SlideShare a Scribd company logo

So whats in a password

Download as PPTX, PDF
Rob Gillen
Rob Gillen

Talk from CodeMash on Passwords, cracking them, and intelligent approaches to getting past them. Presented at CodeMash, January 8, 2014

Technology
1 of 38
So, What’s in a Password? Rob Gillen @argodev This work is licensed under a Creative Commons Attribution 3.0 License.
Don’t Be Stupid The following presentation describes real attacks on real systems. Please note that most of the attacks described would be considered ILLEGAL if attempted on machines that you do not have explicit permission to test and attack. I assume no responsibility for any actions you perform based on the content of this presentation or subsequent conversations. Please remember this basic guideline: With knowledge comes responsibility.
Disclaimer The content of this presentation represents my personal views and thoughts at the present time. This content is not endorsed by, or representative in any way of my employer nor is it intended to be a view into my work or a reflection on the type of work that I or my group performs. It is simply a hobby and personal interest and should be considered as such.
Password Attacks A Year in Review
Pixel Federation In December 2013, a breach of the webbased game community based in Slovakia exposed over 38,000 accounts which were promptly posted online. The breach included email addresses and unsalted MD5 hashed passwords, many of which were easily converted back to plain text. http://haveibeenpwned.com/
Vodafone In November 2013, Vodafone in Iceland suffered an attack attributed to the Turkish hacker collective "Maxn3y". The data was consequently publicly exposed and included user names, email addresses, social security numbers, SMS message, server logs and passwords from a variety of different internal sources. http://haveibeenpwned.com/
Adobe The big one. In October 2013, 153 million accounts were breached with each containing an internal ID, username, email, encrypted password and a password hint in plain text. The password cryptography was poorly done and many were quickly resolved back to plain text. The unencrypted hints also disclosed much about the passwords adding further to the risk that hundreds of millions of Adobe customers already faced. http://haveibeenpwned.com/
Twitter February 2013 - This week, we detected unusual access patterns that led to us identifying unauthorized access attempts to Twitter user data. We discovered one live attack and were able to shut it down in process moments later. However, our investigation has thus far indicated that the attackers may have had access to limited user information – usernames, email addresses, session tokens and encrypted/salted versions of passwords – for approximately 250,000 users. https://blog.twitter.com/2013/keeping-our-users-secure
More… • cvideo.co.il – 10/15/2013 – 3,339 • http://hackread.com/iranian-hackers-hack-israeli-job-site/ • penangmarathon.gov.my – 10/8/2013 – 1,387 • http://www.cyberwarnews.info/2013/10/07/45000-penang-marathonparticipants-personal-details-leaked/ • tomsawyer.com – 10/6/2013 – 57,462 • http://www.cyberwarnews.info/2013/10/07/software-company-tomsawyer-hacked-61000-vendors-accounts-leaked/ • ahashare.com – 10/3/2013 – 169,874 • http://www.cyberwarnews.info/2013/10/04/ahashare-com-hackedcomplete-database-with-190-000-user-credentials-leaked/ • Unknown Israeli website – 7/30/2013 – 26,064 • http://hackread.com/opizzah-opisrael-phr0zenmyst-claims-to-leaklogin-details-of-33895-israelis/ • UK emails – 7/17/2013 – 8,002 • http://www.techworm.in/2013/07/more-than-15000-emails-usernameand.html https://shouldichangemypassword.com/all-sources.php
More… • UK emails (part 2) – 7/17/2013 – 7,514 • http://www.techworm.in/2013/07/more-than-15000-emails-usernameand.html • http://www.pakistanintelligence.com – 5/27/2013 – 75,942 • http://www.ehackingnews.com/2013/05/pakistan-intelligence-jobboard-website.html • McDonalds Taiwan – 3/27/2013 – 185,620 • http://www.cyberwarnews.info/2013/03/28/official-mcdonaldsaustria-taiwan-korea-hacked-over-200k-credentials-leaked/ • karjera.ktu.lt – 3/14/2013 – 14,133 • http://www.cyberwarnews.info/2013/03/14/14000-student-credentialsleaked-from-ktu-career-center-lithuania/ • avadas.de – 3/9/2013 – 3,344 • http://hackread.com/avast-germany-website-hacked-defaced-20000user-accounts-leaked-by-maxney/ • angloplatinum.co.za – 3/5/2013 – 7,967 • http://thehackernews.com/2013/03/worlds-largest-platinum-producerhacked.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Fee d%3A+TheHackersNews+(The+Hackers+News+-+Security+Blog)#_ https://shouldichangemypassword.com/all-sources.php
More… • angloplatinum.com – 3/5/2013 – 723 • http://thehackernews.com/2013/03/worlds-largest-platinum-producerhacked.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Fee d%3A+TheHackersNews+(The+Hackers+News+-+Security+Blog)#_ • Walla.co.il – 2/19/2013 – 531,526 • http://www.haaretz.com/news/national/anonymous-activists-hackinto-600-000-israeli-email-accounts.premium-1.504093 • Bank Executives – 2/4/2013 – 4,596 • http://www.zdnet.com/anonymous-posts-over-4000-u-s-bank-executivecredentials-7000010740/ • bee-network.co.za – 1/29/2013 – 81 • http://www.ehackingnews.com/2013/01/projectsunrise-teamghostshell-leaked.html • omni-id.com – 1/29/2013 – 1,151 • http://www.ehackingnews.com/2013/01/projectsunrise-teamghostshell-leaked.html • moolmans.com – 1/29/2013 – 117 • http://www.ehackingnews.com/2013/01/projectsunrise-teamghostshell-leaked.html https://shouldichangemypassword.com/all-sources.php
More… • servicedesk.ufs.ac.za – 1/29/2013 – 3,952 • http://www.ehackingnews.com/2013/01/projectsunrise-teamghostshell-leaked.html • servicedesk.ufs.ac.za (part 2) – 1/29/2013 – 355 • http://www.ehackingnews.com/2013/01/projectsunrise-teamghostshell-leaked.html • westcol.co.za – 1/29/2013 – 99 • http://www.ehackingnews.com/2013/01/projectsunrise-teamghostshell-leaked.html • digital.postnet.co.za – 1/29/2013 – 45,245 • http://www.ehackingnews.com/2013/01/projectsunrise-teamghostshell-leaked.html • French Chamber of Commerce – 1/29/2013 – 515 • http://news.softpedia.com/news/French-Chamber-of-Commerceand-Industry-Portal-Hacked-by-Tunisian-Cyber-Army324716.shtml https://shouldichangemypassword.com/all-sources.php
Types of Attacks • Algorithm Weaknesses • Implementation Weaknesses • Dictionary Attacks • Brute-Force Attacks • Mask Attacks
Algorithmic Weaknesses • Collision, Second Pre-Image, Pre-Image • Confirmed: • GOST, HAVAL, MD2, MD4, MD5, PANAMA, RadioGatun, RIPEMD, RIPEMD-160, SHA-0, SHA-1, Tiger(2) – 192/160/128, WHIRLPOOL • Theoretical: • SHA-256/224 • SHA-512/384 http://en.wikipedia.org/wiki/Cryptographic_hash_function
Account Hashes • Windows Hash • EAD0CC57DDAAE50D876B7DD6386FA9C7 • Linux Hash • $6$OeKR9qBnzym.Q.VO$hM3uL03hmR4ZqAME/8Ol. xWGYAmVdpi3S4hWGLeugaKNj/HLzQPTz7FhjATYO/ KXCNHZ8P7zJDi2HHb1K.xfE.
File Encryption • MS Office • PDFs • Zip/7z/rar • TrueCrypt
http://www.truecrypt.org/docs/volume-format-specification
How do they work? • Known file-format/implementation weakness • Header data to indicate encryption • Type, keylength, etc. • Often some small portion to decrypt/validate • How is it that changing encryption keys is fast? • Your key encrypts “real” key
Is it really cracking?
Password Guessing char string1[maxPassLength + 1]; char alphanum[63] = "ABCDEFGHIJKLMNOPQRSTUVWXYZ" "abcdefghijklmnopqrstuvwxyz" "0123456789"; for 0  maxLength for each char in alphanum…
Slightly Better… int min = 8; int max = 12; char[] valid = "ABCDEFGHIJKLMNOPQRSTUVWXYZ" "abcdefghijklmnopqrstuvwxyz" "0123456789"; # # # # known rules first & last must be char no consecutive-ordered chars/nums no repeated chars/nums
DEMO: Cracking a Windows Hash With oclHashCat
Image courtesy of xkcd.com (http://imgs.xkcd.com/comics/password_strength.png)
(more) Intelligent Password Guessing • What do people usually use? • What can we do to reduce the set of possibilities? • Cull terms/domain knowledge from relevant data • Dating sites, religious sites, others Best: Already used/real-world passwords
Determine your goals • Cracking a single, specific pwd? • Cracking a large % of an “acquired set”?
• Mark Burnett, author of Perfect Passwords • List of 6,000,000, culled down to 10,000 most frequently used • Top 10,000 passwords are used by 98.8% of all users • 2,342,603 (that’s 99.6%) unique passwords remaining that are in use by only .18% of users! https://xato.net/passwords/more-top-worst-passwords/
• Lots of lists…
https://www.grc.com/haystack.htm
PACK • Password Analysis and Cracking Toolkit • Peter Kacherginsky, PasswordCon, 7/30-7/31 • Intelligent cycle of cracking, analysis, rule generation http://thesprawl.org/projects/pack/
Statistical Analysis • Password Length Analysis • Character Set Analysis • Word Mangling Analysis
Example: Length https://thesprawl.org/media/research/passwords13-smarter-password-cracking-with-pack.pdf
DEMO: Statistics on Real PWs
Advanced Analytics • Levenshtein Edit Distance http://en.wikipedia.org/wiki/Levenshtein_distance
Levenshtein Edit Distance • Minimum number of changes required to change one string into another • Measure distance b/t actual words and cracked list to optimize the word mangling rules • i.e. XX% of words can be achieved with Levenshtein edit distance of <=2 • Only gen rules that match http://www.let.rug.nl/~kleiweg/lev/ http://www.kurzhals.info/static/samples/levenshtein_distance/
What if I don’t have your Password? • Pass the Hash • Demo • But We use Smart Cards!?
Avoidance Techniques • Don’t use “monkey” • Don’t reuse “monkey” • If you must use monkey, require something else as well • Salt is good • Your own salt is better • Utilize memory-hard algorithms • Utilize multiple iterations (a lot) • Your username is half of the equation
References • http://haveibeenpwned.com/ • https://lastpass.com/adobe/ • https://lastpass.com/linkedin/ • https://lastpass.com/lastfm/ • https://shouldichangemypassword.com/al l-sources.php
Questions/Contact Rob Gillen rob@gillenfamily.net http://rob.gillenfamily.net @argodev

Recommended

After the Data Breach: Stolen Credentials
After the Data Breach: Stolen CredentialsAfter the Data Breach: Stolen Credentials
After the Data Breach: Stolen Credentials
SBWebinars
 
Enterprise Password Worst Practices
Enterprise Password Worst PracticesEnterprise Password Worst Practices
Enterprise Password Worst Practices
Imperva
 
Password cracking and brute force tools
Password cracking and brute force toolsPassword cracking and brute force tools
Password cracking and brute force tools
zeus7856
 
Cyber attacks
Cyber attacksCyber attacks
Cyber attacks
r_rahulsingh1988
 
5 SEO trends that won’t quit in 2017!
5 SEO trends that won’t quit in 2017!5 SEO trends that won’t quit in 2017!
5 SEO trends that won’t quit in 2017!
Tyler Rundle
 
Google Hacking for Cryptographic Secrets
Google Hacking for Cryptographic SecretsGoogle Hacking for Cryptographic Secrets
Google Hacking for Cryptographic Secrets
Dr. Emin İslam Tatlı
 
The Ins, Outs, and Nuances of Internet Privacy
The Ins, Outs, and Nuances of Internet PrivacyThe Ins, Outs, and Nuances of Internet Privacy
The Ins, Outs, and Nuances of Internet Privacy
eBoost Consulting
 
CSRF_RSA_2008_Jeremiah_Grossman
CSRF_RSA_2008_Jeremiah_GrossmanCSRF_RSA_2008_Jeremiah_Grossman
CSRF_RSA_2008_Jeremiah_Grossman
guestdb261a
 

Recommended

After the Data Breach: Stolen Credentials
After the Data Breach: Stolen CredentialsAfter the Data Breach: Stolen Credentials
After the Data Breach: Stolen Credentials
SBWebinars
 
Enterprise Password Worst Practices
Enterprise Password Worst PracticesEnterprise Password Worst Practices
Enterprise Password Worst Practices
Imperva
 
Password cracking and brute force tools
Password cracking and brute force toolsPassword cracking and brute force tools
Password cracking and brute force tools
zeus7856
 
Cyber attacks
Cyber attacksCyber attacks
Cyber attacks
r_rahulsingh1988
 
5 SEO trends that won’t quit in 2017!
5 SEO trends that won’t quit in 2017!5 SEO trends that won’t quit in 2017!
5 SEO trends that won’t quit in 2017!
Tyler Rundle
 
Google Hacking for Cryptographic Secrets
Google Hacking for Cryptographic SecretsGoogle Hacking for Cryptographic Secrets
Google Hacking for Cryptographic Secrets
Dr. Emin İslam Tatlı
 
The Ins, Outs, and Nuances of Internet Privacy
The Ins, Outs, and Nuances of Internet PrivacyThe Ins, Outs, and Nuances of Internet Privacy
The Ins, Outs, and Nuances of Internet Privacy
eBoost Consulting
 
CSRF_RSA_2008_Jeremiah_Grossman
CSRF_RSA_2008_Jeremiah_GrossmanCSRF_RSA_2008_Jeremiah_Grossman
CSRF_RSA_2008_Jeremiah_Grossman
guestdb261a
 
Portland Winter2010
Portland Winter2010Portland Winter2010
Portland Winter2010
rcostic
 
Girl junior lounge lic line
Girl junior lounge lic lineGirl junior lounge lic line
Girl junior lounge lic line
ceeram9
 
Panty programs license
Panty programs licensePanty programs license
Panty programs licenseceeram9
 
Boys yng mens license skate
Boys yng mens license skateBoys yng mens license skate
Boys yng mens license skateceeram9
 
Windows Azure: Lessons From The Field
Windows Azure: Lessons From The FieldWindows Azure: Lessons From The Field
Windows Azure: Lessons From The Field
Rob Gillen
 
the best cars
the best carsthe best cars
the best carsjhonshito
 
Girls junior prints
Girls junior printsGirls junior prints
Girls junior printsceeram9
 
Junior missy lounge packaging
Junior missy lounge packagingJunior missy lounge packaging
Junior missy lounge packagingceeram9
 
Password and Account Management Strategies - April 2019
Password and Account Management Strategies - April 2019Password and Account Management Strategies - April 2019
Password and Account Management Strategies - April 2019
Kimberley Dray
 
Correcthorsebatterystaple dwsg 07 09-13
Correcthorsebatterystaple dwsg 07 09-13Correcthorsebatterystaple dwsg 07 09-13
Correcthorsebatterystaple dwsg 07 09-13
Dallas Web Security Group
 
Cybersecurity for Marketing
Cybersecurity for Marketing Cybersecurity for Marketing
Cybersecurity for Marketing
Alert Logic
 
Ethical_Hacking_ppt
Ethical_Hacking_pptEthical_Hacking_ppt
Ethical_Hacking_ppt
Narayanan
 
Cyber security awareness presentation nepal
Cyber security awareness presentation nepalCyber security awareness presentation nepal
Cyber security awareness presentation nepal
ICT Frame Magazine Pvt. Ltd.
 
Iron Bastion: How to Manage Your Clients' Data Responsibly
Iron Bastion: How to Manage Your Clients' Data ResponsiblyIron Bastion: How to Manage Your Clients' Data Responsibly
Iron Bastion: How to Manage Your Clients' Data Responsibly
Gabor Szathmari
 
Info Session on Cybersecurity & Cybersecurity Study Jams
Info Session on Cybersecurity & Cybersecurity Study JamsInfo Session on Cybersecurity & Cybersecurity Study Jams
Info Session on Cybersecurity & Cybersecurity Study Jams
GDSCCVR
 
How To Keep the Grinch From Ruining Your Cyber Monday
How To Keep the Grinch From Ruining Your Cyber MondayHow To Keep the Grinch From Ruining Your Cyber Monday
How To Keep the Grinch From Ruining Your Cyber Monday
Michele Chubirka
 
Computer Hacking - An Introduction
Computer Hacking - An IntroductionComputer Hacking - An Introduction
Computer Hacking - An Introduction
Jayaseelan Vejayon
 
Cyber Safety 101
Cyber Safety 101Cyber Safety 101
Cyber Safety 101
Jeff Niebaum, M.A
 
Social and Mobile and Cloud OH MY!
Social and Mobile and Cloud OH MY!Social and Mobile and Cloud OH MY!
Social and Mobile and Cloud OH MY!
InnoTech
 
How to hack or what is ethical hacking
How to hack or what is ethical hackingHow to hack or what is ethical hacking
How to hack or what is ethical hacking
baabtra.com - No. 1 supplier of quality freshers
 
Ipsec And Ssl Protocols ( Vpn )
Ipsec And Ssl Protocols ( Vpn )Ipsec And Ssl Protocols ( Vpn )
Ipsec And Ssl Protocols ( Vpn )
Monique Jones
 
Onlinesecurityrecomendations2014 141230081030-conversion-gate02
Onlinesecurityrecomendations2014 141230081030-conversion-gate02Onlinesecurityrecomendations2014 141230081030-conversion-gate02
Onlinesecurityrecomendations2014 141230081030-conversion-gate02
amiinaaa
 

More Related Content

Viewers also liked

Portland Winter2010
Portland Winter2010Portland Winter2010
Portland Winter2010
rcostic
 
Girl junior lounge lic line
Girl junior lounge lic lineGirl junior lounge lic line
Girl junior lounge lic line
ceeram9
 
Panty programs license
Panty programs licensePanty programs license
Panty programs licenseceeram9
 
Boys yng mens license skate
Boys yng mens license skateBoys yng mens license skate
Boys yng mens license skateceeram9
 
Windows Azure: Lessons From The Field
Windows Azure: Lessons From The FieldWindows Azure: Lessons From The Field
Windows Azure: Lessons From The Field
Rob Gillen
 
the best cars
the best carsthe best cars
the best carsjhonshito
 
Girls junior prints
Girls junior printsGirls junior prints
Girls junior printsceeram9
 
Junior missy lounge packaging
Junior missy lounge packagingJunior missy lounge packaging
Junior missy lounge packagingceeram9
 

Viewers also liked (8)

Portland Winter2010
Portland Winter2010Portland Winter2010
Portland Winter2010
 
Girl junior lounge lic line
Girl junior lounge lic lineGirl junior lounge lic line
Girl junior lounge lic line
 
Panty programs license
Panty programs licensePanty programs license
Panty programs license
 
Boys yng mens license skate
Boys yng mens license skateBoys yng mens license skate
Boys yng mens license skate
 
Windows Azure: Lessons From The Field
Windows Azure: Lessons From The FieldWindows Azure: Lessons From The Field
Windows Azure: Lessons From The Field
 
the best cars
the best carsthe best cars
the best cars
 
Girls junior prints
Girls junior printsGirls junior prints
Girls junior prints
 
Junior missy lounge packaging
Junior missy lounge packagingJunior missy lounge packaging
Junior missy lounge packaging
 

Similar to So whats in a password

Password and Account Management Strategies - April 2019
Password and Account Management Strategies - April 2019Password and Account Management Strategies - April 2019
Password and Account Management Strategies - April 2019
Kimberley Dray
 
Correcthorsebatterystaple dwsg 07 09-13
Correcthorsebatterystaple dwsg 07 09-13Correcthorsebatterystaple dwsg 07 09-13
Correcthorsebatterystaple dwsg 07 09-13
Dallas Web Security Group
 
Cybersecurity for Marketing
Cybersecurity for Marketing Cybersecurity for Marketing
Cybersecurity for Marketing
Alert Logic
 
Ethical_Hacking_ppt
Ethical_Hacking_pptEthical_Hacking_ppt
Ethical_Hacking_ppt
Narayanan
 
Cyber security awareness presentation nepal
Cyber security awareness presentation nepalCyber security awareness presentation nepal
Cyber security awareness presentation nepal
ICT Frame Magazine Pvt. Ltd.
 
Iron Bastion: How to Manage Your Clients' Data Responsibly
Iron Bastion: How to Manage Your Clients' Data ResponsiblyIron Bastion: How to Manage Your Clients' Data Responsibly
Iron Bastion: How to Manage Your Clients' Data Responsibly
Gabor Szathmari
 
Info Session on Cybersecurity & Cybersecurity Study Jams
Info Session on Cybersecurity & Cybersecurity Study JamsInfo Session on Cybersecurity & Cybersecurity Study Jams
Info Session on Cybersecurity & Cybersecurity Study Jams
GDSCCVR
 
How To Keep the Grinch From Ruining Your Cyber Monday
How To Keep the Grinch From Ruining Your Cyber MondayHow To Keep the Grinch From Ruining Your Cyber Monday
How To Keep the Grinch From Ruining Your Cyber Monday
Michele Chubirka
 
Computer Hacking - An Introduction
Computer Hacking - An IntroductionComputer Hacking - An Introduction
Computer Hacking - An Introduction
Jayaseelan Vejayon
 
Cyber Safety 101
Cyber Safety 101Cyber Safety 101
Cyber Safety 101
Jeff Niebaum, M.A
 
Social and Mobile and Cloud OH MY!
Social and Mobile and Cloud OH MY!Social and Mobile and Cloud OH MY!
Social and Mobile and Cloud OH MY!
InnoTech
 
How to hack or what is ethical hacking
How to hack or what is ethical hackingHow to hack or what is ethical hacking
How to hack or what is ethical hacking
baabtra.com - No. 1 supplier of quality freshers
 
Ipsec And Ssl Protocols ( Vpn )
Ipsec And Ssl Protocols ( Vpn )Ipsec And Ssl Protocols ( Vpn )
Ipsec And Ssl Protocols ( Vpn )
Monique Jones
 
Onlinesecurityrecomendations2014 141230081030-conversion-gate02
Onlinesecurityrecomendations2014 141230081030-conversion-gate02Onlinesecurityrecomendations2014 141230081030-conversion-gate02
Onlinesecurityrecomendations2014 141230081030-conversion-gate02
amiinaaa
 
Ethical Hacking & Network Security
Ethical Hacking & Network Security Ethical Hacking & Network Security
Ethical Hacking & Network Security
Lokender Yadav
 
The life of breached data and the attack lifecycle
The life of breached data and the attack lifecycleThe life of breached data and the attack lifecycle
The life of breached data and the attack lifecycle
Jarrod Overson
 
Source Code and Admin Password Shared on Public Site by Developer
Source Code and Admin Password Shared on Public Site by DeveloperSource Code and Admin Password Shared on Public Site by Developer
Source Code and Admin Password Shared on Public Site by Developer
Digital Shadows
 
OlgerHoxha_Thesis_Final
OlgerHoxha_Thesis_FinalOlgerHoxha_Thesis_Final
OlgerHoxha_Thesis_Final
Olger Hoxha, CISSP CISM
 
An Introduction To IT Security And Privacy In Libraries & Anywhere
An Introduction To IT Security And Privacy In Libraries & AnywhereAn Introduction To IT Security And Privacy In Libraries & Anywhere
An Introduction To IT Security And Privacy In Libraries & Anywhere
Blake Carver
 
Password Cracking
Password CrackingPassword Cracking
Password Cracking
Sagar Verma
 

Similar to So whats in a password (20)

Password and Account Management Strategies - April 2019
Password and Account Management Strategies - April 2019Password and Account Management Strategies - April 2019
Password and Account Management Strategies - April 2019
 
Correcthorsebatterystaple dwsg 07 09-13
Correcthorsebatterystaple dwsg 07 09-13Correcthorsebatterystaple dwsg 07 09-13
Correcthorsebatterystaple dwsg 07 09-13
 
Cybersecurity for Marketing
Cybersecurity for Marketing Cybersecurity for Marketing
Cybersecurity for Marketing
 
Ethical_Hacking_ppt
Ethical_Hacking_pptEthical_Hacking_ppt
Ethical_Hacking_ppt
 
Cyber security awareness presentation nepal
Cyber security awareness presentation nepalCyber security awareness presentation nepal
Cyber security awareness presentation nepal
 
Iron Bastion: How to Manage Your Clients' Data Responsibly
Iron Bastion: How to Manage Your Clients' Data ResponsiblyIron Bastion: How to Manage Your Clients' Data Responsibly
Iron Bastion: How to Manage Your Clients' Data Responsibly
 
Info Session on Cybersecurity & Cybersecurity Study Jams
Info Session on Cybersecurity & Cybersecurity Study JamsInfo Session on Cybersecurity & Cybersecurity Study Jams
Info Session on Cybersecurity & Cybersecurity Study Jams
 
How To Keep the Grinch From Ruining Your Cyber Monday
How To Keep the Grinch From Ruining Your Cyber MondayHow To Keep the Grinch From Ruining Your Cyber Monday
How To Keep the Grinch From Ruining Your Cyber Monday
 
Computer Hacking - An Introduction
Computer Hacking - An IntroductionComputer Hacking - An Introduction
Computer Hacking - An Introduction
 
Cyber Safety 101
Cyber Safety 101Cyber Safety 101
Cyber Safety 101
 
Social and Mobile and Cloud OH MY!
Social and Mobile and Cloud OH MY!Social and Mobile and Cloud OH MY!
Social and Mobile and Cloud OH MY!
 
How to hack or what is ethical hacking
How to hack or what is ethical hackingHow to hack or what is ethical hacking
How to hack or what is ethical hacking
 
Ipsec And Ssl Protocols ( Vpn )
Ipsec And Ssl Protocols ( Vpn )Ipsec And Ssl Protocols ( Vpn )
Ipsec And Ssl Protocols ( Vpn )
 
Onlinesecurityrecomendations2014 141230081030-conversion-gate02
Onlinesecurityrecomendations2014 141230081030-conversion-gate02Onlinesecurityrecomendations2014 141230081030-conversion-gate02
Onlinesecurityrecomendations2014 141230081030-conversion-gate02
 
Ethical Hacking & Network Security
Ethical Hacking & Network Security Ethical Hacking & Network Security
Ethical Hacking & Network Security
 
The life of breached data and the attack lifecycle
The life of breached data and the attack lifecycleThe life of breached data and the attack lifecycle
The life of breached data and the attack lifecycle
 
Source Code and Admin Password Shared on Public Site by Developer
Source Code and Admin Password Shared on Public Site by DeveloperSource Code and Admin Password Shared on Public Site by Developer
Source Code and Admin Password Shared on Public Site by Developer
 
OlgerHoxha_Thesis_Final
OlgerHoxha_Thesis_FinalOlgerHoxha_Thesis_Final
OlgerHoxha_Thesis_Final
 
An Introduction To IT Security And Privacy In Libraries & Anywhere
An Introduction To IT Security And Privacy In Libraries & AnywhereAn Introduction To IT Security And Privacy In Libraries & Anywhere
An Introduction To IT Security And Privacy In Libraries & Anywhere
 
Password Cracking
Password CrackingPassword Cracking
Password Cracking
 

More from Rob Gillen

CodeStock14: Hiding in Plain Sight
CodeStock14: Hiding in Plain SightCodeStock14: Hiding in Plain Sight
CodeStock14: Hiding in Plain Sight
Rob Gillen
 
What's in a password
What's in a password What's in a password
What's in a password
Rob Gillen
 
How well do you know your runtime
How well do you know your runtimeHow well do you know your runtime
How well do you know your runtime
Rob Gillen
 
Software defined radio and the hacker
Software defined radio and the hackerSoftware defined radio and the hacker
Software defined radio and the hacker
Rob Gillen
 
Hiding in plain sight
Hiding in plain sightHiding in plain sight
Hiding in plain sight
Rob Gillen
 
ETCSS: Into the Mind of a Hacker
ETCSS: Into the Mind of a HackerETCSS: Into the Mind of a Hacker
ETCSS: Into the Mind of a Hacker
Rob Gillen
 
DevLink - WiFu: You think your wireless is secure?
DevLink - WiFu: You think your wireless is secure?DevLink - WiFu: You think your wireless is secure?
DevLink - WiFu: You think your wireless is secure?
Rob Gillen
 
You think your WiFi is safe?
You think your WiFi is safe?You think your WiFi is safe?
You think your WiFi is safe?
Rob Gillen
 
Anatomy of a Buffer Overflow Attack
Anatomy of a Buffer Overflow AttackAnatomy of a Buffer Overflow Attack
Anatomy of a Buffer Overflow Attack
Rob Gillen
 
Intro to GPGPU with CUDA (DevLink)
Intro to GPGPU with CUDA (DevLink)Intro to GPGPU with CUDA (DevLink)
Intro to GPGPU with CUDA (DevLink)
Rob Gillen
 
AWS vs. Azure
AWS vs. AzureAWS vs. Azure
AWS vs. Azure
Rob Gillen
 
A Comparison of AWS and Azure - Part2
A Comparison of AWS and Azure - Part2A Comparison of AWS and Azure - Part2
A Comparison of AWS and Azure - Part2
Rob Gillen
 
A Comparison of AWS and Azure - Part 1
A Comparison of AWS and Azure - Part 1A Comparison of AWS and Azure - Part 1
A Comparison of AWS and Azure - Part 1
Rob Gillen
 
Intro to GPGPU Programming with Cuda
Intro to GPGPU Programming with CudaIntro to GPGPU Programming with Cuda
Intro to GPGPU Programming with Cuda
Rob Gillen
 
Scaling Document Clustering in the Cloud
Scaling Document Clustering in the CloudScaling Document Clustering in the Cloud
Scaling Document Clustering in the Cloud
Rob Gillen
 
Hands On with Amazon Web Services (StirTrek)
Hands On with Amazon Web Services (StirTrek)Hands On with Amazon Web Services (StirTrek)
Hands On with Amazon Web Services (StirTrek)
Rob Gillen
 
Amazon Web Services for the .NET Developer
Amazon Web Services for the .NET DeveloperAmazon Web Services for the .NET Developer
Amazon Web Services for the .NET Developer
Rob Gillen
 
05561 Xfer Research 02
05561 Xfer Research 0205561 Xfer Research 02
05561 Xfer Research 02
Rob Gillen
 
05561 Xfer Research 01
05561 Xfer Research 0105561 Xfer Research 01
05561 Xfer Research 01
Rob Gillen
 
05561 Xfer Consumer 01
05561 Xfer Consumer 0105561 Xfer Consumer 01
05561 Xfer Consumer 01
Rob Gillen
 

More from Rob Gillen (20)

CodeStock14: Hiding in Plain Sight
CodeStock14: Hiding in Plain SightCodeStock14: Hiding in Plain Sight
CodeStock14: Hiding in Plain Sight
 
What's in a password
What's in a password What's in a password
What's in a password
 
How well do you know your runtime
How well do you know your runtimeHow well do you know your runtime
How well do you know your runtime
 
Software defined radio and the hacker
Software defined radio and the hackerSoftware defined radio and the hacker
Software defined radio and the hacker
 
Hiding in plain sight
Hiding in plain sightHiding in plain sight
Hiding in plain sight
 
ETCSS: Into the Mind of a Hacker
ETCSS: Into the Mind of a HackerETCSS: Into the Mind of a Hacker
ETCSS: Into the Mind of a Hacker
 
DevLink - WiFu: You think your wireless is secure?
DevLink - WiFu: You think your wireless is secure?DevLink - WiFu: You think your wireless is secure?
DevLink - WiFu: You think your wireless is secure?
 
You think your WiFi is safe?
You think your WiFi is safe?You think your WiFi is safe?
You think your WiFi is safe?
 
Anatomy of a Buffer Overflow Attack
Anatomy of a Buffer Overflow AttackAnatomy of a Buffer Overflow Attack
Anatomy of a Buffer Overflow Attack
 
Intro to GPGPU with CUDA (DevLink)
Intro to GPGPU with CUDA (DevLink)Intro to GPGPU with CUDA (DevLink)
Intro to GPGPU with CUDA (DevLink)
 
AWS vs. Azure
AWS vs. AzureAWS vs. Azure
AWS vs. Azure
 
A Comparison of AWS and Azure - Part2
A Comparison of AWS and Azure - Part2A Comparison of AWS and Azure - Part2
A Comparison of AWS and Azure - Part2
 
A Comparison of AWS and Azure - Part 1
A Comparison of AWS and Azure - Part 1A Comparison of AWS and Azure - Part 1
A Comparison of AWS and Azure - Part 1
 
Intro to GPGPU Programming with Cuda
Intro to GPGPU Programming with CudaIntro to GPGPU Programming with Cuda
Intro to GPGPU Programming with Cuda
 
Scaling Document Clustering in the Cloud
Scaling Document Clustering in the CloudScaling Document Clustering in the Cloud
Scaling Document Clustering in the Cloud
 
Hands On with Amazon Web Services (StirTrek)
Hands On with Amazon Web Services (StirTrek)Hands On with Amazon Web Services (StirTrek)
Hands On with Amazon Web Services (StirTrek)
 
Amazon Web Services for the .NET Developer
Amazon Web Services for the .NET DeveloperAmazon Web Services for the .NET Developer
Amazon Web Services for the .NET Developer
 
05561 Xfer Research 02
05561 Xfer Research 0205561 Xfer Research 02
05561 Xfer Research 02
 
05561 Xfer Research 01
05561 Xfer Research 0105561 Xfer Research 01
05561 Xfer Research 01
 
05561 Xfer Consumer 01
05561 Xfer Consumer 0105561 Xfer Consumer 01
05561 Xfer Consumer 01
 

Recently uploaded

HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAUHCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
panagenda
 
How to use Firebase Data Connect For Flutter
How to use Firebase Data Connect For FlutterHow to use Firebase Data Connect For Flutter
How to use Firebase Data Connect For Flutter
Daiki Mogmet Ito
 
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
Neo4j
 
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
Neo4j
 
Building Production Ready Search Pipelines with Spark and Milvus
Building Production Ready Search Pipelines with Spark and MilvusBuilding Production Ready Search Pipelines with Spark and Milvus
Building Production Ready Search Pipelines with Spark and Milvus
Zilliz
 
GraphRAG for Life Science to increase LLM accuracy
GraphRAG for Life Science to increase LLM accuracyGraphRAG for Life Science to increase LLM accuracy
GraphRAG for Life Science to increase LLM accuracy
Tomaz Bratanic
 
Essentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FMEEssentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FME
Safe Software
 
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with SlackLet's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
shyamraj55
 
HCL Notes and Domino License Cost Reduction in the World of DLAU
HCL Notes and Domino License Cost Reduction in the World of DLAUHCL Notes and Domino License Cost Reduction in the World of DLAU
HCL Notes and Domino License Cost Reduction in the World of DLAU
panagenda
 
Video Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the FutureVideo Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the Future
Alpen-Adria-Universität
 
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
Edge AI and Vision Alliance
 
Introduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - CybersecurityIntroduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - Cybersecurity
mikeeftimakis1
 
Artificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopmentArtificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopment
Octavian Nadolu
 
20240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 202420240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 2024
Matthew Sinclair
 
Serial Arm Control in Real Time Presentation
Serial Arm Control in Real Time PresentationSerial Arm Control in Real Time Presentation
Serial Arm Control in Real Time Presentation
tolgahangng
 
Presentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of GermanyPresentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of Germany
innovationoecd
 
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdfUni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems S.M.S.A.
 
Mind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AIMind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AI
Kumud Singh
 
Programming Foundation Models with DSPy - Meetup Slides
Programming Foundation Models with DSPy - Meetup SlidesProgramming Foundation Models with DSPy - Meetup Slides
Programming Foundation Models with DSPy - Meetup Slides
Zilliz
 
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
Neo4j
 

Recently uploaded (20)

HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAUHCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
 
How to use Firebase Data Connect For Flutter
How to use Firebase Data Connect For FlutterHow to use Firebase Data Connect For Flutter
How to use Firebase Data Connect For Flutter
 
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
 
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
 
Building Production Ready Search Pipelines with Spark and Milvus
Building Production Ready Search Pipelines with Spark and MilvusBuilding Production Ready Search Pipelines with Spark and Milvus
Building Production Ready Search Pipelines with Spark and Milvus
 
GraphRAG for Life Science to increase LLM accuracy
GraphRAG for Life Science to increase LLM accuracyGraphRAG for Life Science to increase LLM accuracy
GraphRAG for Life Science to increase LLM accuracy
 
Essentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FMEEssentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FME
 
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with SlackLet's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
 
HCL Notes and Domino License Cost Reduction in the World of DLAU
HCL Notes and Domino License Cost Reduction in the World of DLAUHCL Notes and Domino License Cost Reduction in the World of DLAU
HCL Notes and Domino License Cost Reduction in the World of DLAU
 
Video Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the FutureVideo Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the Future
 
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
 
Introduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - CybersecurityIntroduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - Cybersecurity
 
Artificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopmentArtificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopment
 
20240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 202420240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 2024
 
Serial Arm Control in Real Time Presentation
Serial Arm Control in Real Time PresentationSerial Arm Control in Real Time Presentation
Serial Arm Control in Real Time Presentation
 
Presentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of GermanyPresentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of Germany
 
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdfUni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdf
 
Mind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AIMind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AI
 
Programming Foundation Models with DSPy - Meetup Slides
Programming Foundation Models with DSPy - Meetup SlidesProgramming Foundation Models with DSPy - Meetup Slides
Programming Foundation Models with DSPy - Meetup Slides
 
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
 

So whats in a password

  • 1. So, What’s in a Password? Rob Gillen @argodev This work is licensed under a Creative Commons Attribution 3.0 License.
  • 2. Don’t Be Stupid The following presentation describes real attacks on real systems. Please note that most of the attacks described would be considered ILLEGAL if attempted on machines that you do not have explicit permission to test and attack. I assume no responsibility for any actions you perform based on the content of this presentation or subsequent conversations. Please remember this basic guideline: With knowledge comes responsibility.
  • 3. Disclaimer The content of this presentation represents my personal views and thoughts at the present time. This content is not endorsed by, or representative in any way of my employer nor is it intended to be a view into my work or a reflection on the type of work that I or my group performs. It is simply a hobby and personal interest and should be considered as such.
  • 5. Pixel Federation In December 2013, a breach of the webbased game community based in Slovakia exposed over 38,000 accounts which were promptly posted online. The breach included email addresses and unsalted MD5 hashed passwords, many of which were easily converted back to plain text. http://haveibeenpwned.com/
  • 6. Vodafone In November 2013, Vodafone in Iceland suffered an attack attributed to the Turkish hacker collective "Maxn3y". The data was consequently publicly exposed and included user names, email addresses, social security numbers, SMS message, server logs and passwords from a variety of different internal sources. http://haveibeenpwned.com/
  • 7. Adobe The big one. In October 2013, 153 million accounts were breached with each containing an internal ID, username, email, encrypted password and a password hint in plain text. The password cryptography was poorly done and many were quickly resolved back to plain text. The unencrypted hints also disclosed much about the passwords adding further to the risk that hundreds of millions of Adobe customers already faced. http://haveibeenpwned.com/
  • 8. Twitter February 2013 - This week, we detected unusual access patterns that led to us identifying unauthorized access attempts to Twitter user data. We discovered one live attack and were able to shut it down in process moments later. However, our investigation has thus far indicated that the attackers may have had access to limited user information – usernames, email addresses, session tokens and encrypted/salted versions of passwords – for approximately 250,000 users. https://blog.twitter.com/2013/keeping-our-users-secure
  • 9. More… • cvideo.co.il – 10/15/2013 – 3,339 • http://hackread.com/iranian-hackers-hack-israeli-job-site/ • penangmarathon.gov.my – 10/8/2013 – 1,387 • http://www.cyberwarnews.info/2013/10/07/45000-penang-marathonparticipants-personal-details-leaked/ • tomsawyer.com – 10/6/2013 – 57,462 • http://www.cyberwarnews.info/2013/10/07/software-company-tomsawyer-hacked-61000-vendors-accounts-leaked/ • ahashare.com – 10/3/2013 – 169,874 • http://www.cyberwarnews.info/2013/10/04/ahashare-com-hackedcomplete-database-with-190-000-user-credentials-leaked/ • Unknown Israeli website – 7/30/2013 – 26,064 • http://hackread.com/opizzah-opisrael-phr0zenmyst-claims-to-leaklogin-details-of-33895-israelis/ • UK emails – 7/17/2013 – 8,002 • http://www.techworm.in/2013/07/more-than-15000-emails-usernameand.html https://shouldichangemypassword.com/all-sources.php
  • 10. More… • UK emails (part 2) – 7/17/2013 – 7,514 • http://www.techworm.in/2013/07/more-than-15000-emails-usernameand.html • http://www.pakistanintelligence.com – 5/27/2013 – 75,942 • http://www.ehackingnews.com/2013/05/pakistan-intelligence-jobboard-website.html • McDonalds Taiwan – 3/27/2013 – 185,620 • http://www.cyberwarnews.info/2013/03/28/official-mcdonaldsaustria-taiwan-korea-hacked-over-200k-credentials-leaked/ • karjera.ktu.lt – 3/14/2013 – 14,133 • http://www.cyberwarnews.info/2013/03/14/14000-student-credentialsleaked-from-ktu-career-center-lithuania/ • avadas.de – 3/9/2013 – 3,344 • http://hackread.com/avast-germany-website-hacked-defaced-20000user-accounts-leaked-by-maxney/ • angloplatinum.co.za – 3/5/2013 – 7,967 • http://thehackernews.com/2013/03/worlds-largest-platinum-producerhacked.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Fee d%3A+TheHackersNews+(The+Hackers+News+-+Security+Blog)#_ https://shouldichangemypassword.com/all-sources.php
  • 11. More… • angloplatinum.com – 3/5/2013 – 723 • http://thehackernews.com/2013/03/worlds-largest-platinum-producerhacked.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Fee d%3A+TheHackersNews+(The+Hackers+News+-+Security+Blog)#_ • Walla.co.il – 2/19/2013 – 531,526 • http://www.haaretz.com/news/national/anonymous-activists-hackinto-600-000-israeli-email-accounts.premium-1.504093 • Bank Executives – 2/4/2013 – 4,596 • http://www.zdnet.com/anonymous-posts-over-4000-u-s-bank-executivecredentials-7000010740/ • bee-network.co.za – 1/29/2013 – 81 • http://www.ehackingnews.com/2013/01/projectsunrise-teamghostshell-leaked.html • omni-id.com – 1/29/2013 – 1,151 • http://www.ehackingnews.com/2013/01/projectsunrise-teamghostshell-leaked.html • moolmans.com – 1/29/2013 – 117 • http://www.ehackingnews.com/2013/01/projectsunrise-teamghostshell-leaked.html https://shouldichangemypassword.com/all-sources.php
  • 12. More… • servicedesk.ufs.ac.za – 1/29/2013 – 3,952 • http://www.ehackingnews.com/2013/01/projectsunrise-teamghostshell-leaked.html • servicedesk.ufs.ac.za (part 2) – 1/29/2013 – 355 • http://www.ehackingnews.com/2013/01/projectsunrise-teamghostshell-leaked.html • westcol.co.za – 1/29/2013 – 99 • http://www.ehackingnews.com/2013/01/projectsunrise-teamghostshell-leaked.html • digital.postnet.co.za – 1/29/2013 – 45,245 • http://www.ehackingnews.com/2013/01/projectsunrise-teamghostshell-leaked.html • French Chamber of Commerce – 1/29/2013 – 515 • http://news.softpedia.com/news/French-Chamber-of-Commerceand-Industry-Portal-Hacked-by-Tunisian-Cyber-Army324716.shtml https://shouldichangemypassword.com/all-sources.php
  • 13. Types of Attacks • Algorithm Weaknesses • Implementation Weaknesses • Dictionary Attacks • Brute-Force Attacks • Mask Attacks
  • 14. Algorithmic Weaknesses • Collision, Second Pre-Image, Pre-Image • Confirmed: • GOST, HAVAL, MD2, MD4, MD5, PANAMA, RadioGatun, RIPEMD, RIPEMD-160, SHA-0, SHA-1, Tiger(2) – 192/160/128, WHIRLPOOL • Theoretical: • SHA-256/224 • SHA-512/384 http://en.wikipedia.org/wiki/Cryptographic_hash_function
  • 15. Account Hashes • Windows Hash • EAD0CC57DDAAE50D876B7DD6386FA9C7 • Linux Hash • $6$OeKR9qBnzym.Q.VO$hM3uL03hmR4ZqAME/8Ol. xWGYAmVdpi3S4hWGLeugaKNj/HLzQPTz7FhjATYO/ KXCNHZ8P7zJDi2HHb1K.xfE.
  • 16. File Encryption • MS Office • PDFs • Zip/7z/rar • TrueCrypt
  • 18. How do they work? • Known file-format/implementation weakness • Header data to indicate encryption • Type, keylength, etc. • Often some small portion to decrypt/validate • How is it that changing encryption keys is fast? • Your key encrypts “real” key
  • 20. Password Guessing char string1[maxPassLength + 1]; char alphanum[63] = "ABCDEFGHIJKLMNOPQRSTUVWXYZ" "abcdefghijklmnopqrstuvwxyz" "0123456789"; for 0  maxLength for each char in alphanum…
  • 21. Slightly Better… int min = 8; int max = 12; char[] valid = "ABCDEFGHIJKLMNOPQRSTUVWXYZ" "abcdefghijklmnopqrstuvwxyz" "0123456789"; # # # # known rules first & last must be char no consecutive-ordered chars/nums no repeated chars/nums
  • 22. DEMO: Cracking a Windows Hash With oclHashCat
  • 23. Image courtesy of xkcd.com (http://imgs.xkcd.com/comics/password_strength.png)
  • 24. (more) Intelligent Password Guessing • What do people usually use? • What can we do to reduce the set of possibilities? • Cull terms/domain knowledge from relevant data • Dating sites, religious sites, others Best: Already used/real-world passwords
  • 25. Determine your goals • Cracking a single, specific pwd? • Cracking a large % of an “acquired set”?
  • 26. • Mark Burnett, author of Perfect Passwords • List of 6,000,000, culled down to 10,000 most frequently used • Top 10,000 passwords are used by 98.8% of all users • 2,342,603 (that’s 99.6%) unique passwords remaining that are in use by only .18% of users! https://xato.net/passwords/more-top-worst-passwords/
  • 27. • Lots of lists…
  • 29. PACK • Password Analysis and Cracking Toolkit • Peter Kacherginsky, PasswordCon, 7/30-7/31 • Intelligent cycle of cracking, analysis, rule generation http://thesprawl.org/projects/pack/
  • 30. Statistical Analysis • Password Length Analysis • Character Set Analysis • Word Mangling Analysis
  • 33. Advanced Analytics • Levenshtein Edit Distance http://en.wikipedia.org/wiki/Levenshtein_distance
  • 34. Levenshtein Edit Distance • Minimum number of changes required to change one string into another • Measure distance b/t actual words and cracked list to optimize the word mangling rules • i.e. XX% of words can be achieved with Levenshtein edit distance of <=2 • Only gen rules that match http://www.let.rug.nl/~kleiweg/lev/ http://www.kurzhals.info/static/samples/levenshtein_distance/
  • 35. What if I don’t have your Password? • Pass the Hash • Demo • But We use Smart Cards!?
  • 36. Avoidance Techniques • Don’t use “monkey” • Don’t reuse “monkey” • If you must use monkey, require something else as well • Salt is good • Your own salt is better • Utilize memory-hard algorithms • Utilize multiple iterations (a lot) • Your username is half of the equation
  • 37. References • http://haveibeenpwned.com/ • https://lastpass.com/adobe/ • https://lastpass.com/linkedin/ • https://lastpass.com/lastfm/ • https://shouldichangemypassword.com/al l-sources.php