CSG 254 - Network Security

Lab: Password Cracking

In this lab, you will recover passwords using two different techniques: dictionary attack and precomputation attack. Recovering a password, known as password cracking, can be a devastating attack, especially since most users will reuse the same password on different systems. You will learn to use tools that allow you to crack passwords on both your Windows and Linux machines.

Late submissions will result in a 10% penalty per day (e.g., 2.5 days late result in 25% penalty)

1. Accessing the Password Hashes

In modern systems, you need elevated access, such as root or Administrator, to access the password hashes. You already have the appropriate access. First you will dump the Window's LM Hash passwords, then you will copy the Linux passwords.

1. Log in to your Windows server and use a browser to download pwdump6 and pscp from http://strawman-fedora.nslab.ccs.neu.edu/labs/lab4/. Save pscp.exe in C:\WINNT\system32, so that it will be in your PATH. You may extract pwdump6-1.7.2-exe-only.zip anywhere you like, but be sure to remember the path for later.

2. Review the documentation included with pwdump6. In a cmd shell, cd to the directory containing the PwDump.exe binary and run the command to extract your Windows system's user password hashes. Be sure to use your system's hostname instead of localhost. Write the output to a file and then use pscp to copy them to your Linux router.

3. Log into your Linux router and use the unshadow command (which comes with John the Ripper) to combine your /etc/password and /etc/shadow files. Most of the account information is stored in /etc/password, but in modern Unix systems the password hashes are stored in the protected file /etc/shadow. Your command line should look something like:

   unshadow /etc/passwd /etc/shadow > router-passwd.txt
   		

4. Next, prune out the unnecessary lines from both of the password files you just generated. Remove all accounts except those of your team's users and the Administrator/root users.

5. Obtain two additional sample password files from http://strawman-fedora.nslab.ccs.neu.edu/labs/lab4/. Be sure to download and save both the Linux password file, and the Windows SAM dump. These files should be saved in a directory of your choice on your Linux router, along with the two password files you created earlier.

2. Dictionary Attack

Use john to execute a dictionary attack against all four password files. In order to do this, you may use your Linux system's built-in spellcheck dictionary, located at /usr/share/dict/words, or you may download a larger dictionary from some other source. Just be sure to observe the dictionary format requirements.

This documentation may be helpful. Please refer to /usr/share/doc/john-1.6/ for documentation specific to your version, or simply type john at the command line and press enter for a short description of command line options.

If you successfully crack any passwords in the provided password files, record these passwords for your report. If you successfully crack any passwords from the files you generated, record them and have your users change their password to something more secure.

3. Precomputation Attack

With a good dictionary and some simple permutations, a dictionary attack can crack many typical user passwords. Unfortunately, this method of has its limits. Even relatively short random passwords can thwart it. When dictionary attacks fail, crackers will generally resort to a brute-force attacks, where all possible passwords are tried. This can take a great deal of time. Against good hashing mechanisms, it is usually infeasible.

Weaker hashing mechanisms can be quickly brute-forced using pregenerated rainbow tables. Rainbow tables are one implementation of time-memory tradeoff used to greatly speed up password cracking. They are particularly effective when password hashes are not salted.

For the next few steps, you will be using RainbowCrack to attack Windows LM hashes. Review the online documentation for RainbowCrack, and learn how to generate a rainbow table based on a desired character set and password length.

You need to download the Linux version from RainbowCrack. You need to unzip it in /usr/local/src. You will use rtgen to generate a rainbow table for all 1 to 6 character LM passwords using the alpha-numeric character set. You will likely need to copy the sample character set configuration file from /usr/local/src/rainbowcrack-1.2-src/src/charset.txt to your current directory.

1. Generating these tables will use a significant amount of disk space. Use df -h to determine which partition has enough room for your tables before you begin. In addition, you should use the following table parameters to keep your table size reasonable:

   rainbow_chain_length=2100,rainbow_chain_count=2000000

   Also note, that this may take as long as an hour or two to complete. rtgen will print periodic status updates as it runs.

2. Once the tables are generated, use rtsort to sort your tables. You may want to make a backup copy of your sorted tables.

3. Use rcrack along with your rainbow tables to attack both your Windows password files. Once again, record any successfully cracked passwords and change your team's passwords if they were cracked.

Report

For this lab, your team must submit a report with the following information:

1. Include a copy of the four password files.

2. Include a list of all passwords that you cracked, where each row should have the username, the password hash, and the cleartext password.

3. Name at least three reasons why LM hashes are easier to crack than salted SHA-1 hashes.

4. How do you disable LM hashes from being stored on your Windows machine? Why are LM hashes still available by default?

5. Suppose a user selects a random, 8 character password from the set of characters [A-Za-z0-9]. The password is stored as an unsalted SHA-1 hash. If an attacker wished to precompute all possible 8 character password hashes of this character set and store the pairs in a simple list, how many megabytes of disk space would this require at a minimum?

   Assume that the passwords are stored as 8-bit ASCII characters and that the pairs of password/hash are separated by a single ASCII character.

Grading

Your grade for this lab will be composed of:

• 30% - Copy of the four password files.

• 40% - Cracked the expected passwords.

• 30% - Answered the rest of the questions.