityThe Hacker's Guide to JWT Security
The Hacker's Guide to JWT Security
Patrycja Wegrzynowicz
 
What Video Games and BotCoin Did To The World Of Security... On Accident
What Video Games and BotCoin Did To The World Of Security... On AccidentWhat Video Games and BotCoin Did To The World Of Security... On Accident
What Video Games and BotCoin Did To The World Of Security... On Accident
Ben Finke
 
Password Policies
Password PoliciesPassword Policies
Password Policies
allengalvan
 
Lightning Talk: What You Need to Know Before You Shard in 20 Minutes
Lightning Talk: What You Need to Know Before You Shard in 20 MinutesLightning Talk: What You Need to Know Before You Shard in 20 Minutes
Lightning Talk: What You Need to Know Before You Shard in 20 Minutes
MongoDB
 
Sharding why,what,when, how
Sharding why,what,when, howSharding why,what,when, how
Sharding why,what,when, how
David Murphy
 
A Survey of Password Attacks and Safe Hashing Algorithms
A Survey of Password Attacks and Safe Hashing AlgorithmsA Survey of Password Attacks and Safe Hashing Algorithms
A Survey of Password Attacks and Safe Hashing Algorithms
IRJET Journal
 
Passwords good badugly181212-2
Passwords good badugly181212-2Passwords good badugly181212-2
Passwords good badugly181212-2
Iftach Ian Amit
 
User Credential handling in Web Applications done right
User Credential handling in Web Applications done rightUser Credential handling in Web Applications done right
User Credential handling in Web Applications done right
tladesignz
 
Hash cat
Hash catHash cat
Hash cat
Sreekanth Narendran
 
Developer &lt; eat love code >
Developer &lt; eat love code >Developer &lt; eat love code >
Developer &lt; eat love code >
Rizky Ariestiyansyah
 

Similar to How-to crack 43kk passwords while drinking your juice/smoozie in the Hood (20)

Techniques for password hashing and cracking
Techniques for password hashing and crackingTechniques for password hashing and cracking
Techniques for password hashing and cracking
 
Password Storage And Attacking In PHP - PHP Argentina
Password Storage And Attacking In PHP - PHP ArgentinaPassword Storage And Attacking In PHP - PHP Argentina
Password Storage And Attacking In PHP - PHP Argentina
 
Password (in)security
Password (in)securityPassword (in)security
Password (in)security
 
Password Storage and Attacking in PHP
Password Storage and Attacking in PHPPassword Storage and Attacking in PHP
Password Storage and Attacking in PHP
 
P@ssw0rds
P@ssw0rdsP@ssw0rds
P@ssw0rds
 
Stu r33 b (2)
Stu r33 b (2)Stu r33 b (2)
Stu r33 b (2)
 
Iam r31 a (2)
Iam r31 a (2)Iam r31 a (2)
Iam r31 a (2)
 
Password Storage Sucks!
Password Storage Sucks!Password Storage Sucks!
Password Storage Sucks!
 
Kieon secure passwords theory and practice 2011
Kieon secure passwords theory and practice 2011Kieon secure passwords theory and practice 2011
Kieon secure passwords theory and practice 2011
 
Passwords, Passwords and more Passwords
Passwords, Passwords and more PasswordsPasswords, Passwords and more Passwords
Passwords, Passwords and more Passwords
 
The Hacker's Guide to JWT Security
The Hacker's Guide to JWT SecurityThe Hacker's Guide to JWT Security
The Hacker's Guide to JWT Security
 
What Video Games and BotCoin Did To The World Of Security... On Accident
What Video Games and BotCoin Did To The World Of Security... On AccidentWhat Video Games and BotCoin Did To The World Of Security... On Accident
What Video Games and BotCoin Did To The World Of Security... On Accident
 
Password Policies
Password PoliciesPassword Policies
Password Policies
 
Lightning Talk: What You Need to Know Before You Shard in 20 Minutes
Lightning Talk: What You Need to Know Before You Shard in 20 MinutesLightning Talk: What You Need to Know Before You Shard in 20 Minutes
Lightning Talk: What You Need to Know Before You Shard in 20 Minutes
 
Sharding why,what,when, how
Sharding why,what,when, howSharding why,what,when, how
Sharding why,what,when, how
 
A Survey of Password Attacks and Safe Hashing Algorithms
A Survey of Password Attacks and Safe Hashing AlgorithmsA Survey of Password Attacks and Safe Hashing Algorithms
A Survey of Password Attacks and Safe Hashing Algorithms
 
Passwords good badugly181212-2
Passwords good badugly181212-2Passwords good badugly181212-2
Passwords good badugly181212-2
 
User Credential handling in Web Applications done right
User Credential handling in Web Applications done rightUser Credential handling in Web Applications done right
User Credential handling in Web Applications done right
 
Hash cat
Hash catHash cat
Hash cat
 
Developer &lt; eat love code >
Developer &lt; eat love code >Developer &lt; eat love code >
Developer &lt; eat love code >
 

Recently uploaded

Azure API Management to expose backend services securely
Azure API Management to expose backend services securelyAzure API Management to expose backend services securely
Azure API Management to expose backend services securely
Dinusha Kumarasiri
 
Digital Marketing Trends in 2024 | Guide for Staying Ahead
Digital Marketing Trends in 2024 | Guide for Staying AheadDigital Marketing Trends in 2024 | Guide for Staying Ahead
Digital Marketing Trends in 2024 | Guide for Staying Ahead
Wask
 
Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...
Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...
Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...
Jeffrey Haguewood
 
Your One-Stop Shop for Python Success: Top 10 US Python Development Providers
Your One-Stop Shop for Python Success: Top 10 US Python Development ProvidersYour One-Stop Shop for Python Success: Top 10 US Python Development Providers
Your One-Stop Shop for Python Success: Top 10 US Python Development Providers
akankshawande
 
Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...
Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...
Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...
saastr
 
Freshworks Rethinks NoSQL for Rapid Scaling & Cost-Efficiency
Freshworks Rethinks NoSQL for Rapid Scaling & Cost-EfficiencyFreshworks Rethinks NoSQL for Rapid Scaling & Cost-Efficiency
Freshworks Rethinks NoSQL for Rapid Scaling & Cost-Efficiency
ScyllaDB
 
GraphRAG for Life Science to increase LLM accuracy
GraphRAG for Life Science to increase LLM accuracyGraphRAG for Life Science to increase LLM accuracy
GraphRAG for Life Science to increase LLM accuracy
Tomaz Bratanic
 
dbms calicut university B. sc Cs 4th sem.pdf
dbms calicut university B. sc Cs 4th sem.pdfdbms calicut university B. sc Cs 4th sem.pdf
dbms calicut university B. sc Cs 4th sem.pdf
Shinana2
 
FREE A4 Cyber Security Awareness Posters-Social Engineering part 3
FREE A4 Cyber Security Awareness Posters-Social Engineering part 3FREE A4 Cyber Security Awareness Posters-Social Engineering part 3
FREE A4 Cyber Security Awareness Posters-Social Engineering part 3
Data Hops
 
zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...
zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...
zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...
Alex Pruden
 
Monitoring and Managing Anomaly Detection on OpenShift.pdf
Monitoring and Managing Anomaly Detection on OpenShift.pdfMonitoring and Managing Anomaly Detection on OpenShift.pdf
Monitoring and Managing Anomaly Detection on OpenShift.pdf
Tosin Akinosho
 
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
saastr
 
Digital Banking in the Cloud: How Citizens Bank Unlocked Their Mainframe
Digital Banking in the Cloud: How Citizens Bank Unlocked Their MainframeDigital Banking in the Cloud: How Citizens Bank Unlocked Their Mainframe
Digital Banking in the Cloud: How Citizens Bank Unlocked Their Mainframe
Precisely
 
Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)
Jakub Marek
 
Presentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of GermanyPresentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of Germany
innovationoecd
 
Fueling AI with Great Data with Airbyte Webinar
Fueling AI with Great Data with Airbyte WebinarFueling AI with Great Data with Airbyte Webinar
Fueling AI with Great Data with Airbyte Webinar
Zilliz
 
JavaLand 2024: Application Development Green Masterplan
JavaLand 2024: Application Development Green MasterplanJavaLand 2024: Application Development Green Masterplan
JavaLand 2024: Application Development Green Masterplan
Miro Wengner
 
leewayhertz.com-AI in predictive maintenance Use cases technologies benefits ...
leewayhertz.com-AI in predictive maintenance Use cases technologies benefits ...leewayhertz.com-AI in predictive maintenance Use cases technologies benefits ...
leewayhertz.com-AI in predictive maintenance Use cases technologies benefits ...
alexjohnson7307
 
WeTestAthens: Postman's AI & Automation Techniques
WeTestAthens: Postman's AI & Automation TechniquesWeTestAthens: Postman's AI & Automation Techniques
WeTestAthens: Postman's AI & Automation Techniques
Postman
 
Serial Arm Control in Real Time Presentation
Serial Arm Control in Real Time PresentationSerial Arm Control in Real Time Presentation
Serial Arm Control in Real Time Presentation
tolgahangng
 

Recently uploaded (20)

Azure API Management to expose backend services securely
Azure API Management to expose backend services securelyAzure API Management to expose backend services securely
Azure API Management to expose backend services securely
 
Digital Marketing Trends in 2024 | Guide for Staying Ahead
Digital Marketing Trends in 2024 | Guide for Staying AheadDigital Marketing Trends in 2024 | Guide for Staying Ahead
Digital Marketing Trends in 2024 | Guide for Staying Ahead
 
Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...
Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...
Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...
 
Your One-Stop Shop for Python Success: Top 10 US Python Development Providers
Your One-Stop Shop for Python Success: Top 10 US Python Development ProvidersYour One-Stop Shop for Python Success: Top 10 US Python Development Providers
Your One-Stop Shop for Python Success: Top 10 US Python Development Providers
 
Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...
Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...
Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...
 
Freshworks Rethinks NoSQL for Rapid Scaling & Cost-Efficiency
Freshworks Rethinks NoSQL for Rapid Scaling & Cost-EfficiencyFreshworks Rethinks NoSQL for Rapid Scaling & Cost-Efficiency
Freshworks Rethinks NoSQL for Rapid Scaling & Cost-Efficiency
 
GraphRAG for Life Science to increase LLM accuracy
GraphRAG for Life Science to increase LLM accuracyGraphRAG for Life Science to increase LLM accuracy
GraphRAG for Life Science to increase LLM accuracy
 
dbms calicut university B. sc Cs 4th sem.pdf
dbms calicut university B. sc Cs 4th sem.pdfdbms calicut university B. sc Cs 4th sem.pdf
dbms calicut university B. sc Cs 4th sem.pdf
 
FREE A4 Cyber Security Awareness Posters-Social Engineering part 3
FREE A4 Cyber Security Awareness Posters-Social Engineering part 3FREE A4 Cyber Security Awareness Posters-Social Engineering part 3
FREE A4 Cyber Security Awareness Posters-Social Engineering part 3
 
zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...
zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...
zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...
 
Monitoring and Managing Anomaly Detection on OpenShift.pdf
Monitoring and Managing Anomaly Detection on OpenShift.pdfMonitoring and Managing Anomaly Detection on OpenShift.pdf
Monitoring and Managing Anomaly Detection on OpenShift.pdf
 
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
 
Digital Banking in the Cloud: How Citizens Bank Unlocked Their Mainframe
Digital Banking in the Cloud: How Citizens Bank Unlocked Their MainframeDigital Banking in the Cloud: How Citizens Bank Unlocked Their Mainframe
Digital Banking in the Cloud: How Citizens Bank Unlocked Their Mainframe
 
Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)
 
Presentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of GermanyPresentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of Germany
 
Fueling AI with Great Data with Airbyte Webinar
Fueling AI with Great Data with Airbyte WebinarFueling AI with Great Data with Airbyte Webinar
Fueling AI with Great Data with Airbyte Webinar
 
JavaLand 2024: Application Development Green Masterplan
JavaLand 2024: Application Development Green MasterplanJavaLand 2024: Application Development Green Masterplan
JavaLand 2024: Application Development Green Masterplan
 
leewayhertz.com-AI in predictive maintenance Use cases technologies benefits ...
leewayhertz.com-AI in predictive maintenance Use cases technologies benefits ...leewayhertz.com-AI in predictive maintenance Use cases technologies benefits ...
leewayhertz.com-AI in predictive maintenance Use cases technologies benefits ...
 
WeTestAthens: Postman's AI & Automation Techniques
WeTestAthens: Postman's AI & Automation TechniquesWeTestAthens: Postman's AI & Automation Techniques
WeTestAthens: Postman's AI & Automation Techniques
 
Serial Arm Control in Real Time Presentation
Serial Arm Control in Real Time PresentationSerial Arm Control in Real Time Presentation
Serial Arm Control in Real Time Presentation
 

How-to crack 43kk passwords while drinking your juice/smoozie in the Hood

  • 1. Yurii Bilyk | 2016 How-to crack 43kk passwords while drinking your in the Hood
  • 2. WHO AM I 26 vs 27.5 vs 29
  • 3. TEAM  WE are Security Group  WE are ALL Engineers (Almost;)  WE are OWASP Lviv Chapter  WE are Legio… oops blog: http://owasp-lviv.blogspot.com skype: y.bilyk
  • 4. o But WHY??!! o Our CRACKING RIG o Different obvious methods o Not so obvious methods o Some interesting statistics Agenda
  • 5. Tell Me WHY!? what’s wrong with you?
  • 6. The Reason Just for FUN Good example of Open Source Intelligence You can really test your skills in password cracking
  • 7. Some Info LinkedIn DB contains 250 758 057 e-mails Only 61 829 208 contains unique hashes File size of all unique hashes is 2.5 GB
  • 9. P - Podgotovka LinkedIn DB contains unsalted SHA-1 hashes GPU should be best option for such type of hashes Best tool for this case is HashCat
  • 10.
  • 11. GTX 1080 SHA-1 Benchmark 8xGPU SHA-1 crack speed: 68 771.0 MH/s 8xCHARS password Z!sN0/7u: 95 symbols length alphabet 6.70 X 1015 search space 1 days 3 hours 4 minutes 54 seconds to brute ALL combinations
  • 13.
  • 14. Amazon K80 SHA-1 Benchmark 36xGPU SHA-1 crack speed: 75 200.0 MH/s 8xCHARS password Z!sN0/7u: 95 symbols length alphabet 6.70 X 1015 search space 1 days 45 minutes 59 seconds to brute ALL combinations
  • 15. So You’ve said Amazon? (14.4+14.4+7.2)x25 = 900 $$$
  • 16.
  • 18. RainBow Seek SHA-1 Benchmark SHA-1 crack speed: 3 880 000.0 MH/s for 1 hash 784 000.0 MH/s for 10 hashes 8xCHARS password Z!sN0/7u: 95 symbols length alphabet 6.70 X 1015 search space 28 minutes <-> 2 hours 22 minutes to brute ALL combinations
  • 19.
  • 20. Return to Reality Intel Core i5-3570 @ 3.4Ghz SHA-1 crack speed: ~120.0 MH/s NVIDIA 750GT (Mobile): SHA-1 crack speed: ~120.0 MH/s
  • 21. 1xi5-3570 SHA-1 Benchmark SHA-1 crack speed: 120.0 MH/s 8xCHARS password Z!sN0/7u: 95 symbols length alphabet 6.70 X 1015 search space 1 years 281 days 10 hours 30 minutes 48 seconds to brute ALL combinations
  • 23. Where to Start? We used dictionary attack as the first attempt You need good dictionary. We started with rockyou.txt You need memory for your hashes. It could be problem for GPU
  • 24. So First Try Cracked around 20% of all hashes (with rockyou.txt dictionary) It took around 5 mins  And now you have to think what to do next 
  • 25. We need moar dictionaries! RockYou contains 14 344 391 words We tried different dictionaries. The biggest was 1 212 356 398 words and 15 GB in size All this gives us approx 35% of all hashes
  • 26. Let’s brute it! We selected up to 6 char passwords with full set of characters It took around 2 hours All this gives us approx 45% of all hashes
  • 27. Magic of STATISTICS new is well-forgotten old
  • 28. What we can do get moar? HashCat has rules of transformation It mutates original word Quality of your dictionary is essential. Size doesn’t rly matters Using rules is more time consuming than just dictionary attack
  • 29. What rules are effective? We used best64, InsidePro- PasswordsPro and d3ad0ne rules It was very effective in terms of number of hashes All this gives us approx 60% of all hashes
  • 30. Time to go smarter way We have 36 millions of cracked passwords We can analyze cracked password to determine patters This patterns can produce more efficient bruteforce masks
  • 32. PACK Tool Features Can analyze list of password and generate bruteforce mask You can specify password length, time, complexity constrains Gives you some idea what type of passwords are popular
  • 33. Is PACK effective? It can crack similar passwords according that you already have You can flexibly choose best masks regarding constrains All this gives us approx 65% of all hashes
  • 34. Other types of attacks PRINCE attack, somehow similar to the using PACK tool + mutation Combination of TWO and more dictionaries Hybrid attack, that uses dictionaries + rules + bruteforce masks
  • 37. Length of password (Korelogic)
  • 39. Most Popular Passwords (Korelogic)