In January I predicted that there will be common functions that developers could use to develop more resilient web-applications. Seems that at OWASP there has been some progress in this area, they released an API for Java just a while ago. The site stated that similar APIs are already being planned/built for .NET and PHP.
I had no previous knowledge of this project, but cool to see that some people put effort in it. OWASP is quite respected, so this could mean wider adoption of the provided tools. I haven't looked at the ESAPI to see what kind of input validation it provides, which was my main point. Based on the powerpoint it offers all sorts of web-app related security functionalities.
February 24, 2009
February 19, 2009
Password cracking, WPA and rainbow tables
I have seen a lot of searches about rainbow tables and WPA so I'll spend a few moments to talk about this and other password related stuff. (Please note that I am in no way an expert in the cracking area)
First of all, what is a rainbow table? It is a pre-computed table of hashes that is generated with a set keyspace and lenght. When you have a hash (lm, md5, sha1, etc) and a rainbow table for that particular hash, you just need to do a search in the table to see if you have a match. This is much faster than computing a new hash based on brute force or dictionary list and comparing it to the hash you have. Of course creating the rainbow table takes a long time and space depending on the keyspace and lenght you want it to be. To create your own rainbow table you can use rainbowcrack, and if needed, add new hashing algorithm to it.
Now about WPA cracking with bruteforce/dictionary. When you are going to crack a WPA passphrase you need to capture the initial handshake. You can get the handshake with a de-auth attack and continue offline with cracking the key. However, with current computing power it is possible to attempt just a couple hundred keys per second so it is slow. Of course you could utilize something like NVIDIAs GPU to speed up the cracking by 10 to 15 times if you know how to do it.
Ok, so using a rainbow table for the task sounds more feasible, right? The Internet has rainbow tables for WPA ready-made so you can just download it and crack the key fast instead of weeks or months, right? The problem here is that the rainbow table is created using the SSID and if the rainbow table you find isn't created for your target (default SSIDs mostly), you're out of luck. If you know the SSID, you can generate a pre-computed table and then use it when you need to. Considering the slow speed, you might have to resort to using a dictionary file with certain lenght words unless you have lots of time to spend.
To efficiently protect your WPA key against cracking would be to use over 20 character passphrase and to also render rainbow tables ineffective in other cases, you should use a long salt when generating the hash (apply it to the password before hashing).
Now, about password cracking in general and jumping a bit back in the topic. Cracking is generally about guessing passwords, unless there is a clear cryptographic flaw that can be exploited (e.g. WEP encryption). There are two methods of doing this, bruteforce attack or dictionary attack.
When doing a dictionary attack you have a file with lots of different words, which the cracking tool will use to try to figure out the password. Some tools may offer a permutation possibility, where characters are added (dash, 123 etc) or common letters are transferred to their special counterparts (s is $, i is 1, uppercase/lowercase etc), to ensure covering common ways of writing "difficult" but easy to remember passwords. Consider such a word that fullfills the usual [a-z][A-Z][0-9] + special character requirement which is 8 characters long or more, for example "Pa$$w0rd-".
When doing a bruteforce attack you instruct the cracking tool to go over all the possible combinations based on your parameters, like minimum and maximum lenght, the keyspace to use, for example [a-z][A-Z][0-9][$‰&-!]. If you set a password which is lenght 2 and is only the lowercase alphabets, it would go something like this: aa, ab, ac. When it reaches az, it will then start going like this: ba, bb, bc and so on.
When cracking something, you have gained access to a password hash with some kind of method or try to directly gain access to a resource. A hash is obtained from a system, database or network traffic. A resource could be a router, printer, SSH server, web-application, SNMP, you name it. To devices you can find default password lists, which will work if people have been lazy.
Usually when cracking the hash you usually do not need anything else, but when attacking a live resource you usually also need a valid username on the system and a tool capable of talking the protocol. Attacking a resource directly has also the caveat that it is noticeable and there may be account lockout measures in place which thwarts off your attack. Also the speed of the network plays a big role.
Here is a list of TOP-10 cracking tools, which are written for different purposes. Out of this list there exists tools that are written just to crack a specific hash and do it good. If you look hard enough, you might find one that it written just for the purpose, or you could manage to write your own. I once wrote a small shell script which attempted to crack different kind of logins (like Hydra). Sure, it worked and it was fun to write it, but it was dead slow.
A lot of other means exist to gain access to passwords. One could use sniffers, man-in-the-middle attacks, social engineering (ask, give chocolate, run a look-a-like phishing site etc), look under the keyboard, get the user to connect to your system instead of the real system, study the target and use related birthdays/pet names/car names/children names and whatever.
To thwart off most password gaining attempts is to use passphrases instead of passwords (which are long enough to make guessing them computationally infeasible), do not use cleartext protocols, pay attention to encryption warnings, don't fall for phishing emails and so on. Build the security of your systems in such a way that unauthorized access to your password hashes is hard to gain.
Phew, this was a mammoth post and honestly I started to get bored writing it :)
First of all, what is a rainbow table? It is a pre-computed table of hashes that is generated with a set keyspace and lenght. When you have a hash (lm, md5, sha1, etc) and a rainbow table for that particular hash, you just need to do a search in the table to see if you have a match. This is much faster than computing a new hash based on brute force or dictionary list and comparing it to the hash you have. Of course creating the rainbow table takes a long time and space depending on the keyspace and lenght you want it to be. To create your own rainbow table you can use rainbowcrack, and if needed, add new hashing algorithm to it.
Now about WPA cracking with bruteforce/dictionary. When you are going to crack a WPA passphrase you need to capture the initial handshake. You can get the handshake with a de-auth attack and continue offline with cracking the key. However, with current computing power it is possible to attempt just a couple hundred keys per second so it is slow. Of course you could utilize something like NVIDIAs GPU to speed up the cracking by 10 to 15 times if you know how to do it.
Ok, so using a rainbow table for the task sounds more feasible, right? The Internet has rainbow tables for WPA ready-made so you can just download it and crack the key fast instead of weeks or months, right? The problem here is that the rainbow table is created using the SSID and if the rainbow table you find isn't created for your target (default SSIDs mostly), you're out of luck. If you know the SSID, you can generate a pre-computed table and then use it when you need to. Considering the slow speed, you might have to resort to using a dictionary file with certain lenght words unless you have lots of time to spend.
To efficiently protect your WPA key against cracking would be to use over 20 character passphrase and to also render rainbow tables ineffective in other cases, you should use a long salt when generating the hash (apply it to the password before hashing).
Now, about password cracking in general and jumping a bit back in the topic. Cracking is generally about guessing passwords, unless there is a clear cryptographic flaw that can be exploited (e.g. WEP encryption). There are two methods of doing this, bruteforce attack or dictionary attack.
When doing a dictionary attack you have a file with lots of different words, which the cracking tool will use to try to figure out the password. Some tools may offer a permutation possibility, where characters are added (dash, 123 etc) or common letters are transferred to their special counterparts (s is $, i is 1, uppercase/lowercase etc), to ensure covering common ways of writing "difficult" but easy to remember passwords. Consider such a word that fullfills the usual [a-z][A-Z][0-9] + special character requirement which is 8 characters long or more, for example "Pa$$w0rd-".
When doing a bruteforce attack you instruct the cracking tool to go over all the possible combinations based on your parameters, like minimum and maximum lenght, the keyspace to use, for example [a-z][A-Z][0-9][$‰&-!]. If you set a password which is lenght 2 and is only the lowercase alphabets, it would go something like this: aa, ab, ac. When it reaches az, it will then start going like this: ba, bb, bc and so on.
When cracking something, you have gained access to a password hash with some kind of method or try to directly gain access to a resource. A hash is obtained from a system, database or network traffic. A resource could be a router, printer, SSH server, web-application, SNMP, you name it. To devices you can find default password lists, which will work if people have been lazy.
Usually when cracking the hash you usually do not need anything else, but when attacking a live resource you usually also need a valid username on the system and a tool capable of talking the protocol. Attacking a resource directly has also the caveat that it is noticeable and there may be account lockout measures in place which thwarts off your attack. Also the speed of the network plays a big role.
Here is a list of TOP-10 cracking tools, which are written for different purposes. Out of this list there exists tools that are written just to crack a specific hash and do it good. If you look hard enough, you might find one that it written just for the purpose, or you could manage to write your own. I once wrote a small shell script which attempted to crack different kind of logins (like Hydra). Sure, it worked and it was fun to write it, but it was dead slow.
A lot of other means exist to gain access to passwords. One could use sniffers, man-in-the-middle attacks, social engineering (ask, give chocolate, run a look-a-like phishing site etc), look under the keyboard, get the user to connect to your system instead of the real system, study the target and use related birthdays/pet names/car names/children names and whatever.
To thwart off most password gaining attempts is to use passphrases instead of passwords (which are long enough to make guessing them computationally infeasible), do not use cleartext protocols, pay attention to encryption warnings, don't fall for phishing emails and so on. Build the security of your systems in such a way that unauthorized access to your password hashes is hard to gain.
Phew, this was a mammoth post and honestly I started to get bored writing it :)
February 11, 2009
Hardest decision ever
I made the hardest decision of my life this monday. I decided to resign from my job during these difficult times. From 17.3.2009 onwards I will be available for new opportunities. I need a change. If you never take risks, you will never gain anything. Time will show if this was a bad decision.
February 8, 2009
This is somewhat true
I read a blog posting at DarkReading this morning, it was about security guys becoming admins in their daily work. In some sense this is true, I've also seen that happen. More time goes into administration than doing real security work.
Has anyone noticed the "trend" going on at some mailinglists?
"Hey, look! I made a blog post! Come and read, and comment!"
"Hey, look! I made another blog post, now I talk about this!"
"Hey, look! I made a blog post in response to your mailing list discussion!"
To me that sounds more like trying to get more readers to your blog with some silly advertising. I would be hesitant to post my own blog posts to any mailinglist unless I've tried to actually do some research I want responses to, and it is easier to present it in a blog entry. More reasonable would actually be to copy-paste the blog entry and just point a link to the blog, to possibly keep the discussion at mailinglist level.
But anyways, I hope this trend doesn't get too common.
Has anyone noticed the "trend" going on at some mailinglists?
"Hey, look! I made a blog post! Come and read, and comment!"
"Hey, look! I made another blog post, now I talk about this!"
"Hey, look! I made a blog post in response to your mailing list discussion!"
To me that sounds more like trying to get more readers to your blog with some silly advertising. I would be hesitant to post my own blog posts to any mailinglist unless I've tried to actually do some research I want responses to, and it is easier to present it in a blog entry. More reasonable would actually be to copy-paste the blog entry and just point a link to the blog, to possibly keep the discussion at mailinglist level.
But anyways, I hope this trend doesn't get too common.
Subscribe to:
Posts (Atom)