Intro to Cryptography (Part 3 of 3)

This is the quick-hit version of the second of three parts of Introduction to Cryptography training I gave.  As with all of the formal training, you can use the below for a quick reference, or view the full presentation here.

Cryptanalysis

Approaches are often based upon three things:

  1. Entropy (or lack thereof)
  • Frequency Analysis: How often do words/charcters/digraphs/trigraphs occur?
  • Entropic Analysis: How random is something that should be random?

2. Equivalent operational efficiency

  • Example one: Keyspace Reduction
    • Take value “a”
    • Do math, and make final calculation multiply by two
    • Resultant keyspace is reduced by one bit (etc.)
  • Example two: Processing Efficiency
    • Take value “a”
    • Add seventeen to “a”
    • Subtract six from result (etc)
    • Combine operations (e.g. ”add eleven”) for efficiency

3. Deterministic knowledge

  • Knowledge of part (or all) of a plaintext -> ciphertext combination can assist in recovery.
  • Knowledge of the initial state of registers/settings/cryptographic values can make recovery easier as well.

Password Cracking

  • Passwords can be stored encrypted or hashed
  • Encryption is generally deprecated
  • “Cracking” hashed passwords is really finding an input that gives the same output

Common Hash Lengths

  • 13 Characters = DES, Unix Crypt
  • 14 Characters = MySQL (up to v4)
  • 32 Characters = MD5
  • 34 Characters = MD5 (*nix, phpBB3, WordPress, etc)
  • 40 Characters = MySQL (v5 and up), SHA-1
  • 55 Characters = SHA-256
  • 60 Characters = Oracle 11
  • 98 Characters = SHA-512

The “Standard” Format String

username:$HID$SALT$HASH:other_data

 

  • username = Well, username
  • HID = Hash identifier (see next slide)
  • SALT = Salt bytes/string
  • HASH = The resultant hash
  • other_data = OS or application-specific amplifying data

Common HID Values

  • $1$ – FreeBSD MD5
  • $2a$ – OpenBSD Blowfish
  • $af$ – Kerberos v4 Ticket Granting Ticket
  • $ap1$ – Apache Server
  • $B$ – MediaWiki MD5
  • $DCC2$ – MS-CACHE v2
  • $H$ – PHPass MD5
  • $IPB2$ – Invision Power Board (IPB2) MD5
  • $K$ – Kerberos AFS
  • $krb5$ – Kerberos v5 Ticket Granting Ticket
  • $LM$ – Microsoft Windows LanMan (LM) DES
  • $MD4$ – Generic MD4
  • $MSCHAPv2$ – Microsoft MS-CHAP v2
  • $mskrb5$ – Microsoft Keberos v5
  • $NETHALFLM$ – Microsoft Half LanMan
  • $NETLM$ – Microsoft Network LanMan
  • $NETLMv2$ – Microsoft Network LanMan v2
  • $NETNTLM$ – Microsoft Network NT LanMan
  • $NETNTLMv2$ – Microsoft Network NT LanMan v2
  • $NT$ – Microsoft NT MD4
  • $PDF$ – Adobe PDF
  • $PHPS$ – PHPS MD5
  • $RAR3$ – RAR Archive
  • $SHA1$ – SHA-1
  • $SHA512$ – SHA-512 (SHA-2)
  • $SSH2$ – Secure Shell version 2
  • $zip$ – ZIP Archive
  • M$ – Microsoft MS-CACHE v1
  • O$ – Oracle
  • {SHA} – Netscape LDAP SHA
  • {SSHA} – Netscape LDAP/OpenLDAP Salted SHA

John the Ripper (JtR) Quick Hits

  • Look for formats (if known):
john --list=formats

 

  • Crack a specific format type using rule-based permutations from a wordlist:
john --format={FORMAT} --rules -w=/path/to/wordlist hashes.txt

 

  • Brute force crack a specific format type:
john --format={FORMAT} --incremental hashes.txt

 

  • Single crack with a recoverable session:
john --format={FORMAT} --single --session={NAME} hashes.txt

Hashcat Quick Hits

hashcat -m {mode} /path/to/hashes.txt /path/to/wordlist

Recommended additional switches:

  • –status
  • –loopback
  • –session={name}
  • –increment
  • –increment-min
  • –increment-max