session layer security lecture 6 supakorn kungpisdan [email protected]
TRANSCRIPT
NETE4630 Advanced Network Security and Implementation 2
Outline
Introduction SYN Attack Session Hijacking DNS Poisoning SSH Downgrade Attack Authentication Techniques and Attacks
Introduction
Session layer provides a set of features that contributes to the reliability and usefulness of modern network communications Session Checkpoint Session Adjournment Session Termination Half- and Full-Duplex Operations
NETE4630 Advanced Network Security and Implementation 3
Session Checkpoint
TCP acknowledgement (ACK) packets are regularly passed between hosts to identify the last packet that was received
TCP delays the transmission of an ACK packet until either a timeout is reached or a number of packets equal to the TCP window size have been sent
This delays increases the efficiency of the protocol and establishes checkpoints
At any point, TCP can resume transmission from the previous checkpoint if a delivery failure occurs
NETE4630 Advanced Network Security and Implementation 4
Session Adjournment
TCP sessions may be adjourned through setting the TCP window to 0 byte. This informs the sending host that no buffer is available to hold
transmitted data and halts communications without losing the connection
NETE4630 Advanced Network Security and Implementation 5
Session Termination
TCP provides a means for session termination Graceful and immediate session terminations
Graceful termination occur by setting a finish (FIN) flag that is subsequently acknowledged by the recipient
Immediate termination occur by using packets with the reset (RST) flag set
NETE4630 Advanced Network Security and Implementation 6
Half- and Full-Duplex Operations• While TCP operates at full duplex, the session layer allows for both
full- and half-duplex operations
Attacking the Session Layer
Rely primarily on abuses of the TCP and IP headers TCP flags Sequence and Acknowledgement numbers
Newer attacks may focus on higher layer protocols Session Initiation Protocol (SIP) Session Description Protocol (SDP)
NETE4630 Advanced Network Security and Implementation 7
SYN (Flood) Attack
Use legitimate TCP functions permits attackers with a small number of hosts to conduct DoS, which can completely saturate the bandwidth of a corporation
The server has to allocate a number of resources (processor and buffer) to handle each connection
A large number of hosts can use this to great effect when attacking a web site
NETE4630 Advanced Network Security and Implementation 8
SYN Attack (cont.)
From an attacker’s perspective, this approach is less than ideal:1. Creating multiple connections is extremely inefficient
Every established connection consumes a lot of resources on the server and the attacking client
2. This kind of attack is not anonymous3. Many servers limit the number of connections that they will
accept from a single host
NETE4630 Advanced Network Security and Implementation 9
SYN Attack with hping3
Hping3 tool provides a simple means for producing crafted packets Executing a single SYN packet to port 6666 on the victim server
$ hping3 –c 1 –p 6666 –S 10.10.1.9
In this case, we use the attacking machine’s IP as source IP
NETE4630 Advanced Network Security and Implementation 10
SYN flag setDest port
Packet count
SYN Attack with hping3 (cont.)
NETE4630 Advanced Network Security and Implementation 11
SYN Attack with hping3 (cont.)
However, the DoS client was stymied by attempts to circumvent its resource consumption
Any TCP stack that meets an unsolicited SYN/ACK packet will respond with an RST
The solution is to spoof a source IP address
$ hping –c 1 –a 10.12.250.250 –p 6666 –S 10.1.1.9
NETE4630 Advanced Network Security and Implementation 12
Spoofed IP address
SYN Attack with hping3 (cont.)
NETE4630 Advanced Network Security and Implementation 13
Target keeps sending SYN/ACK to the spoofed source until reaching timeout
Note on SYN Attack
Careful selection of the spoofed IP is necessary to conduct a successful DoS attack
The most successful method to ensure delivery of a spoofed packet is to select an unused IP on the same subnet as the attacking host
NETE4630 Advanced Network Security and Implementation 14
Reflective Attack
A variation of SYN attack Sending a large number of SYN packets to a web server
and spoofing source IP as the victim IP The web server responds to the large number of SYN
packets by issuing a flood of traffic back to the spoofed victim’s address
NETE4630 Advanced Network Security and Implementation 15
SYN SYN, ACK
Session Hijacking
Session hijacking works by taking advantage of the fact that most communications are protected (by providing credentials) at session setup, but not thereafter.
These attacks generally fall into three categories: Man-in-the-middle (MITM) Blind Hijacking Session Theft
NETE4630 Advanced Network Security and Implementation 16
Ref: http://technet.microsoft.com/en-us/magazine/cc160809(TechNet.10).aspx
MITM Attacks
Attacker intercepts all communications between two hosts. With communications between a client and server now flowing
through the attacker, he or she is free to modify their content. Protocols that rely on the exchange of public keys to protect
communications are often the target of these types of attacks
NETE4630 Advanced Network Security and Implementation 17
Bob AliceEvan
Blind Hijacking
An attacker injects data such as malicious commands into intercepted communications between two hosts commands like "net.exe localgroup administrators /add EvilAttacker".
This is called Blind Hijacking because the attacker can only inject data into the communications stream, but cannot see the response to that data (such as "The command completed successfully.")
Essentially, the blind hijack attacker is shooting data in the dark, but this method is still very effective
NETE4630 Advanced Network Security and Implementation 18
Session Theft Attacks
Attacker neither intercepts nor injects data into existing communications between two hosts.
Instead, the attacker creates new sessions or uses old ones.
This type of session hijacking is most common at the application level, especially Web applications.
NETE4630 Advanced Network Security and Implementation 19
Hijacking A TCP Session
NETE4630 Advanced Network Security and Implementation 20
Session establishment
Data transfer
Hijacking A TCP Session (cont.)
If the attacker wanted to inject data into the TCP session as the client, he or she would need to: Spoof the client's IP address Determine the correct sequence number that is expected by the server from
the client Inject data into the session before the client sends its next packet
To achieve the third, the attacker could just send the data to inject and hope it is received before the real client does
Or, the attacker could perform a DoS attack on the client, or use ARP spoofing
NETE4630 Advanced Network Security and Implementation 21
Hijacking A TCP Session (cont.)
NETE4630 Advanced Network Security and Implementation 22
Listen to seq , ack numbers
seq, ack
seq, ack
Bob Alice
Evan
Blind Injection
NETE4630 Advanced Network Security and Implementation 23
When the client receives the ACK packet, it will be confused, either because it did not send any data or because the next expected sequence is incorrect.
Hijacking A TCP Session (cont.)
Maybe the attacker can send something "nice" like "mv `which emacs` /vmunix && shutdown –r now" and not just a single character)
This confusion can cause a TCP ACK storm, which can disrupt a network
Attackers can automate the session hijacking process with tools such as Juggernaut, Hunt, and Ettercap
NETE4630 Advanced Network Security and Implementation 24
Hijacking A UDP Session
Attackers do not have to worry about the overhead of managing sequence numbers and other TCP mechanisms.
Since UDP is connectionless, injecting data into a session without being detected is extremely easy
NETE4630 Advanced Network Security and Implementation 25
DNS queries, online games like the Quake series and Half-Life, and peer-to-peer sessions are common protocols that work over UDP; all are popular targets for this kind of session hijacking
Determining Susceptibility
To check if your network is vulnerable to session hijacking is to hijack actual network sessions using common attacker tools e.g. Juggernaut or Hunt (now Ettercap)
Alternatively, try to find out if using transport protocols that do not use cryptographic protection
Protocols such as Telnet and FTP are extremely susceptible to hijacking when not protected inside encrypted tunnels
Countermeasure is to use SSL, SSH, and IPSec
NETE4630 Advanced Network Security and Implementation 26
Tricks and Techniques
TCP ACK Storm ARP Table Modification TCP Resynchronizing Remotely Modifying Routing Table
NETE4630 Advanced Network Security and Implementation 27
TCP ACK Packet Storm
NETE4630 Advanced Network Security and Implementation 28
If neither the attacker nor the client explicitly closes the session, the storm will likely stop itself eventually when ACK packets are lost in the storm.
As the attacker injects more and more data, the size of the ACK storm increases and can quickly degrade network performance.
ARP Table Modification
NETE4630 Advanced Network Security and Implementation 29
Finding owner of MAC address Spoofed reply
ARP Table Modification (cont.)
NETE4630 Advanced Network Security and Implementation 30
Stopping TCP ACK Storm
TCP Resynchronizing
To hide his/her tracks, an attacker who is finished session hijacking might want to resynchronize the communicating hosts.
The problem is that, after the attack, the two hosts whose session was hijacked will be at different points in the session (different seq and ack numbers). Server might think that it is 40 bytes into the session when the
client might have sent only 29 bytes.
NETE4630 Advanced Network Security and Implementation 31
TCP Resynchronizing (cont.)
Since sequence numbers move in only a positive direction, it's not possible to manipulate the server so that its expected sequence number moves downward to match the client's sequence number.
Tools like Hunt try to solve this problem by sending a message to the client
msg from root: power failure – try to type 13 chars
NETE4630 Advanced Network Security and Implementation 32
Remotely Modifying Routing Table
Attacker who wants to hijack a session wants to route all communications between a client and server through him or her making it easy to monitor, modify, and inject data into the session, as in MITM attacks.
Attacker modifies the routing table of the host is to forge ICMP Redirect (type 5) packets and advertise them as the route to take when sending data.
To protect Windows® hosts from forged ICMP redirect, set the EnableICMPRedirect value to 0 under the registry key HKLM\System\CurrentControlSet\Services\AFD\Parameters
NETE4630 Advanced Network Security and Implementation 33
DNS Poisoning
A more common example of session hijacking is DNS poisoning
DNS poisoning allows you to convince a DNS server that a hostname resolves to an arbitrary IP
NETE4630 Advanced Network Security and Implementation 34
DNS Resolution
NETE4630 Advanced Network Security and Implementation 35
12
435 6
Client does not query the canonical nameserver because of the efficiency provided by caching at the local nameserver
DNS Poisoning (cont.)
NETE4630 Advanced Network Security and Implementation 36NETE4630
36
12
43 56
Attacker’s nameserver
Spoofed web server
DNS Poisoning (cont.)
Implementing DNS poisoning is difficult Each DNS query contains a 2-byte identification field that
allows responses to be matched to queries An attacker has a 1 in 65,536 (2^16) chance of guessing
the correct identification value Normally an attacker needs to sniff the identification
number of the query in order to successfully spoof a response
NETE4630 Advanced Network Security and Implementation 37
DNS Message Format
NETE4630 Advanced Network Security and Implementation 38
DNS Poisoning with Ettercap
NETE4630 Advanced Network Security and Implementation 39
Hijacking A TCP Session (cont.)
NETE4630 Advanced Network Security and Implementation 40
Bob
Evan
www.it.kmitl.ac.th
203.148.145.240
www.msne.mut.ac.th203.148.145.240
www.it.kmitl.ac.th161.246.38.35
DNS Poisoning with Ettercap
NETE4630 Advanced Network Security and Implementation 41
1
2 3
DNS Poisoning with Ettercap (cont.)
NETE4630 Advanced Network Security and Implementation 42
45
DNS Poisoning with Ettercap (cont.)
NETE4630 Advanced Network Security and Implementation 43
6
7
8
DNS Poisoning with Ettercap (cont.)
NETE4630 Advanced Network Security and Implementation 44
Ettercap.dns
9
10
SSL Spoofing with Ettercap
NETE4630 Advanced Network Security and Implementation 45
SSL MITM Attack (cont.)
NETE4630 Advanced Network Security and Implementation 46
Bob
https://www.paypal.com
Paypal.com
SSL SSL
Paypall.com
www.paypall.com
www.mut.ac.th
SSH Downgrade Attack
SSH is the most famous example of a downgrade attack where the attacker forces the client and the server to use the insecure SSH1 protocol.
The client sends a request to establish a SSH link to the server and asks it for the version it supports
The server answers either with: ssh-2.xx The server supports only SSH2 ssh-1.99 The server supports SSH1 and SSH2 ssh-1.51 The server supports only SSH1
This attack occurs at the server that supports both SSH1 and SSH2
NETE4630 Advanced Network Security and Implementation 47
Ref: http://openmaniak.com/ettercap_filter.php
SSH Downgrade Attack (cont.)
NETE4630 Advanced Network Security and Implementation 48
SSH Downgrade Attack (cont.)
NETE4630 Advanced Network Security and Implementation 49
SSH Downgrade Attack with ettercap
1. Configure SSH server to support SSH1 and SSH2#apt-get install openssh-server
#vim /etc/ssh/sshd_config Protocol 1, 2
2. Create a SSH1 key pair#ssh-keygen –t rsa1 –f /etc/ssh/ssh_host_key –N “”
3. Add the key path into sshd_config file:HostKey /etc/ssh/ssh_host_key
4. Try to telnet to server to check if it has SSH1Trying server_ip_address...Connected to server_ip_address.Escape character is '^]'.SSH-1.99-OpenSSH_4.6p1 Debian-5ubuntu0.1
NETE4630 Advanced Network Security and Implementation 50
Client’s PuTTY Screen
NETE4630 Advanced Network Security and Implementation 51
Version 2 is preferred but not restricted
Ettercap Filter
NETE4630 Advanced Network Security and Implementation 52
SSH Downgrade Attack Filter
NETE4630 Advanced Network Security and Implementation 53
/usr/share/ettercap/ettercap.filter.ssh
Compiling the Filter
NETE4630 Advanced Network Security and Implementation 54
Loading the Compiled Filter
NETE4630 Advanced Network Security and Implementation 55
SSH Downgrade Attack Result
NETE4630 Advanced Network Security and Implementation 56
Avoiding SSH Downgrade Attack
Never use SSH1 on both server and client At /etc/ssh/sshd_config file
Protocol 2
#telnet server_ip_address 22Trying server_ip_address…
Connected to server_ip_Address.
Escape character is ‘^’.
SSH-2.0-OpenSSH_4.6p1 Debian-5ubuntu0.1
NETE4630 Advanced Network Security and Implementation 57
NETE4630 Advanced Network Security and Implementation 58
SSH Client
Avoiding SSH Downgrade Attack (cont.)
Authentication
Two main categories of authentication: Synchronous and asynchronous authentication protocols
Synchronous authentication protocols provide credentials at the start of the authentication process
Asynchronous authentication involves a challenge-response model
NETE4630 Advanced Network Security and Implementation 59
Password Authentication Protocol
Password Authentication Protocol (PAP) is one of the least secure authentication protocol used by PPP
Password and username are sent in cleartext (ASCII) to the authentication server after a connection has been established.
Used as a last resort when the remote server does not support a stronger authentication protocol, like CHAP or EAP
Both entities will try to negotiate and agree upon the most secure method of authentication Start with EAP, CHAP, then PAP
NETE4630 Advanced Network Security and Implementation 60
Challenge Handshake Authentication Protocol
NETE4630 Advanced Network Security and Implementation 61
Enter password
h(password, challenge)
Compare hash value
NETE4630 Advanced Network Security and Implementation
LM challenge/response
DES
uppercase(password[1..7])
magic word LM_hash[1..8]
DES
uppercase(password[8..14])
magic word LM_hash[9..16]
LM_hash[17..21]
as KEY
as KEY
0000000000
magic word is “KGS!@#$%”[email protected], Cracking NTMLv2 Authentication
62
NETE4630 Advanced Network Security and Implementation
LM challenge/response (cont.)
DES
00
LM_response[1..8]
DES
00000000
LM_response[9..16]
LM_response[17..24]
LM_hash[1..7]
LM_hash[8..14]
LM_hash[15..21]
DES
challenge code
challenge code
challenge code
as KEY
as KEY
as KEY
[email protected], Cracking NTMLv2 Authentication
63
NT Lan Manager v1 (NTLMv1)
NETE4630 Advanced Network Security and Implementation 64
Enter password
R1, R2
Compare hash value
8-byte random number
NTLMv1 (cont.)
User password and challenge are used to calculate LANMAN hash and MD4 hash C = 8-byte random challenge Hash1 = MD4(password) {K1, K2, K3} = {Hash1, 5-byte-0s} R1 = DES(K1, C), DES(K2, C), DES(K3, C) Hash2 = LM-hash(password) {K4, K5, K6} = {Hash2, 5-byte-0s} R2 = DES(K4, C), DES(K5, C), DES(K6, C)
Client sends {R1, R2} as a response to the server
NETE4630 Advanced Network Security and Implementation 65
NETE4630 Advanced Network Security and Implementation
NTLM 2 Authentication
MD4
HMAC_MD5
HMAC_MD5
unicode(password)
as KEYunicode(uppercase(account name)+domain_or_hostname)
as KEY
server_challenge+client_challenge
NTLMv2Response
[email protected], Cracking NTMLv2 Authentication
66
LM, NTLMv1, NTLMv2
NETE4630 Advanced Network Security and Implementation 67
LM NTLMv1 NTLMv2
Password case sensitive No Yes Yes
Hash key length 56bit + 56bit - -
Password hash algorithm DES (ECB mode) MD4 MD4
Hash value length 64bit + 64bit 128bit 128bit
C/R key length 56bit + 56bit + 16bit 56bit + 56bit + 16bit 128bit
C/R algorithm DES (ECB mode) DES (ECB mode) HMAC_MD5
C/R value length 64bit + 64bit + 64bit 64bit + 64bit + 64bit 128bit
[email protected], Cracking NTMLv2 Authentication
Attacks Against Password Hashes
Brute Force Attack Iterate through every possible input and hashes it, comparing the
output with the hash value Guaranteed to crack the hash if run long enough
Dictionary Attack Iterate through possible passwords and common substitutions of
these words Not guaranteed to produce results E.g. John The Ripper (or John The Ripper Pro for Commercial
version) available at http://www.openwall.com/john/
NETE4630 Advanced Network Security and Implementation 68
Attacks Against Password Hashes (cont.)
Rainbow Table Attack Compute every hash ahead of time, allowing the attacker to
check his/her database of hashes just for one he/she is trying to crack
Several tools can be used for password cracking including windows password in SAM, LM, NTLM password hashes Rainbow Crack, Ophcrack, John the Ripper, Cain and Abel
Rainbow Crack can be used to crack LM, MD5, Office hashes
NETE4630 Advanced Network Security and Implementation 69
Rainbow Table
Rainbow tables are sophisticated tables that utilize reduction algorithms to reduce the time needed to crack a password
The only information stored in the table is an initial value and a final value
When the initial value is passed through the algorithm, it produces a hash, when put through a reduction algorithm. The result of the reduction is then used as plaintext for another hash function
NETE4630 Advanced Network Security and Implementation 70
Rainbow Table (cont.)
NETE4630 Advanced Network Security and Implementation 71
Hash function
Reduction function
Hash function
Reduction function
Hash function
Reduction function
Rainbow table stores only the first and the last value of each chain
Password Cracking with Rainbow Table
1. Given a hash value, apply reduction function to it and query the table for the result
2. If not matched in the current chain, proceed with another chain, then another table, until a match is found
3. When you find a match, recover the initial value for that chain and reconstruct the chain until you are the point where the match occurred
4. When you reach this point, the initial value is the corresponding password
NETE4630 Advanced Network Security and Implementation 72
Password Cracking with Rainbow Table (cont.)
NETE4630 Advanced Network Security and Implementation 73
Password Cracking with Rainbow Table (cont.)
1. The encrypted password “re3xes” is intercepted. Try to apply reduction to “re3xes”, but it fail to reach either the first or the last value of one chain.
2. Try another chain. Now it matches the last value “linux123” of a chain
3. Try to calculate from the first value of the chain starting with “password”. Now it also reaches “re3xes”.
This guarantees that “re3xes” is decrypted to “password”
NETE4630 Advanced Network Security and Implementation 74
Cracking LM Password with Rainbow Crack
1. Dump password hashes using samdump, pwdump, fgdump
2. Install Rainbow Crack3. Before cracking the password, generate the rainbow table
first: LM Configuration#0 – #6
4. Sort the rainbow table using rtsort command5. Crack the password using rcrack command
NETE4630 Advanced Network Security and Implementation 75
Ref: http://www.ethicalhacker.net/content/view/94/24/
Password Hashes from pwdump
testuser1:"":0F20048EFC645D0A179B4D5D6690BDF3:1120ACB74670C7DD46F1D3F5038A5CE8:::
remote:"":E52CAC67419A9A224A3B108F3FA6CB6D:8846F7EAEE8FB117AD06BDD830B7586C:::
joeuser:"":E52CAC67419A9A224A3B108F3FA6CB6D:8846F7EAEE8FB117AD06BDD830B7586C:::
averageguy:"":299CCF964D9A359BAAD3B435B51404EE:A5C07214487C87B584E8877DE72DCA0B:::
harderpass:"":B75838F7A57EE67993E28745B8BF4BA6:EC50F8A8149C93EF45AECB8AF96658E6:::
demouser:"":261A6631FE44BA4993E28745B8BF4BA6:371D5760453C1B000BCC016F8E23A83C:::
randy:"":98B5AFEB67293D6AAAD3B435B51404EE:A9F34664151F6360757B31644F37E025:::
Asmith:"":E165F0192EF85EBBAAD3B435B51404EE:E4EBE0E7EF708DC9FD240135D3D43D89:::
NETE4630 Advanced Network Security and Implementation 76
Generating Rainbow Table
To generate other configuration, use rtgen command
# rtgen lm alpha-numeric 1 7 0 2400 40000000 all# rtgen lm alpha-numeric 1 7 1 2400 40000000 all# rtgen lm alpha-numeric 1 7 2 2400 40000000 all# rtgen lm alpha-numeric 1 7 3 2400 40000000 all# rtgen lm alpha-numeric 1 7 4 2400 40000000 all
NETE4630 Advanced Network Security and Implementation 77
Generating Rainbow Table (cont.)
“1” and “7” are our plaintext ranges. So we want passwords from “A” to “ZZZZZZZ.” If we had put plaintext length range "4-6", "AAAA" and "ZZZZZZ" would be among the
key space
0, 1, 2, 3, 4 are table numbers 2400 is chain length. Chain length increases the success rate per table but
does not increase table size. It computes more hashes per chain but also takes longer to create and search the tab
“8000000” is chain count of each rainbow table. Chain count is simply how many chains you want per table. Increasing this value
produces larger files with higher success rates, but the overall computation time isn’t affected.
NETE4630 Advanced Network Security and Implementation 78
Rainbow Table Configuration
NETE4630 Advanced Network Security and Implementation 79
Generating Rainbow Table with Winrtgen
Winrtgen (now in Cain and Abel) is a graphical Rainbow Tables Generator that supports LM, FastLM, NTLM, LMCHALL, HalfLMCHALL, NTLMCHALL, MSCACHE, MD2, MD4, MD5, SHA1, RIPEMD160, MySQL323, MySQLSHA1, CiscoPIX, ORACLE, SHA-2 (256), SHA-2 (384) and SHA-2 (512) hashes.
Winrtgen can generate only rainbow table for LM configuration#0
NETE4630 Advanced Network Security and Implementation 80
Generating Rainbow Table with Winrtgen (cont.)
NETE4630 Advanced Network Security and Implementation 81
Generating 1 configuration#0 table takes 2 days on P3 1GHz machine
Generating Rainbow Table with Winrtgen (cont.)
NETE4630 Advanced Network Security and Implementation 82
Generating 5 configuration#0 tables take 12 days on P3 1GHz machine
Generating Rainbow Table (cont.)
128,000,000 bytes lm_alpha#1-7_0_2100x8000000_all.rt
128,000,000 bytes lm_alpha#1-7_1_2100x8000000_all.rt
128,000,000 bytes lm_alpha#1-7_2_2100x8000000_all.rt
128,000,000 bytes lm_alpha#1-7_3_2100x8000000_all.rt
128,000,000 bytes lm_alpha#1-7_4_2100x8000000_all.rt
Sort the rainbow table:
# rtsort lm_alpha#1-7_0_2100x8000000_all.rt
# rtsort lm_alpha#1-7_1_2100x8000000_all.rt
# rtsort lm_alpha#1-7_2_2100x8000000_all.rt
# rtsort lm_alpha#1-7_3_2100x8000000_all.rt
# rtsort lm_alpha#1-7_4_2100x8000000_all.rt
NETE4630 Advanced Network Security and Implementation 83
Cracking the PasswordC:\rainbowcrack-1.2-win\rainbowcrack-1.2-win>rcrack
RainbowCrack 1.2 - Making a Faster Cryptanalytic Time-Memory Trade-Off
by Zhu Shuanglei < [email protected] This e-mail address is being protected from spam bots, you need JavaScript enabled to view it >
http://www.antsight.com/zsl/rainbowcrack/
usage: rcrack rainbow_table_pathname -h hash
rcrack rainbow_table_pathname -l hash_list_file
rcrack rainbow_table_pathname -f pwdump_file
rainbow_table_pathname: pathname of the rainbow table(s), wildchar(*, ?) supported
-h hash: use raw hash as input
-l hash_list_file: use hash list file as input, each hash in a line
-f pwdump_file: use pwdump file as input, this will handle LAN Manager hash only
example: rcrack *.rt -h 5d41402abc4b2a76b9719d911017c592
rcrack *.rt -l hash.txt
rcrack *.rt -f hash.txt
NETE4630 Advanced Network Security and Implementation 84
Cracking the Password (cont.)
rcrack c:\rainbowcrack\*.rt -f pwdumpfile.txt rcrack c:\rainbowcrack\*.rt -l justhashlist.txt rcrack c:\rainbowcrack\*.rt –h
213D466DB5B288F0F82E44EC0938F4F4
Where pwdumpfile.txt is the results of using a hash dumping utility like pwdump2, pwdump3, samdump, etc to dump the LAN Manager's passwords.
If your password consists of only letters only, rcrack should be able to crack it with a success rate of 99.9%.
NETE4630 Advanced Network Security and Implementation 85
Cracking the Password (cont.)
NETE4630 Advanced Network Security and Implementation 86
Limiting physical access Continue to force the use of special characters Use ALT-XXX characters in your passwords Keep up with updates Use Pass phrases Use Multi-factor authentication Password Policy Use NTLM or NTLMv2
NETE4630 Advanced Network Security and Implementation 87
Protecting yourself against RainbowCrack attacks and other password attacks
Limiting Physical Access
One common attack if you have physical access to a machine is to use a bootable Linux distro to simply boot into Linux and grab the SAM file off the windows partition.
IronGeek wrote a good tutorial on this method and even has a video you can watch. You can get it here: http://www.irongeek.com/i.php?page=security/localsamcrack2.
Another interesting tool released by Eeye is SysRQ2: http://research.eeye.com/html/tools/RT20060801-8.html.
“SysRq is a bootable CD image that allows a user to open a fully privileged (SYSTEM) command prompt on Windows 2000, Windows XP, and Windows Server 2003 systems by pressing Ctrl+Shift+SysRq at any time after startup.”
NETE4630 Advanced Network Security and Implementation 88
Continue to force the use of special characters
Rainbow tables can rip thru a LM password with any type of special character it still takes a large amount of time (1-2 years) to generate them
In LC4 we go from 9-11 hours to brute force alpha-numeric password to 91 days to brute force passwords with the possibility of all special characters (not including ALT-XXX passwords).
NETE4630 Advanced Network Security and Implementation 89
Use ALT-XXX characters in your passwords
ALT characters are produced by holding down the ALT key and pressing a three or four digit number sequence on your keypad.
Most password crackers cannot crack passwords with ALT characters.
Most ALT characters also have the added benefit that passwords that have ALT characters in them cannot be stored as LM hashes.
It causes password hashes to disappear
NETE4630 Advanced Network Security and Implementation 90
ALT-XXX Characters
NETE4630 Advanced Network Security and Implementation 91
Use Passphrases
Easiest and simplest way to protect you network from password cracking.
Use of pass phrases that are greater than 14 characters AND use special characters you can protect yourself from all but the determined attackers.
If your network is Windows 2000 and above you have a maximum length of 127 characters on your password/pass phrase; so sky’s the limit.
A pass phrase like “This is my Stupid Pass Phrase!” is long enough to be stored as NTLM or NTLMv2, has Uppercase, Lowercase, Spaces, and Special Characters, and is easy to remember.
This is a much more secure password than even “@w3cjd$Beu=mDr”.
NETE4630 Advanced Network Security and Implementation 92
Question?
Next weekPresentation Layer Security