Week 6 Password Cracking (SEC 335) - Chromosom3/TechNotes GitHub Wiki
Week 6 Reflection
This week we began using tools to crack user passwords based on their hashes. This was exciting though it was also quite time-consuming depending on the hardware being used. I have been using a password manager for a few years now and I knew it was important to have random passwords but this lab just illustrated that even more. I typically have my password manager set to use very large passwords and all characters are random. If I had to try and crack one of those passwords I don’t think I’d live long enough to see it get cracked with the hardware I have.
Week 5 Prep for Week 6
Passwords are stored on Linux in /etc/shadow (they used to be stored in the /etc/passwd). The passwords in this file are hashed and salted. This means that they cannot be reversed. That being said, you can compute the hash of a string to determine if it’s the password. Rainbow tables contain a list of hashed passwords that have been precomputed. If the password is in a public word list then it is also probably going to be in a rainbow table meaning it's not secure. Whenever you create a hash that is smaller than the original there is a potential for a hash collision. This is when two inputs can have the same hash values. This is why hash algorithms get retired.
The /etc/passwd file has a defined structure. That is username:password:user-id:group-id:full-name:home-directory:shell. An example of that would be champuser:x:1000:1000:champuser,,,:/home/champuser:/usr/bin/zsh. Note the x for the password indicates that the password is stored in /etc/shadow and not in /etc/passwd.
The /etc/shadow file also has a defined structure. The syntax for this file is user:encoded-password:days since last password change:number of days till password can be changed:number of days until change required:days to warn the user of expiring password:number of days the password has expired for:number of days since jan 1 1970 the account has been disabled: not implemented but reserved. There is also a syntax for the password field itself. It uses $to deliminate between the different sub-fields. Between the first and the second dollar sign indicates the algorithm that was used. For example1` would indicate MD5. In between the second and third dollar sign is the salt. Finally, after the third dollar sign is the encoded password.
First Field Values:
- $1: MD5
- $2: Blowfish Algorithm
- $2a: Eksblowfish
- $5: SHA-256
- $6: SHA-512
- $y: YesCrypt (newest)
For a more detailed list of the first field, values check out the entry for crypt on the Debian man page wiki. That page can be found here.
To manually create the shadow password values you could use the command openssl passwd -1 -salt SALT PASS_TEXT. -1 is the same as $1.
John the Ripper
Use the unshadow command to create the password file that john can support. Then run john filename.txt to crack the password. Does a quick username brute force then it moves to the john dictionary. This tool also lets you use your own dictionary.
Hashcat
Very fast and more generalized. It does not support the latest has ($y$ in Kali).
Week 6 Lab Content
In this week's lab, we are getting the user’s hashes from a Linux system and then we are cracking the hashes to get the user’s plain text password. The first thing we need to do is to get the user’s hashes and set up a file that we can send to our cracking tools. The first thing we will want to do is to get our users from the /etc/passwd file. As mentioned earlier this file doesn’t actually store the password anymore but some older utilities will need the format. Then we will get the user’s password from the shadow file located at /etc/shadow. The image below shows the last three entries for each which we saved to files.
Now that we have those pieces saved to individual fields we can use the unshadow command from john the ripper to create one file for cracking. To do this run unshadow passwd_file shadow_file. This will print the unshadowed file to the terminal so make sure to pipe it into a file. The results of the unshadow command can be seen below. For more information on unshadow, you can use this link to view the kali documentation or this one for the ubuntu documentation.
gandalf.grey:$6$rounds=1000$LneEppAvGXMREfOV$vkOzEXBjXOD0XK3YJUgd5.nfQVq/gM3BEbKbARZu/BNQNi6Uu3cie5JvOIhkJ5A6mKGUIGKpUG3gFi4KE6xXW.:19143:0:99999:7:::
boromir:$6$rounds=1000$UvKLGar/VWtqFGCE$DcfWOzRolV4T6GABOUOFFXfg4lpmD4mKriKX1n5sN3ugJSY3nnicjuGfbT9hgEeo.b6dpWSitnK3z3jjBQ2w//:19143:0:99999:7:::
galadriel:$6$rounds=1000$poPWvLT/CfA/sxS/$lHbu1oMqRV2aM18fkFPbJw25U2.POqhonSmaUpbzPIPVKl2IxS86Qq8q9v3fYu5Y6qlWwbmqekbL3g1vtPmlQ/:19143:0:99999:7:::
Now that you have a file we can use to crack hashes let's crack some hashes. First, we will use john the ripper to crack the passwords. To do this we will run john --wordlist=wordlist.txt input.txt. The word list can be whatever wordlist you want and the input file is the one you created with the unshadow command. The image below shows john cracking passwords for this lab.
Another tool that you can use to crack passwords is hashcat. As mentioned before hashcat is faster than john but it does have some limitations. To run hashcat you can do hashcat -m 1800 -a 0 -o output.txt unshadowed.txt wordlist.txt. In this example, the -m 1800 specifies that we are using the hash mode that includes sha512crypt $6$, and SHA512 (Unix). The -a 0 flag specifies that the straight attack mode should be used. You can see the hash modes and the attack modes in the help section of hashcat or you can see them on the kali documentation for hashcat.
