I was a god among men, a password-cracking colossus striding through the world of mortals. The Secrets of the Hash were mine! But as I exulted in the exercise of my new powers, doubt crept quickly in: shouldnt someone who knew the Secrets of the Hash be able to crack more than 1 out of 16,051 hashes using a rule-varied RockYou dictionary attack? Graham, by contrast, had nailed 688,000 using the exact same technique, and that was on a hash dataset already stripped of most common passwords. Czacza felt a little thin by comparison. Now that I had the system up and running, it was time to find out why it wasnt running well. Let’s get cracking I began a series of experiments designed to isolate the problem. The first involved my hash database; perhaps it had simply been stripped of all the easy-to-find passwords and all that remained inside were 12-digit passwords requiring a six-month brute force attack to crack. So I returned to my password recovery forum and downloaded a new list of 17,000 MD5 hashes and got to work. The results were the same. Running the RockYou dictionary through a straight attack modified by the best64.rule file produced only a single result: tawtaw. This was faintly unsettling for a reason I couldnt quite name. A nagging voice in the back of my head suggested that only being able to crack passwords that followed a single specific pattern—in this case, three characters, repeated twice—was a Bad Sign. I couldnt decide why this might be a bad sign, exactly, so I shushed the nagging voice and returned to work. New attacks on my 17,000 hashes produced slightly better results but at the cost of dramatically increased cracking times. A combination attack would have taken an estimated 14.5 hours to complete, though it did crack three passwords in the three minutes I let it run. A combinator attack cracked a single non-patterned password (cp2009) in seconds. And returning to a straight attack but using the d3ad0ne.rule file instead of best64.rule earned me two more hashes (1234567 and aaaaa1) after the six minutes it took to run. I now had six hashes cracked. Progress! Enlarge / Hashcat in operation—even the GUI versions launch the command line executable to do their actual cracking. The results still seemed absurdly low, and the fact that I continued to crack largely patterned passwords gave me pause. Had both of these hash files really been stripped of every single RockYou password along with their rule-based variants? Since wordlist attacks, even using rules, were producing few hits, I decided to simply brute force the hash file. A brute-force attack simply iterates through every available option with minimal intelligence, trying aaaaa and then aaaaab and then aaaaac until it every possible permutation has been tried. I was extraordinarily thankful for the Hashcat GUI here, which simplified the configuration options needed to mount a brute-force attack from the command line. A brute-force attack requires numerous options, including the lengths of the attempted passwords and a mask built up from character sets like these: ?l = abcdefghijklmnopqrstuvwxyz ?u = ABCDEFGHIJKLMNOPQRSTUVWXYZ ?d = 0123456789 ?s = !#$&()*+,-./:;?@[\]^_`{|}~ ?a = ?l?u?d?s ?h = 8 bit characters from 0xc0 - 0xff ?D = 8 bit characters from german alphabet ?F = 8 bit characters from french alphabet ?R = 8 bit characters from russian alphabet I could certainly put together a mask to brute force all passwords that begin with, say, one uppercase letter, follow with five lowercase letters, and end with a symbol (?u?l?l?l?l?l?s), but the GUI made it even simpler to select options like lowercase alphanumeric with particular length constraints. Brute forcing can take extraordinary amounts of time as the password length increases; indeed, each additional character in a password exponentially increases the brute force cracking time, and passwords over nine or 10 characters could take weeks or months to crack on consumer hardware. To have any chance of success, I began with six-character passwords because I had already found some of this length in the hash file. I also limited myself to lowercase alphanumeric characters and symbols—leaving uppercase off for now because few people voluntarily create SHOUTY PASSWORDS. The complete run of six-character alphanumeric symbols would take five hours, Hashcat informed me, but it started showing results almost immediately. Two minutes in, I cracked 22 hashes. Four minutes in, it was 28. After six minutes, I was up to 32. Many of the cracked hashes consisted of nothing but lowercase letters, so I canceled the attack and aimed for something more efficient by throwing out the numbers and symbols. The resulting run went faster, cracking 334 hashes in one minute and revealing passwords like violet and ludwig and august and peanut. Boom! Whos a script kiddie now? Many of the cracked passwords were peoples names, while others were common English words. It did seem odd that the vaunted RockYou wordlist wouldnt contain things as obvious as august or violet, but I dismissed the thought and went hunting for further wordlists to see if I could increase my success rate. I grabbed an English dictionary wordlist along with a huge collection of first and last names slurped up from that massive corpus of data known as Facebook. Just for the heck of it, I grabbed a German dictionary too. I ran them in a straight attack against my 17,000 hashes, expecting massive results. Instead I got nothing—not even passwords like violet, which I knew were in both the wordlist and the hash file. The nagging voice in my head got louder, the one which had first suggested some time ago that I had a more fundamental problem than I cared to admit. Indeed, as I peered more closely at my collection of files, I began to suspect that somewhere along the way I had made a huge mistake—and that I had not in fact cracked a single hash using a wordlist.
Posted on: Thu, 20 Mar 2014 11:27:34 +0000