What's My Pass? » cracking

How secure is your password?

admin — Mon, 28 Nov 2011 18:04:00 +0000

Just head over to the service’s website and enter a password in the form. You do not necessarily have to enter a password that you use actively. You can alternatively enter a comparable password to find out how long it would take to hack your password with a brute force, or maybe a combined dictionary and brute force attack.

http://www.howsecureismypassword.net/

OS X Lion bugs allow changing local user passwords and viewing shadow files

admin — Tue, 20 Sep 2011 13:55:16 +0000

The latest version of OS X Lion allows any user to easily change the password of any local account, due to permissions oversights on Apple’s part. The news comes less than a month after another Lion vulnerability that let users bypass LDAP without a password gained notoriety.

Originally reported by Defence in Depth blogger Patrick Dunstan, the root of the newly discovered problem in Mac OS X 10.7 is tied to the user-specific shadow files used in modern OS X platforms. These files are essentially hash databases and contain, among other things, the user’s encrypted passwords. Ideally, they should be accessible only via high-privilege accounts.

According to Dunstan, Apple dropped the ball in terms of how Lion handles privilege. “Whilst non-root users are unable to access the shadow files directly, Lion actually provides non-root users the ability to still view password hash data,” Dunstan wrote. “This is accomplished by extracting the data straight from Directory Services.” Any user can accomplish this trick by simply invoking the directory services listing using the /Search/ path — for example, $ dscl localhost -read /Search/Users/bob (where “bob” is the username). This causes Lion OS X to spew out the contents of Bob’s shadow hash file, including data that can be used to crack Bob’s password with a simple script, such as a Python script written by Dunstan.

Source: Info World

Hacking Crappy Password Resets

admin — Tue, 15 Mar 2011 19:01:06 +0000

Ron over at SkullSecurity had a great 2 part series on using poorly coded password reset snippits used on popular code sites. He goes into depth about how the password reset works , different methods of resets, and how to use the reverse code to crack itself.
Check it out , it’s a great read:
Hacking Crappy Password Resets – Part 1
Hacking Crappy Password Resets – Part 2

The new threat

admin — Sat, 12 Feb 2011 17:58:14 +0000

Programmable embedded devices have the capability of being detected as a HID device , just like a keyboard or mouse. So if you have physical access and a minute alone you can compromise a system with something the size of your thumb. The possibilities are endless, HTTP/FTP download, injecting binaries into debug or Powershell etc.. Also this device is cross platform which means Windows,Linux,UNIX and Apple are all vulnerable.

Here’s an example project we made for a Windows7 box that adds a new Admin user to the system and hides that user from the logon screen. the whole process takes about 16 seconds , with most of the time taken by the device being detected as a keyboard and the driver installed. The device costs about $20 and can be found here

Plain-text IPhone passwords

admin — Fri, 11 Feb 2011 03:07:51 +0000

Lost your IPhone passwords? Just jailbreak it and recover all of them, they’re all in plain-text

Password recovery timing

admin — Fri, 11 Feb 2011 02:28:38 +0000

Time it takes a hacker’s computer to randomly guess your password:

of course unless they’re using a nice setup and using gpu power

MAPDAV

admin — Sat, 05 Feb 2011 19:03:19 +0000

MAPDAV is designed to use what is known about a user or users (ex, username, first name, middle name, last name, etc) on a unix/linux system from a /etc/passwd file and tries to come up with probable combinations that could be the user’s password. An administrator could run the output through a cracker and see if their user’s passwords are anything easy to guess.

For example, if we had a passwd file entery such as:
chrisa:x:107:102:Chris Anderson:/home/chrisa:/usr/bin/bash

We could have MAPDAV derrive some possible passwords, such as chrisa, chrisanderson, andersonchris, canderson, ChrisAnderson, Anderson Chris, CHRIS, plus any other combinations you entered. It has quite a few other features you can use to modify the output to have arbitrary characters, be in reverse, and other useful things.

Out of a sample of 30192 users, MAPDAV 1.0p8 cracked 4.7% of the passwords on the default settings, 1.2% of which were NOT the same user/pass. This combind with a good conventional wordlist could give good crack results.

More info: http://mapdav.sourceforge.net

Unix crypt(3) Rainbow Tables

admin — Wed, 22 Dec 2010 17:21:00 +0000

Darth Null had a nice writeup on how to make crypt(3) rainbow tables. After being told that the salt made it impossible to generate Rainbow Tables, unless you went through the trouble to create 4096 different tables (one for each salt) the reason cited was the presence of the two-character salt at the beginning of the hash. He went out and devised a solution couple of nights later, it was able to actually read, write, and process crypt(3) hashes in their native form (as opposed to a flat hexadecimal dump of the hash). He wanted to submit it for schmoocon but didnt get accepted , so rather than sit on the information, he decided to release it on his blog.

Instead of generating 4096 tables of 1-8 character passwords, just create 1 table of 3-10 character passwords, and use the 1st two characters of the plaintext passwords as the salt. (That part will make more sense if you read the paper.)
It’s still kind of slow: 9x slower than LM hashes, for example. But CPUs are much faster than they were in 2003, when people first started building tables for LM hashes.
It also takes a lot of storage. But storage, likewise, is much cheaper than it was seven years ago.

The whitepaper can be found here: http://bit.ly/ij8hQU

Javascript MD5/SHA1/SHA256/SHA512 Cracker

admin — Thu, 25 Nov 2010 07:26:56 +0000

JavaScript Distributed Computing System is online. Cracks MD5,SHA1,SHA256 & SHA512 hashes in pure JavaScript
http://www.andlabs.org/tools/ravan.html

MAC Keychain Master Password Recovery Tool

admin — Tue, 23 Nov 2010 23:06:00 +0000

Most Apple applications store the Login passwords and critical information to prevent hassle of entering the password every time by the user. Often these applications use their own proprietary encryption mechanism to store the credentials. But on Mac many applications use the Keychain files for storing the username,passwords and sometime even other critical data. In such cases KeychainRecovery helps in recovering the lost master password of the Keychain file.
You can download it from securityxploded.com , the same site that brought you the Firefox Master password cracker.