Lecture04: Network Layer Security
Download
Report
Transcript Lecture04: Network Layer Security
Session Layer Security
Lecture 6
Supakorn Kungpisdan
[email protected]
Outline
Introduction
SYN Attack
Session Hijacking
DNS Poisoning
SSH Downgrade Attack
Authentication Techniques and Attacks
NETE4630 Advanced Network Security and Implementation
2
Introduction
Session layer provides a set of features that contributes to
the reliability and usefulness of modern network
communications
Session Checkpoint
Session Adjournment
Session Termination
Half- and Full-Duplex Operations
NETE4630 Advanced Network Security and Implementation
3
Session Checkpoint
TCP acknowledgement (ACK) packets are regularly passed
between hosts to identify the last packet that was received
TCP delays the transmission of an ACK packet until either a timeout
is reached or a number of packets equal to the TCP window size
have been sent
This delays increases the efficiency of the protocol and establishes
checkpoints
At any point, TCP can resume transmission from the previous
checkpoint if a delivery failure occurs
NETE4630 Advanced Network Security and Implementation
4
Session Adjournment
TCP sessions may be adjourned through setting the TCP
window to 0 byte.
This informs the sending host that no buffer is available to hold
transmitted data and halts communications without losing the
connection
NETE4630 Advanced Network Security and Implementation
5
Session Termination
TCP provides a means for session termination
Graceful and immediate session terminations
Graceful termination occur by setting a finish (FIN) flag that is
subsequently acknowledged by the recipient
Immediate termination occur by using packets with the reset (RST)
flag set
Half- and Full-Duplex Operations
• While TCP operates at full duplex, the session layer allows for both
full- and half-duplex operations
NETE4630 Advanced Network Security and Implementation
6
Attacking the Session Layer
Rely primarily on abuses of the TCP and IP headers
TCP flags
Sequence and Acknowledgement numbers
Newer attacks may focus on higher layer protocols
Session Initiation Protocol (SIP)
Session Description Protocol (SDP)
NETE4630 Advanced Network Security and Implementation
7
SYN (Flood) Attack
Use legitimate TCP functions permits attackers with a
small number of hosts to conduct DoS, which can
completely saturate the bandwidth of a corporation
The server has to allocate a number of resources
(processor and buffer) to handle each connection
A large number of hosts can use this to great effect when
attacking a web site
NETE4630 Advanced Network Security and Implementation
8
SYN Attack (cont.)
From an attacker’s perspective, this approach is less than
ideal:
1.
Creating multiple connections is extremely inefficient
Every established connection consumes a lot of resources on the server
and the attacking client
2.
3.
This kind of attack is not anonymous
Many servers limit the number of connections that they will
accept from a single host
NETE4630 Advanced Network Security and Implementation
9
SYN Attack with hping3
Hping3 tool provides a simple means for producing crafted packets
Executing a single SYN packet to port 6666 on the victim server
Packet
count
Dest port
SYN flag set
$ hping3 –c 1 –p 6666 –S 10.10.1.9
In this case, we use the attacking machine’s IP as source IP
NETE4630 Advanced Network Security and Implementation
10
SYN Attack with hping3 (cont.)
NETE4630 Advanced Network Security and Implementation
11
SYN Attack with hping3 (cont.)
However, the DoS client was stymied by attempts to circumvent its
resource consumption
Any TCP stack that meets an unsolicited SYN/ACK packet will
respond with an RST
The solution is to spoof a source IP address
$ hping –c 1 –a 10.12.250.250 –p 6666 –S 10.1.1.9
Spoofed IP address
NETE4630 Advanced Network Security and Implementation
12
SYN Attack with hping3 (cont.)
Target keeps sending SYN/ACK to the spoofed source
until reaching timeout
NETE4630 Advanced Network Security and Implementation
13
Note on SYN Attack
Careful selection of the spoofed IP is necessary to conduct
a successful DoS attack
The most successful method to ensure delivery of a
spoofed packet is to select an unused IP on the same
subnet as the attacking host
NETE4630 Advanced Network Security and Implementation
14
Reflective Attack
A variation of SYN attack
Sending a large number of SYN packets to a web server
and spoofing source IP as the victim IP
The web server responds to the large number of SYN
packets by issuing a flood of traffic back to the spoofed
victim’s address
SYN
NETE4630 Advanced Network Security and Implementation
SYN, ACK
15
Session Hijacking
Session hijacking works by taking advantage of the fact
that most communications are protected (by providing
credentials) at session setup, but not thereafter.
These attacks generally fall into three categories:
Man-in-the-middle (MITM)
Blind Hijacking
Session Theft
Ref: http://technet.microsoft.com/en-us/magazine/cc160809(TechNet.10).aspx
NETE4630 Advanced Network Security and Implementation
16
MITM Attacks
Attacker intercepts all communications between two hosts.
With communications between a client and server now flowing
through the attacker, he or she is free to modify their content.
Protocols that rely on the exchange of public keys to protect
communications are often the target of these types of attacks
Bob
Evan
NETE4630 Advanced Network Security and Implementation
Alice
17
Blind Hijacking
An attacker injects data such as malicious commands into
intercepted communications between two hosts commands like
"net.exe localgroup administrators /add
EvilAttacker".
This is called Blind Hijacking because the attacker can only inject
data into the communications stream, but cannot see the response
to that data (such as "The command completed
successfully.")
Essentially, the blind hijack attacker is shooting data in the dark, but
this method is still very effective
NETE4630 Advanced Network Security and Implementation
18
Session Theft Attacks
Attacker neither intercepts nor injects data into existing
communications between two hosts.
Instead, the attacker creates new sessions or uses old
ones.
This type of session hijacking is most common at the
application level, especially Web applications.
NETE4630 Advanced Network Security and Implementation
19
Hijacking A TCP Session
Session
establishment
Data transfer
NETE4630 Advanced Network Security and Implementation
20
Hijacking A TCP Session (cont.)
If the attacker wanted to inject data into the TCP session as the
client, he or she would need to:
Spoof the client's IP address
Determine the correct sequence number that is expected by the server from
the client
Inject data into the session before the client sends its next packet
To achieve the third, the attacker could just send the data to inject
and hope it is received before the real client does
Or, the attacker could perform a DoS attack on the client, or use
ARP spoofing
NETE4630 Advanced Network Security and Implementation
21
Hijacking A TCP Session (cont.)
seq, ack
seq, ack
Bob
Alice
Evan
Listen to seq , ack numbers
NETE4630 Advanced Network Security and Implementation
22
Blind Injection
When the client receives the ACK packet, it will be confused, either
because it did not send any data or because the next expected
sequence is incorrect.
NETE4630 Advanced Network Security and Implementation
23
Hijacking A TCP Session (cont.)
Maybe the attacker can send something "nice" like "mv `which
emacs` /vmunix && shutdown –r now" and not just a single
character)
This confusion can cause a TCP ACK storm, which can disrupt a
network
Attackers can automate the session hijacking process with tools
such as Juggernaut, Hunt, and Ettercap
NETE4630 Advanced Network Security and Implementation
24
Hijacking A UDP Session
Attackers do not have to worry about the overhead of managing
sequence numbers and other TCP mechanisms.
Since UDP is connectionless, injecting data into a session without
being detected is extremely easy
DNS queries, online
games like the Quake
series and Half-Life, and
peer-to-peer sessions
are common protocols
that work over UDP; all
are popular targets for
this kind of session
hijacking
NETE4630 Advanced Network Security and Implementation
25
Determining Susceptibility
To check if your network is vulnerable to session hijacking
is to hijack actual network sessions using common
attacker tools e.g. Juggernaut or Hunt (now Ettercap)
Alternatively, try to find out if using transport protocols that
do not use cryptographic protection
Protocols such as Telnet and FTP are extremely
susceptible to hijacking when not protected inside
encrypted tunnels
Countermeasure is to use SSL, SSH, and IPSec
NETE4630 Advanced Network Security and Implementation
26
Tricks and Techniques
TCP ACK Storm
ARP Table Modification
TCP Resynchronizing
Remotely Modifying Routing Table
NETE4630 Advanced Network Security and Implementation
27
TCP ACK Packet Storm
As the attacker injects
more and more data,
the size of the ACK
storm increases and
can quickly degrade
network performance.
If neither the attacker nor the client explicitly closes the session, the
storm will likely stop itself eventually when ACK packets are lost in
the storm.
NETE4630 Advanced Network Security and Implementation
28
ARP Table Modification
Finding owner of MAC address
NETE4630 Advanced Network Security and Implementation
Spoofed reply
29
ARP Table Modification (cont.)
Stopping TCP ACK Storm
NETE4630 Advanced Network Security and Implementation
30
TCP Resynchronizing
To hide his/her tracks, an attacker who is finished session
hijacking might want to resynchronize the communicating
hosts.
The problem is that, after the attack, the two hosts whose
session was hijacked will be at different points in the
session (different seq and ack numbers).
Server might think that it is 40 bytes into the session when the
client might have sent only 29 bytes.
NETE4630 Advanced Network Security and Implementation
31
TCP Resynchronizing (cont.)
Since sequence numbers move in only a positive
direction, it's not possible to manipulate the server so that
its expected sequence number moves downward to
match the client's sequence number.
Tools like Hunt try to solve this problem by sending a
message to the client
msg from root: power failure – try to type 13 chars
NETE4630 Advanced Network Security and Implementation
32
Remotely Modifying Routing Table
Attacker who wants to hijack a session wants to route all
communications between a client and server through him or her
making it easy to monitor, modify, and inject data into the session,
as in MITM attacks.
Attacker modifies the routing table of the host is to forge ICMP
Redirect (type 5) packets and advertise them as the route to take
when sending data.
To protect Windows® hosts from forged ICMP redirect, set the
EnableICMPRedirect value to 0 under the registry key
HKLM\System\CurrentControlSet\Services\AFD\Paramet
ers
NETE4630 Advanced Network Security and Implementation
33
DNS Poisoning
A more common example of session hijacking is DNS
poisoning
DNS poisoning allows you to convince a DNS server that a
hostname resolves to an arbitrary IP
NETE4630 Advanced Network Security and Implementation
34
DNS Resolution
3 4
56
Client does not query the
canonical nameserver
because of the efficiency
provided by caching at the
local nameserver
1
2
NETE4630 Advanced Network Security and Implementation
35
DNS Poisoning (cont.)
34
5
6
Attacker’s
nameserver
Spoofed
web server
1
2
NETE4630
NETE4630 Advanced Network Security and Implementation
36
36
DNS Poisoning (cont.)
Implementing DNS poisoning is difficult
Each DNS query contains a 2-byte identification field that
allows responses to be matched to queries
An attacker has a 1 in 65,536 (2^16) chance of guessing
the correct identification value
Normally an attacker needs to sniff the identification
number of the query in order to successfully spoof a
response
NETE4630 Advanced Network Security and Implementation
37
DNS Message Format
NETE4630 Advanced Network Security and Implementation
38
DNS Poisoning with Ettercap
NETE4630 Advanced Network Security and Implementation
39
Hijacking A TCP Session (cont.)
www.msne.mut.ac.th
203.148.145.240
Bob
www.it.kmitl.ac.th
161.246.38.35
Evan
NETE4630 Advanced Network Security and Implementation
40
DNS Poisoning with Ettercap
1
2
NETE4630 Advanced Network Security and Implementation
3
41
DNS Poisoning with Ettercap (cont.)
4
5
NETE4630 Advanced Network Security and Implementation
42
DNS Poisoning with Ettercap (cont.)
6
8
7
NETE4630 Advanced Network Security and Implementation
43
DNS Poisoning with Ettercap (cont.)
Ettercap.dns
9
10
NETE4630 Advanced Network Security and Implementation
44
SSL Spoofing with Ettercap
NETE4630 Advanced Network Security and Implementation
45
SSL MITM Attack (cont.)
Bob
Paypal.com
SSL
SSL
https://www.paypal.com
Paypall.com
www.paypall.com
www.mut.ac.th
NETE4630 Advanced Network Security and Implementation
46
SSH Downgrade Attack
SSH is the most famous example of a downgrade attack where the
attacker forces the client and the server to use the insecure SSH1
protocol.
The client sends a request to establish a SSH link to the server and
asks it for the version it supports
The server answers either with:
ssh-2.xx The server supports only SSH2
ssh-1.99 The server supports SSH1 and SSH2
ssh-1.51 The server supports only SSH1
This attack occurs at the server that supports both SSH1 and SSH2
Ref: http://openmaniak.com/ettercap_filter.php
NETE4630 Advanced Network Security and Implementation
47
SSH Downgrade Attack (cont.)
NETE4630 Advanced Network Security and Implementation
48
SSH Downgrade Attack (cont.)
NETE4630 Advanced Network Security and Implementation
49
SSH Downgrade Attack with ettercap
1. Configure SSH server to support SSH1 and SSH2
#apt-get install openssh-server
#vim /etc/ssh/sshd_config
Protocol 1, 2
2. Create a SSH1 key pair
#ssh-keygen –t rsa1 –f /etc/ssh/ssh_host_key –N “”
3. Add the key path into sshd_config file:
HostKey /etc/ssh/ssh_host_key
4. Try to telnet to server to check if it has SSH1
Trying server_ip_address...
Connected to server_ip_address.
Escape character is '^]'.
SSH-1.99-OpenSSH_4.6p1 Debian-5ubuntu0.1
NETE4630 Advanced Network Security and Implementation
50
Client’s PuTTY Screen
Version 2 is preferred
but not restricted
NETE4630 Advanced Network Security and Implementation
51
Ettercap Filter
NETE4630 Advanced Network Security and Implementation
52
SSH Downgrade Attack Filter
/usr/share/ettercap/ettercap.filter.ssh
NETE4630 Advanced Network Security and Implementation
53
Compiling the Filter
NETE4630 Advanced Network Security and Implementation
54
Loading the Compiled Filter
NETE4630 Advanced Network Security and Implementation
55
SSH Downgrade Attack Result
NETE4630 Advanced Network Security and Implementation
56
Avoiding SSH Downgrade Attack
Never use SSH1 on both server and client
At /etc/ssh/sshd_config file
Protocol 2
#telnet server_ip_address 22
Trying server_ip_address…
Connected to server_ip_Address.
Escape character is ‘^’.
SSH-2.0-OpenSSH_4.6p1 Debian-5ubuntu0.1
NETE4630 Advanced Network Security and Implementation
57
Avoiding SSH Downgrade Attack
(cont.)
SSH Client
NETE4630 Advanced Network Security and Implementation
58
Authentication
Two main categories of authentication:
Synchronous and asynchronous authentication protocols
Synchronous authentication protocols provide credentials
at the start of the authentication process
Asynchronous authentication involves a challengeresponse model
NETE4630 Advanced Network Security and Implementation
59
Password Authentication Protocol
Password Authentication Protocol (PAP) is one of the least secure
authentication protocol used by PPP
Password and username are sent in cleartext (ASCII) to the
authentication server after a connection has been established.
Used as a last resort when the remote server does not support a
stronger authentication protocol, like CHAP or EAP
Both entities will try to negotiate and agree upon the most secure
method of authentication
Start with EAP, CHAP, then PAP
NETE4630 Advanced Network Security and Implementation
60
Challenge Handshake Authentication Protocol
Enter password
Compare hash value
h(password, challenge)
NETE4630 Advanced Network Security and Implementation
61
LM challenge/response
uppercase(password[1..7])
as KEY
magic word
DES
LM_hash[1..8]
uppercase(password[8..14])
as KEY
magic word
0000000000
DES
LM_hash[9..16]
LM_hash[17..21]
magic word is “KGS!@#$%”
[email protected], Cracking NTMLv2 Authentication
NETE4630 Advanced Network Security and Implementation
62
LM challenge/response (cont.)
LM_hash[1..7]
as KEY
challenge code
DES
LM_response[1..8]
LM_hash[8..14]
as KEY
challenge code
DES
LM_hash[15..21]
LM_response[9..16]
0000000000
as KEY
challenge code
DES
LM_response[17..24]
[email protected], Cracking NTMLv2 Authentication
NETE4630 Advanced Network Security and Implementation
63
NT Lan Manager v1 (NTLMv1)
Enter password
Compare hash value
R1, R2
NETE4630 Advanced Network Security and Implementation
64
NTLMv1 (cont.)
User password and challenge are used to calculate
LANMAN hash and MD4 hash
C = 8-byte random challenge
Hash1 = MD4(password)
{K1, K2, K3} = {Hash1, 5-byte-0s}
R1 = DES(K1, C), DES(K2, C), DES(K3, C)
Hash2 = LM-hash(password)
{K4, K5, K6} = {Hash2, 5-byte-0s}
R2 = DES(K4, C), DES(K5, C), DES(K6, C)
Client sends {R1, R2} as a response to the server
NETE4630 Advanced Network Security and Implementation
65
NTLM 2 Authentication
unicode(password)
MD4
unicode(
uppercase(account name)
+domain_or_hostname)
as KEY
HMAC_MD5
as KEY
server_challenge
+client_challenge
HMAC_MD5
NTLMv2
Response
[email protected], Cracking NTMLv2 Authentication
NETE4630 Advanced Network Security and Implementation
66
LM, NTLMv1, NTLMv2
LM
NTLMv1
NTLMv2
Password case sensitive
No
Yes
Yes
Hash key length
56bit + 56bit
-
-
Password hash algorithm DES (ECB mode)
MD4
MD4
Hash value length
64bit + 64bit
128bit
128bit
C/R key length
56bit + 56bit + 16bit
56bit + 56bit + 16bit
128bit
C/R algorithm
DES (ECB mode)
DES (ECB mode)
HMAC_MD5
C/R value length
64bit + 64bit + 64bit
64bit + 64bit + 64bit
128bit
[email protected], Cracking NTMLv2 Authentication
NETE4630 Advanced Network Security and Implementation
67
Attacks Against Password Hashes
Brute Force Attack
Iterate through every possible input and hashes it, comparing the
output with the hash value
Guaranteed to crack the hash if run long enough
Dictionary Attack
Iterate through possible passwords and common substitutions of
these words
Not guaranteed to produce results
E.g. John The Ripper (or John The Ripper Pro for Commercial
version) available at http://www.openwall.com/john/
NETE4630 Advanced Network Security and Implementation
68
Attacks Against Password Hashes (cont.)
Rainbow Table Attack
Compute every hash ahead of time, allowing the attacker to
check his/her database of hashes just for one he/she is trying to
crack
Several tools can be used for password cracking including
windows password in SAM, LM, NTLM password hashes
Rainbow Crack, Ophcrack, John the Ripper, Cain and Abel
Rainbow Crack can be used to crack LM, MD5, Office hashes
NETE4630 Advanced Network Security and Implementation
69
Rainbow Table
Rainbow tables are sophisticated tables that utilize
reduction algorithms to reduce the time needed to crack a
password
The only information stored in the table is an initial value
and a final value
When the initial value is passed through the algorithm, it
produces a hash, when put through a reduction algorithm.
The result of the reduction is then used as plaintext for
another hash function
NETE4630 Advanced Network Security and Implementation
70
Rainbow Table (cont.)
Hash
function
Reduction
function
Hash
function
Reduction
function
Hash
function
Reduction
function
Rainbow table stores only the first and the last value of each chain
NETE4630 Advanced Network Security and Implementation
71
Password Cracking with Rainbow Table
1.
2.
3.
4.
Given a hash value, apply reduction function to it and query the
table for the result
If not matched in the current chain, proceed with another chain,
then another table, until a match is found
When you find a match, recover the initial value for that chain and
reconstruct the chain until you are the point where the match
occurred
When you reach this point, the initial value is the corresponding
password
NETE4630 Advanced Network Security and Implementation
72
Password Cracking with Rainbow Table (cont.)
NETE4630 Advanced Network Security and Implementation
73
Password Cracking with Rainbow Table (cont.)
1. The encrypted password “re3xes” is intercepted. Try to
apply reduction to “re3xes”, but it fail to reach either the
first or the last value of one chain.
2. Try another chain. Now it matches the last value
“linux123” of a chain
3. Try to calculate from the first value of the chain starting
with “password”. Now it also reaches “re3xes”.
This guarantees that “re3xes” is decrypted to “password”
NETE4630 Advanced Network Security and Implementation
74
Cracking LM Password with Rainbow Crack
1. Dump password hashes using samdump, pwdump,
fgdump
2. Install Rainbow Crack
3. Before cracking the password, generate the rainbow table
first:
LM Configuration#0 – #6
4. Sort the rainbow table using rtsort command
5. Crack the password using rcrack command
Ref: http://www.ethicalhacker.net/content/view/94/24/
NETE4630 Advanced Network Security and Implementation
75
Password Hashes from pwdump
testuser1:"":0F20048EFC645D0A179B4D5D6690BDF3:1120ACB74670C7DD46F
1D3F5038A5CE8:::
remote:"":E52CAC67419A9A224A3B108F3FA6CB6D:8846F7EAEE8FB117AD06BD
D830B7586C:::
joeuser:"":E52CAC67419A9A224A3B108F3FA6CB6D:8846F7EAEE8FB117AD06B
DD830B7586C:::
averageguy:"":299CCF964D9A359BAAD3B435B51404EE:A5C07214487C87B584
E8877DE72DCA0B:::
harderpass:"":B75838F7A57EE67993E28745B8BF4BA6:EC50F8A8149C93EF45
AECB8AF96658E6:::
demouser:"":261A6631FE44BA4993E28745B8BF4BA6:371D5760453C1B000BCC
016F8E23A83C:::
randy:"":98B5AFEB67293D6AAAD3B435B51404EE:A9F34664151F6360757B316
44F37E025:::
Asmith:"":E165F0192EF85EBBAAD3B435B51404EE:E4EBE0E7EF708DC9FD2401
35D3D43D89:::
NETE4630 Advanced Network Security and Implementation
76
Generating Rainbow Table
To generate other configuration, use rtgen command
#
#
#
#
#
rtgen
rtgen
rtgen
rtgen
rtgen
lm
lm
lm
lm
lm
alpha-numeric
alpha-numeric
alpha-numeric
alpha-numeric
alpha-numeric
1
1
1
1
1
7
7
7
7
7
NETE4630 Advanced Network Security and Implementation
0
1
2
3
4
2400
2400
2400
2400
2400
40000000
40000000
40000000
40000000
40000000
all
all
all
all
all
77
Generating Rainbow Table (cont.)
“1” and “7” are our plaintext ranges. So we want passwords from “A” to
“ZZZZZZZ.”
If we had put plaintext length range "4-6", "AAAA" and "ZZZZZZ" would be among the
key space
0, 1, 2, 3, 4 are table numbers
2400 is chain length. Chain length increases the success rate per table but
does not increase table size.
It computes more hashes per chain but also takes longer to create and search the tab
“8000000” is chain count of each rainbow table.
Chain count is simply how many chains you want per table. Increasing this value
produces larger files with higher success rates, but the overall computation time isn’t
affected.
NETE4630 Advanced Network Security and Implementation
78
Rainbow Table Configuration
NETE4630 Advanced Network Security and Implementation
79
Generating Rainbow Table with Winrtgen
Winrtgen (now in Cain and Abel) is a graphical Rainbow Tables
Generator that supports LM, FastLM, NTLM, LMCHALL,
HalfLMCHALL, NTLMCHALL, MSCACHE, MD2, MD4, MD5, SHA1,
RIPEMD160, MySQL323, MySQLSHA1, CiscoPIX, ORACLE, SHA2 (256), SHA-2 (384) and SHA-2 (512) hashes.
Winrtgen can generate only rainbow table for LM configuration#0
NETE4630 Advanced Network Security and Implementation
80
Generating Rainbow Table with Winrtgen (cont.)
Generating 1 configuration#0 table takes 2 days on P3 1GHz machine
NETE4630 Advanced Network Security and Implementation
81
Generating Rainbow Table with Winrtgen (cont.)
Generating 5 configuration#0 tables take 12 days on P3 1GHz machine
NETE4630 Advanced Network Security and Implementation
82
Generating Rainbow Table (cont.)
128,000,000 bytes
lm_alpha#1-7_0_2100x8000000_all.rt
128,000,000 bytes
lm_alpha#1-7_1_2100x8000000_all.rt
128,000,000 bytes
lm_alpha#1-7_2_2100x8000000_all.rt
128,000,000 bytes
lm_alpha#1-7_3_2100x8000000_all.rt
128,000,000 bytes
lm_alpha#1-7_4_2100x8000000_all.rt
Sort the rainbow table:
# rtsort lm_alpha#1-7_0_2100x8000000_all.rt
# rtsort lm_alpha#1-7_1_2100x8000000_all.rt
# rtsort lm_alpha#1-7_2_2100x8000000_all.rt
# rtsort lm_alpha#1-7_3_2100x8000000_all.rt
# rtsort lm_alpha#1-7_4_2100x8000000_all.rt
NETE4630 Advanced Network Security and Implementation
83
Cracking the Password
C:\rainbowcrack-1.2-win\rainbowcrack-1.2-win>rcrack
RainbowCrack 1.2 - Making a Faster Cryptanalytic Time-Memory Trade-Off
by Zhu Shuanglei < [email protected] This e-mail address is being
protected from spam bots, you need JavaScript enabled to view it >
http://www.antsight.com/zsl/rainbowcrack/
usage: rcrack rainbow_table_pathname -h hash
rcrack rainbow_table_pathname -l hash_list_file
rcrack rainbow_table_pathname -f pwdump_file
rainbow_table_pathname: pathname of the rainbow table(s), wildchar(*, ?)
supported
-h hash:
use raw hash as input
-l hash_list_file:
use hash list file as input, each hash in a line
-f pwdump_file:
use pwdump file as input, this will handle LAN
Manager hash only
example: rcrack *.rt -h 5d41402abc4b2a76b9719d911017c592
rcrack *.rt -l hash.txt
rcrack *.rt -f hash.txt
NETE4630 Advanced Network Security and Implementation
84
Cracking the Password (cont.)
rcrack c:\rainbowcrack\*.rt -f pwdumpfile.txt
rcrack c:\rainbowcrack\*.rt -l justhashlist.txt
rcrack c:\rainbowcrack\*.rt –h
213D466DB5B288F0F82E44EC0938F4F4
Where pwdumpfile.txt is the results of using a hash
dumping utility like pwdump2, pwdump3, samdump, etc to
dump the LAN Manager's passwords.
If your password consists of only letters only, rcrack should be able
to crack it with a success rate of 99.9%.
NETE4630 Advanced Network Security and Implementation
85
Cracking the Password (cont.)
NETE4630 Advanced Network Security and Implementation
86
Protecting yourself against RainbowCrack
attacks and other password attacks
Limiting physical access
Continue to force the use of special characters
Use ALT-XXX characters in your passwords
Keep up with updates
Use Pass phrases
Use Multi-factor authentication
Password Policy
Use NTLM or NTLMv2
NETE4630 Advanced Network Security and Implementation
87
Limiting Physical Access
One common attack if you have physical access to a machine is to
use a bootable Linux distro to simply boot into Linux and grab the
SAM file off the windows partition.
IronGeek wrote a good tutorial on this method and even has a video
you can watch. You can get it here:
http://www.irongeek.com/i.php?page=security/localsamcrack2.
Another interesting tool released by Eeye is SysRQ2:
http://research.eeye.com/html/tools/RT20060801-8.html.
“SysRq is a bootable CD image that allows a user to open a fully
privileged (SYSTEM) command prompt on Windows 2000, Windows
XP, and Windows Server 2003 systems by pressing
Ctrl+Shift+SysRq at any time after startup.”
NETE4630 Advanced Network Security and Implementation
88
Continue to force the use of special
characters
Rainbow tables can rip thru a LM password with any type
of special character it still takes a large amount of time (1-2
years) to generate them
In LC4 we go from 9-11 hours to brute force alphanumeric password to 91 days to brute force passwords
with the possibility of all special characters (not including
ALT-XXX passwords).
NETE4630 Advanced Network Security and Implementation
89
Use ALT-XXX characters in your passwords
ALT characters are produced by holding down the ALT key
and pressing a three or four digit number sequence on
your keypad.
Most password crackers cannot crack passwords with ALT
characters.
Most ALT characters also have the added benefit that
passwords that have ALT characters in them cannot be
stored as LM hashes.
It causes password hashes to disappear
NETE4630 Advanced Network Security and Implementation
90
ALT-XXX Characters
NETE4630 Advanced Network Security and Implementation
91
Use Passphrases
Easiest and simplest way to protect you network from password
cracking.
Use of pass phrases that are greater than 14 characters AND use
special characters you can protect yourself from all but the
determined attackers.
If your network is Windows 2000 and above you have a maximum
length of 127 characters on your password/pass phrase; so sky’s
the limit.
A pass phrase like “This is my Stupid Pass Phrase!” is long enough
to be stored as NTLM or NTLMv2, has Uppercase, Lowercase,
Spaces, and Special Characters, and is easy to remember.
This is a much more secure password than even
“@w3cjd$Beu=mDr”.
NETE4630 Advanced Network Security and Implementation
92
Question?
Next week
Presentation Layer Security