Cracking passwords
How to Defend against Password Cracking? Best practices to protect against password cracking include:
Enable information security audit to monitor and track password attacks Do not use the same password during password change Do not share passwords Do not use passwords that can be found in a dictionary Do not use cleartext protocols and protocols with weak encryption Set the password change policy to 30 days Avoid storing passwords in an unsecured location Do not use any system's default passwords Make passwords hard to guess by using 8 to 12 alphanumeric characters, using a combination of uppercase and lowercase letters, numbers, and symbols. Strong passwords are hard to guess. The more complex the password, the less it is subject to attacks. Ensure that applications neither store passwords to memory nor write them to disk in clear text. Passwords are always vulnerable to theft if they are stored in memory. Once the password becomes known, it is very easy for attackers to escalate their rights in the application. Use a random string (salt) as a password prefix or suffix before encrypting. It nullifies pre-computation and memorization. Because salt is usually different for each individual, it is impractical for attackers to construct tables with a single encrypted version of each candidate password. UNIX systems usually use a 12-bit set. Enable SYSKEY with a strong password to encrypt and protect the SAM database. Usually, the password information of user accounts is stored in the SAM database. It is very easy for password-cracking software to target the SAM database for accessing passwords. SYSKEY protects password information stored in the SAM data against password-cracking software through strong encryption techniques. It is more difficult to crack encrypted passwords than unencrypted ones. Never use personal information (e.g., birth date, or a spouse's, child's, or pet's name) to create passwords. Otherwise, it becomes quite easy for those close to you to crack those passwords. Monitor the server's logs for brute-force attacks on user accounts. Though brute-force attacks are difficult to stop, they are easily detectable by monitoring the web server log. For each unsuccessful login attempt, an HTTP 401 status code is recorded in the web server logs. Lock out an account that has been subjected to too many incorrect password guesses. This provides protection against brute-force and guessing attacks. Many password sniffers can be successful if LAN manager and NTLM authentication are used. Disable LAN manager and NTLM authentication protocols only after making sure that it does not affect the network. Perform a periodic audit of passwords in the organization. Check any suspicious application that stores passwords in memory or writes them to disk. Unpatched systems can reset passwords during buffer overflow or Denial of Service attacks. Make sure to update the system. Examine whether the account is in use, deleted or disabled. Disable the user account if multiple failed login attempts are detected. Enable account lockout with a certain number of attempts, counter time, and lockout duration. One of the most effective ways to manage passwords in organizations is to set an automated password reset. Make the system BIOS password-protected, particularly on devices that are susceptible to physical threats, such as servers and laptops.
Steps involved in LLMNR/NBT-NS poisoning:
1. User sends a request to connect to the data sharing system, \\DataServer which she mistakenly typed as \\DtaServr. 2. The \\DataServer responds to the user saying that it does not know the host named \\DtaServr. 3. The user then performs LLMNR/NBT-NS broadcast to find out if anyone in the network knows the host name\\DtaServr. 4. The attacker replies to the user saying that it is \\DataServer and accepts user NTLMv2 hash and responds to the user with an error.
Distributed Network Attack
A Distributed Network Attack (DNA) is a technique used for recovering password-protected files that utilizes the unused processing power of machines across the network to decrypt passwords. In this attack, an attacker installs a DNA manager in a central location where machines running DNA clients can access it over a network. The DNA manager coordinates the attack, assigning small portions of the key search to machines distributed throughout the network. The DNA client runs in the background, only taking unused processor time. The program combines the processing capabilities of all the clients connected to the network and uses it to crack the password. Features of the DNA: o Reads statistics and graphs easily o Adds user dictionaries to crack the password o Optimizes password attacks for specific languages o Modifies the user dictionaries o Comprises the stealth client installation functionality o Automatically updates client while updating the DNA server.
Kerberos Authentication
Kerberos is a network authentication protocol that provides strong authentication for client/server applications by using secret-key cryptography, which provides a mutual authentication. Both the server and the user verify each other's identity. Messages sent through the Kerberos protocol are protected against replay attacks and eavesdropping. Kerberos makes use of the Key Distribution Center (KDC), a trusted third party, and consists of two logically distinct parts: an Authentication server (AS) and a Ticket Granting Server (TGS). The authorization mechanism of Kerberos provides the user with a Ticket Granting Ticket (TGT) that serves post-authentication for later access to specific services, Single Sign-On by which the user need not re-enter the password again for accessing any authorized services. It is important to note that there is no direct communication between the application servers and Key Distribution Center (KDC); the service tickets, even if packed by TGS, reach the service only through the client willing to access them.
LLMNR/NBT-NS Poisoning
LLMNR (Link Local Multicast Name Resolution) and NBT-NS (NetBIOS Name Service) are two main elements of Windows operating systems used in order to perform name resolution for hosts present on the same link. These services are enabled by default in Windows operating systems. When the DNS server fails in an attempt to resolve name queries, the host performs an unauthenticated UDP broadcast asking all the hosts if anyone has a name that it is looking for. Due to the fact that the host trying to connect is following an unauthenticated and broadcast process, it becomes easy for an attacker to passively listen to a network for LLMNR (UDP port 5355) and NBT-NS (UDP port 137) broadcasts, and respond to the request pretending to be a target host. After accepting a connection with a host, the attacker can make use of tools such as Responder.py or Metasploit to forward the request to a rogue server (For instance TCP: 137) to perform an authentication process. During the authentication process the attacker sends an NTLMv2 hash to the rogue server which was obtained from the host trying to authenticate itself. This hash is stored in a disk and can be cracked using offline hash cracking tools such as hashcat or John the ripper. Once cracked, those credentials can be used to log in to get an access to the legitimate host system.
NTLM Authentication Process
NTLM includes three methods of challenge-response authentication: LM, NTLMv1, and NTLMv2, all of which use the same technique for the authentication process. The only difference among them is the level of encryption. In NTLM authentication, the client and server negotiate an authentication protocol. This is accomplished through the Microsoft negotiated Security Support Provider (SSP). The following steps demonstrate the process and the flow of the client authentication to a domain controller using any NTLM protocol: The client types the user name and password into the logon window. Windows runs the password through a hash algorithm and generates a hash for the password that has been entered in the logon window. The client computer sends a login request along with domain name to the domain controller. The domain controller generates a 16-byte random character string called a "nonce" and sends it to the client computer. The client computer encrypts the nonce with a hash of the user password and sends it back to the domain controller. The domain controller retrieves the hash of the user password from the SAM and uses it to encrypt the nonce. The domain controller then compares the encrypted value with the value received from the client. A matching value authenticates the client and the logon is successful. Note: Microsoft has upgraded its default authentication protocol to Kerberos, which provides a stronger authentication for client/server applications than NTLM.
Types of Password Attacks
Password cracking is one of the crucial stages of system hacking. Password cracking mechanisms often exploit otherwise legal means to gain unauthorized system access, such as recovering a user's forgotten password. Classification of password attacks depends on attackers' actions, which are typically one of four types: Non-Electronic Attacks: This is probably the attacker's first attempt at gaining target system passwords. Non-electronic or non-technical attacks do not require any technical knowledge about hacking or system exploitation. Therefore, this is a non-electronic attack. Techniques used to perform non-electronic attacks include shoulder surfing, social engineering, dumpster diving, etc. Active Online Attacks: This is one of the easiest ways to gain unauthorized administrator-level system access. An attacker needs to communicate with target machines to gain password access. Techniques used by the attacker to perform active online attacks include password guessing, dictionary and brute forcing attack, hash injection, phishing, LLMNR/NBT-NS Poisoning, using Trojan/spyware/keyloggers, etc. Passive Online Attacks: A passive attack is a system attack that does not result in a change to the system in any way. In this attack, the attacker does not need to communicate with the system. Instead, he/she passively monitors or records the data passing over the communication channel to and from the system. The attacker then uses the observed data to break into the system. Techniques used to perform passive online attacks include wire sniffing, man-in-the-middle attack, replay attack, etc. Offline Attacks: Offline attack refers to password attacks where an attacker tries to recover clear text passwords from a password hash dump. Offline attacks are often time consuming, but can be successful, as password hashes can be reversed due to their smaller keyspace and shorter length. Attackers use pre-computed hashes from rainbow tables to perform offline and distributed network attack.
Password Salting
Password salting is a technique where random strings of characters are added to the password before calculating their hashes. This makes it more difficult to reverse the hashes and defeats pre-computed hash attacks. The longer the random string, the harder it becomes to break or crack the password. The random string of characters should be a combination of alphanumeric characters. In cryptography, a "salt" consists of random data bits used as an input to a one-way function, the other being a password. Instead of passwords, the output of the one-way function can be stored and used to authenticate users. A salt combines with a password by a key derivation function to generate a key for use with a cipher or other cryptographic algorithm. This technique generates different hashes for the same password. This makes cracking the passwords difficult.
fgdump
Source: http://foofus.net Fgdump is a utility for dumping passwords on Windows NT/2000/XP/2003/Vista machines. It comes with built-in functionality that has all the capabilities of PWdump and can do a number of other crucial things such as execute a remote executable and dump the protected storage to a remote or local host, as well as grab cached credentials. Example: fgdump.exe -h 192.168.0.10 -u AnAdministrativeUser -p l4mep4ssw0rd.
ophcrack
Source: http://ophcrack.sourceforge.net ophcrack is a Windows password cracking tool that uses rainbow tables for cracking passwords. It comes with a graphical user interface and runs on different operating systems such as Windows, Linux/Unix, etc. Features: o Cracks LM and NTLM hashes o Brute-force module for simple passwords o Real-time graphs to analyze the passwords o Dumps and loads hashes from encrypted SAM recovered from a Windows partition.
rtgen
Source: http://project-rainbowcrack.com RainbowCrack is a general propose implementation that takes advantage of the time-memory trade-off technique to crack hashes. This project allows you to crack a hashed password. The rtgen tool of this project helps to generate the rainbow tables. The rtgen program needs several parameters to generate a rainbow table. The syntax of the command line is: Syntax: rtgen hash_algorithm charset plaintext_len_min plaintext_len_max table_index chain_len chain_num part_index.
RainbowCrack
Source: http://project-rainbowcrack.com RainbowCrack cracks hashes with rainbow tables, using a time-memory tradeoff algorithm. A traditional brute-force cracker cracks hashes differently than a time-memory-tradeoff hash cracker. The brute-force hash cracker will try all possible plaintexts one by one during cracking, whereas RainbowCrack pre-computes all possible plaintext hash pairs in the selected hash algorithm, charset, and plaintext length in advance and stores them in the "rainbow table" file. It may take a long time to pre-compute the tables, but once the pre-computation is finished, you will be able to crack the cipher text in the rainbow tables easily and quickly. Features: o Runs on Windows and Linux operating systems o Provides full time-memory tradeoff tool suites including rainbow table generation, sort, conversion, and lookup o Offers Unified rainbow table file format on all supported operating systems o Includes command-line user interface and Graphical user interface o Supports computation on multi-core processor o Supports rainbow table • For LM, NTLM, MD5 and SHA1 hash algorithms • In raw file format (.rt) and compact file format (.rtc) of any charset.
L0phtCrack
Source: http://www.l0phtcrack.com L0phtCrack is a tool designed to audit password and recover applications. It recovers lost Microsoft Windows passwords with the help of dictionary, hybrid, rainbow table, and brute-force attacks, and it also checks the strength of the password. LOphtCrack helps to disclose the security defects that are inherent in windows password authentication system. Some of its important features include scheduling, hash extraction from 64-bit Windows versions, multiprocessor algorithms, and networks monitoring and decoding. Features: o Operates on networks with Windows systems, including 32-and 64-bit environments, as well as most BSD and Linux variants with an SSH daemon o Performs scheduled scans depending on the organization's auditing requirements o Offers remediation assistance to system administrators on how to take action against accounts that have poor passwords on Windows systems o Provides better user interface with more information about each user account, including password age, lock-out status, and whether the account is disabled, expired, or never expires o Displays real-time reports in a separate, tabbed interface and displays auditing results based on the auditing method, risk severity, and password character sets o Displays password risk status in four different categories: Empty, High Risk, Medium Risk, and Low Risk o Reports the completion of the various password character sets being audited, including, Alpha, Alphanumeric, Alphanumeric/Symbol, Alphanumeric/Symbol/International o Reports the overall length of the discovered password by account o Delivers summary report of password statistics such as Locked, Disabled, Expired, or if the password is older than 180 days o Delivers audit summary for the number of Accounts cracked and the number of Domains audited o Cracks foreign passwords using foreign character sets for brute-force attacks, as well as foreign dictionary files.
Responder
Source: https://github.com Responder an LLMNR, NBT-NS and MDNS poisoner. It responds to specific NBT-NS (NetBIOS Name Service) queries based on their name suffix. By default, the tool only responds to a File Server Service request, which is for SMB. Features: • Built-in SMB Auth server, MSSQL Auth server, HTTP and HTTPs Auth server, HTTPS Auth server, LDAP Auth server • Built-in FTP, POP3, IMAP, SMTP Auth servers • ICMP Redirect • Rogue DHCP.
Elcomsoft Distributed Password Recovery
Source: https://www.elcomsoft.com The Elcomsoft Distributed Password Recovery application allows attackers to break complex passwords, production environment. recover strong encryption keys, and unlock documents in a It allows for the execution of mathematically intensive password recovery code on the parallel computational elements found in modern graphic accelerators by employing an innovative technology to accelerate password recovery, when a compatible ATI or NVIDIA graphics card is present in addition to the CPU-only mode. When compared to password recovery methods that use only the computer's main CPU, the GPU acceleration used by this technology makes password recovery faster. This in turn supports password recovery using a variety of applications and file formats.
pwdump7
Source: https://www.tarasco.org pwdump7 is an application that dumps the password hashes (One Way Functions or OWFs) from NT's SAM database. pwdump extracts LM and NTLM password hashes of local user accounts from the Security Account Manager (SAM) database. This application or tool runs by extracting the binary SAM and SYSTEM File from the file system, and then extracts the hashes. One of the powerful features of pwdump7 is that it is also capable of dumping protected files. Pwdump7 is also able to extract passwords offline by selecting the target files. Use of this program requires administrative privileges on the remote system.
Network Management DNA
The Network Traffic dialog box aids in the discovery of the network speed the DNA uses and each work-unit length of the DNA client. Using the work-unit length, a DNA client can work without contacting the DNA server. The DNA client application has the ability to contact the DNA server at the beginning and ending of the work-unit length. The user can monitor the job status queue and the DNA. After collecting the data from Network Traffic dialog box, the user can modify the client work. When the size of the work-unit length increases, the speed of the network traffic decreases. Decrease in the speed of the traffic leads the client working on the jobs to spend longer amounts of time. Therefore, the user can make fewer requests to the server because of the reduction in bandwidth of network traffic.
How to Defend against LLMNR/NBT-NS Poisoning
The easiest way to prevent a system from being attacked by a perpetrator is to disable both the LMNR and NBT-NS services in the Windows operating system. Attackers make use of these services in order to obtain user credentials and gain unauthorized access to the user's system. Steps to disable LLMNR/NBT-NS in any version of Windows: Disabling LMBNR o Open Local Group Policy Editor. o Navigate to Local Computer Policy Computer Configuration Administrative Templates Network dns Client. o In DNS Client, double-click Turn off multicast name resolution. o Select the Disabled radio button and then click OK. Disabling NBT-NS o Open Control Panel and navigate to Network and Internet Network and Sharing Center and click on Change adapter settings option present on the right side. o Right-click on the network adapter and click Properties, select TCP/IPv4 and then click Properties. o Under General tab, go to Advanced WINS. o From the NetBIOS options, check "Disable NetBIOS over TCP/IP" radio button and click OK.
Hash Injection Attack
This type of attack is possible when the target system uses a hash function as part of the authentication process to authenticate its users. Generally, the system stores hash values of the credentials in the SAM database/file on a Windows computer. In such cases, the server computes the hash value of the user-submitted credentials or allows user to input the hash value directly. The server then checks it against the stored hash value for authentication. FIGURE 6.6: Hash Injection attack Attackers take advantage of such authentication mechanisms and first exploit the target server to retrieve the hashes from the SAM databases. They then input the hashes acquired directly into the authentication mechanism to authenticate with stolen user's pre-computed hashes. Thus, in a hash injection attack, the attackers inject a compromised hash into a local session and then use the hash to authenticate to the network resources. The hacker carries out this attack by implementing the following four steps: o The hacker compromises one workstation/server using a local/remote exploit. o The hacker extracts stored hashes and finds a domain admin account hash. o The hacker uses the hash to log on to any system (domain controller) with the same credentials. o The hacker extracts all the hashes from the Active Directory database and can now compromise any account in the domain.
Microsoft Authentication
When users log in to a Windows computer, a series of steps is performed for user authentication. The Windows operating system authenticates its users with the help of three mechansims (protocols) provided by Microsoft. Security Accounts Manager (SAM) Database Windows uses the Security Accounts Manager (SAM) database or Active Directory Database to manage user accounts and passwords in the hashed format (one-way hash). The system does not store the passwords in plaintext format, but in hashed format, to protect them from attacks. The system implements SAM database as a registry file, and the Windows kernel obtains and keeps an exclusive file system lock on the SAM file. As this file consists of a file system lock, this provides some measure of security for the storage of passwords. It is not possible to copy the SAM file to another location in the case of online attacks. Because the system locks the SAM file with an exclusive file system lock, a user cannot copy or move it while Windows is running. The lock will not release until the system throws a blue screen exception or the operating system has shut down. However, to make the password hashes available for offline brute-force attacks, attackers can dump the on-disk contents of the SAM file using various techniques. The SAM file uses a SYSKEY function (in Windows NT 4.0 and later versions) to partially encrypt the password hashes. Even if hackers use subterfuge techniques to discover the contents, the encrypted keys with a one-way hash make it difficult to hack. In addition, some versions have a secondary key, making the encryption specific to that copy of the OS. NTLM Authentication NTLM (NT LAN Manager) is a default authentication scheme that performs authentication using a challenge/response strategy. Because it does not rely on any official protocol specification, there is no guarantee that it works correctly in every situation. It has been on some Windows installations, where it worked successfully. NTLM authentication consists of two protocols: NTLM authentication protocol and LM authentication protocol. These protocols use different hash methodology to store users' passwords in the SAM database. Kerberos Authentication Kerberos is a network authentication protocol that provides strong authentication for client/server applications by using secret-key cryptography. This provides mutual authentication, in that both the server and the user verify each other's identity. Messages sent through Kerberos protocol are protected against replay attacks and eavesdropping. Kerberos makes use of the Key Distribution Center (KDC), a trusted third party. This consists of two logically distinct parts: an Authentication server (AS) and a Ticket Granting Server (TGS). Kerberos uses "tickets" to prove a user's identity..
How Hash Passwords Are Stored in Windows SAM?
Windows operating systems use a Security Account Manager (SAM) database file to store user passwords. The SAM file is stored at %SystemRoot%/system32/config/SAM in Windows systems, and Windows mounts it in the registry, under the HKLM/SAM registry hive. It stores LAN Manager (LM) or NT LAN Manager (NTLM) hashed passwords. NTLM supersedes the LM hash, which is susceptible to cracking. New versions of Windows still support LM hashes for backward compatibility; however, Vista and later Windows versions disable LM hash by default. The LM hash is blank in newer Windows versions. Selecting the option to remove LM hashes enables an additional check during password change operations but does not clear LM hash values from the SAM immediately: The SAM file stores a "dummy" value in its database, which bears no relationship to the user's actual password and is the same for all user accounts. It is not possible to calculate LM hashes for passwords exceeding 14 characters in length. Thus, the LM hash value is set to a "dummy" value when a user or administrator sets a password of more than 14 characters.