rainbow tables - unikom linux week - panggi libersa

8/9/2019 Rainbow Tables - Unikom Linux Week - Panggi Libersa

1/27

Rainbow TablesTesting Passwords Security

Bandung , February 15th 2010


2/27

About me

Panggi Libersa a.k.a malcoder Student at Indonesias Computer University

Have written some articles on Jasakom and other Indonesian security sites.

Like to take picture

Almost get his CEH [Certified Ethical Hacker] certification ( waiting for exam)

Administrator and Social Media manager at http://i-teve.com

Open Source developer [ RESTful Webservices etc ]

Open Source Security Suite based on GNU/Linux [ http://opensecuritylab.org]


3/27

Some things Man was never meant

to know. For everything else, there's

Google Geeky Quote


4/27

Why Do I talk about this ? Awareness of Security I promise that this will change your view on Password

Security

Havent met anyone that isnt surprised at the power of this

stuffs ability to make cracking password become so easy


5/27

So , What is Password ?

A password is a secret word or string

ofcharacters that is used for authentication,

to prove identity or gain access to a resource

.The password must be kept secret from those

not allowed access.(source : http://en.wikipedia.org/wiki/Password)


6/27

Password Usage


7/27

How to keep it secret ?

Dont tell to anybody else , keep it in mind

(personal)

Store the password records on a secure

environment (provider)


8/27

Type of storing password

Cleartext (ex : this-is-so-secret , 260987)

Encrypted Reversible encryption without key ( ex : base64 cipher)

Reversible encryption with key (ex : poly alphabetic substitution cipher)

One Way Hash ( ex : md5 , sha1 )

One Way Hash with salt ( ex : md5 + salt )


9/27

Example of the encryption usage

Base64 ( functions : encode and decode) Encode : cleartext -> ciphertext

Decode : ciphertext -> cleartext

cleartext :

panggi encodeciphertext :

cGFuZ2dp

ciphertext :

cGFuZ2dpdecode cleartext :

panggi


10/27

Polyalphabetic substitution cipher ex : Vigenre cipher

Usage :

Key: ABCDEF AB CDEFA BCD EFABCDEFABCD

Plaintext: CRYPTO IS SHORT FOR CRYPTOGRAPHY

Ciphertext: CSASXT IT UKSWT GQU GWYQVRKWAQJB


11/27

One Way Hash

CAN NOT BE DECODED , feel secured ? Wait


12/27

One way hash + salt

I will explain later ..

NEXT


13/27

Our Focus Today

Cracking One Way Hash Cipher

MD5


14/27

Methods

Brute Force

Dictionary

Rainbow Tables our focus

Etc


15/27

Brute force

Using all possible combination in sequence

Example :Targeted hash : 4a8a08f09d37b73795649038408b5f33

OK.. Crack it ..

a = 0cc175b9c0f1b6a831c399e269772661


16/27

Dictionary Given the wordlist ofcommon passwords

Example :

Targetted hash : 3858f62230ac3c915f300c664312c63f

dic-crack 3858f62230ac3c915f300c664312c63f- L path-of-wordlist/wordlist.txt

searching.

fooa


17/27

Rainbow Tables ? A rainbow table is a lookup table offering

a time-memory tradeoffused in recovering

the plaintext password from a password hash

generated by a hash function, oftena cryptographic hash function. A common

application is to make attacks against hashed

passwords feasible(http://en.wikipedia.org/wiki/Rainbow_tables)


18/27


19/27

English please

Lookup table ?

Trade-memory tradeoff ?


20/27

Time for the Demo Example : md5_hash.txt

20392298d6b78e0890cd22a7bf071c49

c9122fd7bae0681b62a39ddfc1c7fb19469590a45cc7f985b53d15113157e6ea

31c9febeeb68929cd6c097239cf3e9d3

2e19ab163556288cf239f5339927e408

dcb76da384ae3028d6aa9b2ebcea01c9

d1cbedff31b828ac2f15548357988073

c94630fe9dea660ba53ddf5d3a41e802

73e405227c02a626e66f0dc4dd3a53a3

9486f7a4fdf724cf6cacbdc103661fce

26f803e714f7d39c0b5a9dd67d03f887

0248750eb423b999bd684b10668f7241

9ac17fc47347d505c92e3ca31fee675db65a81125dbfaab4a3ecdff26a979309

3fde6bb0541387e4ebdadf7c2ff31123

d695f8f703c1b3b0dce9d588a4d4abad

86acaeb6d0f7241ea54b73528fa204ca

78c5d5ed7ea4372435e9f006b29ea745

75003783871e9404cd0793ca81594841

e63d33d7ad4b4360f761634de070a860

a9684b0defabebc108720fda1627f43d

b150e73aa5fc110c27320c98effcc0f1

464b59d944c93b6a5eb3dfd0abf15114

4e3d682f0821b23f6d49fa1ac2cf154a

d740ee7f1cd46b3d536a6f4331a4c77f

13781c244d5bb85a296bcbe4ac7992f7

bcdc908a16dbfe1297b4b0891ccf9ed7

10f97476043d02db1a236b877232c0a6

d81bf97286c617c77b679478ce8b72b2

7279f67e313cc35e518f94c775a42196


21/27

Result./rcrack *.rt -l md5_hash.txt

md5_alpha#1-7_0_2400x40000000_panggi#000.rt:

640000000 bytes read, disk access time: 9.99 s

verifying the file...

searching for 30 hashes...

plaintext of 20392298d6b78e0890cd22a7bf071c49 is PANGGI

plaintext of c9122fd7bae0681b62a39ddfc1c7fb19 is LOVE

plaintext of 469590a4 5cc7f985b53d15113157e6ea is MUSTIKA

cryptanalysis time: 377.34 s

md5_alpha-numeric#1-7_0_2400x40000000_panggi#000.rt:




plaintext of 31c9febeeb68929cd6c097239cf3e9d3 is P4ST1

plaintext of d81bf97286c617c77b679478ce8b72b2 is 050479






plaintext of 10f97476043d02db1a236b877232c0a6 is 7201421





searching for 24 hashes...cryptanalysis time: 28.24 s







22/27


23/27

md5_loweralpha-numeric#1-7_0_2400x40000000_panggi#002.rt:





md5_loweralpha-numeric#1-7_0_2400x40000000_panggi#003.rt:




plaintext of 9 486f7a4fdf724cf6cacbdc103661fce is metty77


md5_mixalpha-numeric-symbol14-space#1-6_0_2400x40000000_panggi#000.rt:




plaintext of 9ac17fc47347d505c92e3ca31fee675d is 4Dm1n

plaintext of b65a81125dbfaab4a3ecdff26a979309 is Pa55

plaintext of d695f8f703c1b3b0dce9d588a4d4abad is UN1k0M

plaintext of 75003783871e9404cd0793ca81594841 is G0D$plaintext of 464b59d944c93b6a5eb3dfd0abf15114 is c(%H2n

plaintext of d740ee7f1cd46b3d536a6f4331a4c77f is *$^#&3

plaintext of 13781c244d5bb85a296bcbe4ac7992f7 is h@xX0r






plaintext of 0248750eb423b999bd684b10668f7241 is iMoeTh

plaintext of e63d33d7ad4b4360f761634de070a860 is w_Bu5H

plaintext of 4e3d682f0821b23f6d49fa1ac2cf154a is R@54Incryptanalysis time: 3.86 s





plaintext of 78c5d5ed7ea4372435e9f006b29ea745 is !Q@W#E

plaintext of a9684b0defabebc108720fda1627f43d is 1!q^YW



24/27





plaintext of 86acaeb6d0f7241ea54b73528fa204ca is 5TR0n6




verifying the file...searching for 3 hashes...






plaintext of b150e73aa5fc110c27320c98effcc0f1 is p@N66i



640000000 bytes read, disk access time: 12.44 sverifying the file...



md5_numeric#1-9_0_3000x3000000_panggi#000.rt:




plaintext of bcdc908a16dbfe1297b4b0891ccf9ed7 is 290419 87

plaintext of 7279f67e313cc35e518f94c775a42196 is 776284123


statistics

-------------------------------------------------------

plaintext found: 30 of 30 (100.00%)

total disk access time: 499.91 s

total cryptanalysis time: 1129.94 s

total chain walk step: 453610884

total false alarm: 853120

total chain walk step due to false alarm: 675710917


25/27

result

-------------------------------------------------------

20392298d6b78e0890cd22a7bf071c49 PANGGI hex:50414e474749

c9122fd7bae0681b62a39ddfc1c7fb19 LOVE hex:4c4f5645

469590a45cc7f985b53d15113157e6ea MUSTIKA hex:4d555354494b41

31c9febeeb68929cd6c097239cf3e9d3 P4ST1 hex:5034535431

2e19ab163556288cf239f5339927e408 nunung hex:6e756e756e67

dcb76da384ae3028d6aa9b2ebcea01c9 sayang hex:736179616e67

d1cbedff31b828ac2f15548357988073 nashien hex:6e61736869656e

c94630fe9dea660ba53ddf5d3a41e802 herc hex:68657263

73e405227c02a626e66f0dc4dd3a53a3 hayati hex:686179617469

9486f7a4fdf724cf6cacbdc103661fce metty77 hex:6d657474793737

26f803e714f7d39c0b5a9dd67d03f887 8u7y6t hex:387537793674

0248750eb423b999bd684b10668f7241 iMoeTh hex:694d6f655468

9ac17fc47347d505c92e3ca31fee675d 4Dm1n hex:34446d316e

b65a81125dbfaab4a3ecdff26a979309 Pa55 hex:50613535

3fde6bb0541387e4ebdadf7c2ff31123 1q2w3e hex:317132773365

d695f8f703c1b3b0dce9d588a4d4abad UN1k0M hex:554e316b304d

86acaeb6d0f7241ea54b73528fa204ca 5TR0n6 hex:355452306e36

78c5d5ed7ea4372435e9f006b29ea745 !Q@W#E hex:215140572345

75003783871e9404cd0793ca81594841 G0D$ hex:47304424

e63d33d7ad4b4360f761634de070a860 w_Bu5H hex:775f42753548

a9684b0defabebc108720fda1627f43d 1!q^YW hex:3121715e5957

b150e73aa5fc110c27320c98effcc0f1 p@N66i hex:70404e363669

464b59d944c93b6a5eb3dfd0abf15114 c(%H2n hex:63282548326e

4e3d682f0821b23f6d49fa1ac2cf154a R@54In hex:52403534496e

d740ee7f1cd46b3d536a6f4331a4c77f *$^#&3 hex:2a245e232633

13781c244d5bb85a296bcbe4ac7992f7 h@xX0r hex:684078583072

bcdc908a16dbfe1297b4b0891ccf9ed7 29041987 hex:3239303431393837

10f97476043d02db1a236b877232c0a6 7201421 hex:37323031343231

d81bf97286c617c77b679478ce8b72b2 050479 hex:303530343739

7279f67e313cc35e518f94c775a42196 776284123 hex:373736323834313233


26/27

How to secure it ? MD5Use salted password ( not naked )

Example :

how to use it ?simply..


27/27

Thank You

rainbow tables - unikom linux week - panggi libersa

Documents