Password Cracking

Hashcat for the Win

This workshop utilizes knowledge about Linux, Windows and computer hardware. Participants will need a system they have administrative control over to install and run various software and virtual machines in order to learn how to effectively crack Windows passwords.

Cracking Terminology

• Encoding: transform data to a publicly known scheme for usability (i.e. base64)
• Hashing: One-way cryptographic function nearly impossible to reverse (i.e. MD5, Lanman, NTLM, SHA)
• Encryption: Reversible data mapping input/output with a key (i.e. DES, RSA)
• CPU vs GPU: CPU’s are optimized for sequential serial processing; GPU’s are thousands of cores with threads for parallel processing
• Cracking time (varies by hardware and tools used):
• Keyspace: charset^length (?a?a?a?a = 95^4 = 81,450,625)
• Hashrate: hashing function / hardware power (bcrypt / GTX1080 = 13094 H/s)
• Cracking time: keyspace / hashrate (6,220 seconds)
• Salt: Random data used as additional input to hashes
• Iterations: Number of times an algorithm is run over a hash

The Old Ways: Rainbowtables

Rainbowtables such as Project Rainbowcrack and Free Rainbow Tables require terabyes of fast storage to read from. They are ineffective against passwords with salts. Rainbowtables are very specific to a given password hash and type, and would need to be generated for multiple hash types. They are slow to generate and unable to meet the demand of modern password cracking where being dymanic, agile, flexible and scalable are key. Rainbowtables are static, rigid; to this end, they should only be mentioned as a history lesson, and nothing more.

Hashcat Overview

Hashcat is a powerful GPU password cracker. It is free, open source and available on most Operating Systems. It is agile, scalable and up to date. The Hashcat Wiki is highly recommended to keep open as a reference for this workshop.

You should install the latest version of hashcat on your system or virtual machine:

• Windows: Download the 7zip file from Github
• Linux: Install from a repository, or build from source
• macOS (requires homebrew):

  brew install hashcat

How NTLM Works

NTLM follows a very basic process:

• 1. A plaintext password is encoded in UTF-16LE
• 2. The encoded text is then passed through MD4 once. The result is the hash.

Cracking Passwords

For this lab, please download 2020-200_most_used_passwords.txt from this link.

This is a basic layout on how we will use hashcat from the command line. Most of the command will be the same regardless of the OS. Crack the following password using the following example command:

2d20d252a479f485cdf5e171d93985bf

When you successfully crack a password, you will notice a couple of things:

• GREEN: The cracked password
• CYAN: The time it took to crack the password
• PURPLE: The cracking speed of your system
• ORANGE: The temperature of the system
• BLUE: The total time it took to crack the hash

5835048ce94ad0564e29a924a03510ef

9a9d50b11ce8393752db14d0b0e3db08

Adding Variables

Wordlists can only take you so far since the text files cannot account for various mutations. Hashcat has the functionality to insert variables that don't exist in the wordlist but can help find the hash.

The following hash has one extra digit at the end. Use variables to solve:

d4a1be1776ad10df103812b1a923cde4

The following hash has four extra characters at the end. Use variables to solve:

4cc8e6e361d943cdd5cd79e0432dfeb0

Cracking hash5 may result in an odd answer that is not human readable. You will need to convert the hexadecimal result to see what the password is.

Take the hash and convert it in CyberChef as shown below:

The following hash has four extra characters at the beginning. Use variables to solve:

a68aebcd73f000710f795b657363cd11

Useful Links

• Hash Crack: Password Cracking Manual (v3)
• Rockyou2021: This is a compiled wordlist. It is comprised of two files, 9GB and 5 GB. Unzip with 7zip; the resulting file will be 100 GB.
• HaveIBeenPwned Passwords: Pwned Passwords are hundreds of millions of real world passwords previously exposed in data breaches. There are over 500 million passwords in this file. You can download either one (this workshop will use NTLM). The file will have hashes and numbers, which is unsuitable for hashcat. You would have to remove the numbers column in order for them to be accepted by hashcat.
• Weakpass: Analyzes password dumps and provides efficient dictionaries for download as well as a generator on their website.
• Password Cracking Village: Find them at DEFCON! Their website and booth is useful for more password cracking information.
• Capsop: Outdated wordslists but can be useful for attacks.
• EFF Wordlists: EFF also has some wordlists from 2016 that can be useful for attacks.

Rules

As written in the wiki, this is a complicated attack mode with a wide variety of modifications, making it flexible, accurate and efficient. A simple rule can be using "$1" to append a digit, making password into password1. Here are some other examples:

• ^!^1 >> password > 1!password

• so0 sa@ >> password > p@ssw0rd

• c so0 sa@ $1 >> password > P@ssw0rd1

Generating Rules with maskprocessor

Download and complie or extract the maskprocessor from Github.

With the software ready for use, run the following command that will make a 3 digit rule file:

./mp64.bin -o append_3_digits.rule '$?d $?d $?d'

This rule file will append three digits to whatever password it is trying to break, and it will do it in succession as shown above. Combine the rule we just created and the wordlist to find the following password:

0b7933c06356e74f24ab406ee0b19b57

In the same wiki, there is a section on generating rules on the fly.


Use this part of the wiki to find the following password; you may need to play with various numbers of rules to get the right answer. Don’t give up right away!

90749e62700405119900c5b08fa0d907

Masks

Mask attacks are a more specific version of brute force. We use certain candidate keyspaces to crack more efficiently. Masks are simple strings that use placeholders, with a question mark and a static letter to define the variable.

The following hash can be cracked with a mask only; you don't need the wordlist. This password contains 4 lowercase letters:

0cb6948805f797bf2a82807973b89537

The following password has 3 digits and lowercase letters; there is no need for the wordlist

d184d178a697c52b013b89dbae499e47

The following password has 7 uppercase letters and 1 digit (though not in that order); it is a word from the wordlist, but you don't need the wordlist to solve.

ba829364e85a90058d72f743bf1f74d1

Hashcat has some built in rules and masks for you to use. Find them in the program's folders:

TrustedSec's Hate_crack repository has some masks that you can use as well:

Advanced Attack: PRINCE

PRINCE (PRobability INfinite Chained Elements) takes one input wordlist and builds “chains” of combined words automatically. It is simple to use, requires no monitoring by the hacker, any extensions or syntax knowledge. The tool builds its own wordlist, hybrid, keyboard walks/passphrases and brute force for you. Download from Github here; this thread is also useful to understand PRINCE. As with the prior tool, you'll need to compile or extract to run.

NOTE FOR MAC USERS: this issue explains what you need to do in order to get the tool working on macOS.

If you ran the princeprocessor against the wordlist we have been using in this workshop, what is the result?

Seeing what results from sending a wordlist into princeprocessor, we will do that again, but also pipe that output into hashcat to solve the following hash:

62eff0d7a31f10efe18ed415e670bb3c

Use the same command, but change the wordlist to use Permutations/1337speak.txt instead to solve the following hash:

a70e26df450807870e97435c39832595

Password Analysis

Historical Tips

• Average password is 7-9 characters long
• Average English word is 5 characters long
• Average person knows 50,000-150,000 words
• 50% chance a password has 1+ vowels
• Women prefer personal names in their passwords
• Men prefer hobbies in their passwords
• ~, !, @, #, $, %, *, ? are most likely used symbols
• If a number, usually 1 or 2 and likely at the end
• If more than one number its usually sequential or personally relevant
• If a capital letter, it’s usually at the beginning followed by a vowel
• 66% of people use 1-3 passwords for all online accounts
• 1 in 9 people have a password based on the common top 500 list
• Western countries use lowercase passwords and Eastern countries prefer digits

20-60-20 Rule

The following chart shows how most passwords are sorted by difficulty.

Cracking Methodology

1. Extract hashes: Pull hashes from target, identify hashing function
2. Format hashes: Prepare hashes for your tool’s preferred method
3. Evaluate hash strength: If slow hash, you need to be more selective of dictionaries and attacks used; if fast, be more liberal with attack strategy
4. Calculate cracking rig capabilities: Baseline your rig to better assess its capabilities against a specific hash
5. Formulate plan: Create an attack plan based on known/unknown knowledge
6. Analyze passwords: Analyze results for any clues/patterns from cracked hashes to aid the success in the remaining
7. Custom attacks: Leverage the new knowledge to fine tune the attack to the target user’s behavior or preferences
8. Advanced attacks: Use more advanced tools to dig deeper
9. Repeat until solved

Basic Cracking Playbook

1. Custom wordlist: Compile your known plain text passwords into a custom wordlist file
2. Custom wordlist + rules: Run your custom wordlist with permutation rules for variations
3. Dictionary/wordlist: Look for common passwords and leaked passwords in a well-known list
4. Dictionary/Wordlist + rules: Add permutation rules to your dictionary looking for subtle changes
5. Custom wordlist + rules: Add any newly discovered passwords to custom wordlist and add permutation rules
6. Mask: Use hashcat’s masks to search keyspace for common password lengths and patterns
7. Hybrid Dictionary + Mask: Look for larger variations of common words/known passwords by appending/prepending masks to those candidates
8. Custom wordlist + rules: Add any newly discovered passwords back to custom wordlist and add permutation rules, looking for subtle variations
9. Combo: Individually combine dictionary password candidates together to form new candidates
10. Custom hybrid attack: Add any newly discovered passwords back to custom wordlist
11. Custom mask attack: Custom mask attacks based on currently cracked passwords
12. Brute force: When all else fails; be selective on how large a keyspace your rig can adequately brute-force. Above 8 chars is harder due to hardware limitations and password entropy/complexity

Potfile

The potilfe stores what passwords were found by hashcat. The default potfile does not differentiate between hash types; it only stores all hashes found in the order they were found. You can use

--potfile-path=/path/to/potfile

Distributed Cracking Software

• Hashcat Brain
• Hashtopolis (updated)
• Hashview (updated)
• Cracklord (outdated 3 yrs ago)
• Disthc (outdated 8 yrs ago)

Cracking Challenges:

Submit your answers at this link. Use the hints at the bottom of each section to help you if you get stuck.

774d222fd2128b6802f2586deb544681

002af721365d3098143821fdbeb68618

b9b9ec843c3b2965e2ad62d847822cd4

41ff752227c53858fc0fc9c90dbe4d5b

f80256d11073cc29f23cc0cd48df0cc3

498b372b1ae46c1b70e0b842f68b621c

3904b0ffab933fceb6e1734190839903

73752df67783192d0eb7a10c7d7b3f8d

83487ef3b85d39dcd3a0a73328c5974e

00a08d9372a3546d0292bb65d3945acb

00046ff8f504f4f921cd68b77c04fff5

00216511f59f814b8864481fd377be39

058c61e6208217e954c4735ab6a3f109

0047602fc375c506482010bc998e2ef5

008d4dd9b8ef094ceddf4cbf01f37831

01c5a6518a83da30b8752b6488547516

05ce20143ce083278fe34aa4ad3b7708

018fdf097faeed03c37c9894fc533063

0000076d1e4487f9e82a5c39dcd23394

00479948a0d0d0d801c0705cbbcf4cf3

00010e0b5de686f44a79d706a032e62d

00000787244575a85fa642eb9963e4a2

009bb868b3ebc09fd9b0559a9e1bd21c

023b73920ad2321294da1a06daa3bf97

00000790734052dbdf030e40338f51cf

022a6e54c2b124eb4291da495e6626f5

0479871d7b684e5a7331528d64cae7fe

Part 2

Use this tool to get the 7zip password.