Password cracking

The fear of every surveillance society: citizens protecting their own privacy with strong cryptography

Password cracking

Post by ampakine on Wed Jul 20, 2011 9:05 am
([msg=59892]see Password cracking[/msg])

I was so pissed off about having downloaded a load of PDF files only to find out they were passworded that I decided to try and brute force one of them and to my amazement the little command line tool had the password in under 20 minutes. It was a 4 character password that was a random combination of letters and numbers. I was impressed by this so decided to learn about password cracking. I tried the same thing on a PDF that I put a 5 letter password on (horse) and it took about 3 hours to get the password lol. I'm guessing a 6 character password would take days. Firstly I was wondering about the terminology. Is the technique that tries all the words in a word list called a dictionary attack while the technique that tries every combination of characters called a brute force attack or are these kinda attacks all collectively known as brute forcing?

Other thing I was wondering is how much RAM you would need to brute force (trying every combo of characters) a 10 character password in a reasonable amount of time (under 24 hours). I'm thinking about the kinda passwords I like to use. Dictionary attacks are useless against my passwords and a brute force attack would take my computer years. The pdfcrack program I used only tries combos of letters (both cases) and numbers but didn't include special characters so it'd be useless against some of the passwords I use. An example of the kinda passwords I use is $nArKlErS56. Its easy to remember because I can sound it out in my head, 56 is a number I like the sound of and I usually arrange the cases so the password looks cool. Its very simple how I choose my passwords but its not so simple to crack these kinda passwords with any methods I know of yet. I'm a noob when it comes to password cracking I'm guessing some of you here have ways you could crack the kinda passwords I use. Then again maybe not since I can't really imagine how there could be an algorithm (besides plain old brute forcing the character combo) to do this kinda thing.

That example password up there is one of the stronger passwords I use. I don't use that kinda password for every day shit because it takes too long to type so instead I usually use a similar password but only use lower case letters.

EDIT:
I just came across this article:
http://www.readwriteweb.com/archives/ha ... 123456.php
which shows this table listing the most popular passwords from a sample of 32 million passwords:
Image
Thats a pretty high percentage of the people using these insanely bad passwords so the total percentage of people using weak passwords must be pretty high.
ampakine
Experienced User
Experienced User
 
Posts: 65
Joined: Tue May 31, 2011 5:21 pm
Blog: View Blog (0)


Re: Password cracking

Post by pretentious on Sat Jul 23, 2011 7:41 am
([msg=60026]see Re: Password cracking[/msg])

ampakine wrote:Firstly I was wondering about the terminology. Is the technique that tries all the words in a word list called a dictionary attack while the technique that tries every combination of characters called a brute force attack or are these kinda attacks all collectively known as brute forcing?
they are not collectively know as brute force. They both work the same way but the dictionary attack compares the hash against user defined passwords. This saves processing power by not bothering with unlikely passwords. As your picture shows, a great bulk of passwords are very common. There is a much greater chance of the password being "123456" than "$12^f)@"
ampakine wrote:Other thing I was wondering is how much RAM you would need to brute force (trying every combo of characters)
I'm only guessing but i don't think ram wouuld be an issue because nothing is remembered. The passwork cracking program will put "1111111" through an algorithm "7fa8282ad93047a4d6fe6111c93b308a" and compare the result to the hash you are trying to crack "7c6f9bb459d2945d8e9d12bd0e6cbe41". If they are not equal, which is evident, the program will forget about it and procede to "1111112"
ampakine wrote:I'm a noob when it comes to password cracking I'm guessing some of you here have ways you could crack the kinda passwords I use. Then again maybe not since I can't really imagine how there could be an algorithm (besides plain old brute forcing the character combo) to do this kinda thing.
Any password can be cracked given enough time. The reason why these hashing algorithms are used so widely is because they are one way algorithms, or something like that. It would actually take longer to analyse the resulting hash and get back to the original password than it takes to put every other possible password through the same algorithm. There are 3 ways to crack passwords that i can think of. brute force, which requires little memory but takes a long time, dictionary attack, which takes less time but requires memory to store the password list and then there is is rainbow tables, which are kind of half and half.
Goatboy wrote:Oh, that's simple. All you need to do is dedicate many years of your life to studying security.

IF you feel like exchanging ASCII arrays, let me know ;)
pretentious wrote:Welcome to bat country
User avatar
pretentious
Contributor
Contributor
 
Posts: 577
Joined: Wed Mar 03, 2010 12:48 am
Blog: View Blog (0)


Re: Password cracking

Post by tremor77 on Tue Jul 26, 2011 2:28 pm
([msg=60162]see Re: Password cracking[/msg])

I am curious as to how you hooked your command line tool to the PDF password box. Was it a command line tool specifically designed for PDFs?
Image
User avatar
tremor77
Contributor
Contributor
 
Posts: 862
Joined: Wed Mar 31, 2010 12:00 pm
Location: New York
Blog: View Blog (0)


Re: Password cracking

Post by Ulven on Thu Jul 28, 2011 9:45 am
([msg=60231]see Re: Password cracking[/msg])

Command line, I guess.
For istance, if we had a program called "open-pdf" which would return 1 if the password is wrong, we could use it recursively to test a lot of password. Of course, it's a very slow way.

The main problem with password cracking is time:
To find an alphabetical password 8 bytes long we've got to test 26^8 different words.
Ok, passwords are case sensitive, 52^8 different words.
Alphanumerical password? 62^8.
And special chars?
I think brute force is not very helpful. We should have supercomputers, distributed calculus algorithms, super fast hard drive, multiples CPU.

If possible it's better to use dictionary attacks with a "home made" dictionary. To generate a dictionary you could use softwares like Jonh The Ripper. The more time you spend optimizing dictionaries with the infos you have about the password (length, special chars, uppercase or downcase ...) the less time you will need for the attack.
Other ways to make the attack faster consist in using fast drives for dictionary storing - flash drives for example, or, better, RAM, a lot of RAM - or use the GPU of latest Card instead of computer CPU. I heard GPUs are faster.

So, I hope being helpful and I hope my english wasn't too bad :D
Ulven
New User
New User
 
Posts: 11
Joined: Sun Apr 04, 2010 2:28 pm
Blog: View Blog (0)


Re: Password cracking

Post by ampakine on Sat Aug 06, 2011 1:52 pm
([msg=60625]see Re: Password cracking[/msg])

tremor77 wrote:I am curious as to how you hooked your command line tool to the PDF password box. Was it a command line tool specifically designed for PDFs?

The program is called pdfcrack. Its in the Ubuntu repositories. I literally just typed pdfcrack lockedpdf.pdf into the terminal then checked on it a few minutes later later and it had the password for me. The password was something like H5SE. Thats the first time I've ever tried brute forcing anything so I'm glad I was only up against a 4 char password cuz seeing a password file cracked in under 10 minutes made me pretty optimistic about the whole thing. If it was 6 or more chars it woulda took days and I woulda gave up and lost faith in brute forcing techniques. I wanna try this out on rar files now but I can't get rarcrack (a linux command line tool) to work for some reason. I've been testing out john the ripper for cracking hashed passwords and noticed that it will, in a space of time, crack about 20% of the hashed passwords I harvest from google. Not very impressive but it works.

-- Sat Aug 06, 2011 2:26 pm --

tremor77 wrote:I am curious as to how you hooked your command line tool to the PDF password box. Was it a command line tool specifically designed for PDFs?

The program is called pdfcrack. Its in the Ubuntu repositories. I literally just typed pdfcrack lockedpdf.pdf into the terminal then checked on it a few minutes later later and it had the password for me. The password was something like H5SE. Thats the first time I've ever tried brute forcing anything so I'm glad I was only up against a 4 char password cuz seeing a password file cracked in under 10 minutes made me pretty optimistic about the whole thing. If it was 6 or more chars it woulda took days and I woulda gave up and lost faith in brute forcing techniques. I wanna try this out on rar files now but I can't get rarcrack (a linux command line tool) to work for some reason. I've been testing out john the ripper for cracking hashed passwords and noticed that it will, in a space of time, crack about 20% of the hashed passwords I harvest from google. Not very impressive but it works.

BTW if anyone wants to try this out themselves heres the PDF file:
https://rapidshare.com/files/272702135/lockedfile.pdf
ampakine
Experienced User
Experienced User
 
Posts: 65
Joined: Tue May 31, 2011 5:21 pm
Blog: View Blog (0)


Re: Password cracking

Post by mShred on Sat Aug 06, 2011 6:46 pm
([msg=60634]see Re: Password cracking[/msg])

ampakine wrote:The program is called pdfcrack. Its in the Ubuntu repositories. I literally just typed pdfcrack lockedpdf.pdf into the terminal then checked on it a few minutes later later and it had the password for me. The password was something like H5SE. Thats the first time I've ever tried brute forcing anything so I'm glad I was only up against a 4 char password cuz seeing a password file cracked in under 10 minutes made me pretty optimistic about the whole thing. If it was 6 or more chars it woulda took days and I woulda gave up and lost faith in brute forcing techniques. I wanna try this out on rar files now but I can't get rarcrack (a linux command line tool) to work for some reason. I've been testing out john the ripper for cracking hashed passwords and noticed that it will, in a space of time, crack about 20% of the hashed passwords I harvest from google. Not very impressive but it works.

I believe JTR was initially developed to crack Unix hashes, but I may be wrong.
Image

For those about to rock.
User avatar
mShred
Administrator
Administrator
 
Posts: 1680
Joined: Tue Jun 22, 2010 4:22 pm
Blog: View Blog (2)


Re: Password cracking

Post by centip3de on Thu Aug 18, 2011 4:07 pm
([msg=60968]see Re: Password cracking[/msg])

Ah, but you're all forgetting about a password probability matrix...

Ok, the chances are non of you guys have heard of it, as it's been done once. Been documented once, and poorly at that... Anywho, if it ever goes under more rigorous testing, I believe it would be _the_ main password cracking tool for future generations.
Programming today is a race between software engineers striving to build bigger and better idiot-proof programs, and the Universe trying to produce bigger and better idiots. So far, the Universe is winning. -Rick Cook
User avatar
centip3de
Moderator
Moderator
 
Posts: 1412
Joined: Fri Aug 20, 2010 5:46 pm
Blog: View Blog (0)


Re: Password cracking

Post by jgreen45 on Sat Aug 20, 2011 1:14 pm
([msg=61030]see Re: Password cracking[/msg])

While we are on the password topic:

http://xkcd.com/936/

Does a good representation on the myth on password security, which is based off of Steve Gibson's work on haystack passwords which can be found here here.

Still unbelievable that a password like "Octopodes eat the flying dolphin" is more secure against brute-forcing that F*&hg918qw. :P
I can't come to bed...
Someone is WRONG on the internet


http://xkcd.com/386/
User avatar
jgreen45
Poster
Poster
 
Posts: 106
Joined: Wed Feb 25, 2009 6:18 pm
Blog: View Blog (0)



Return to Crypto

Who is online

Users browsing this forum: No registered users and 0 guests