Unmasking the Secrets: A Guide to Password Cracking

Written By Sam Lewis

Password Cracking 101

In the realm of cybersecurity and ethical hacking, understanding the art of password cracking is a valuable skill. Passwords are the first line of defense for any system, and learning how to crack them helps us identify vulnerabilities and reinforce security. In this comprehensive guide, we'll delve into the world of password cracking, exploring the tools, techniques, and knowledge needed to uncover passwords. We'll cover the basics of hashes, types of hashes, the limitations of hash reversal, rainbow tables, where to find hashes, the importance of hashing, and we'll even walk you through a hands-on example.

Understanding Hashes

Before we dive into password cracking, let's start with the fundamental concept: hashes. A hash is a fixed-size string of characters generated from a variable-length input. Think of it as a unique fingerprint for data. When you create or change a password, the system doesn't store the password itself; instead, it calculates a hash of the password and stores that hash.

In simpler terms, a hash is the output of data that has been run through an algorithm.

Types of Hashes

There are various types of hash functions, each with its characteristics. Commonly used hashes include MD5, SHA-1, and SHA-256. While MD5 and SHA-1 are considered weak due to advances in computing power, SHA-256 is more secure. Understanding the hash type used is crucial for successful password cracking. There are several ways to identify what kind of hash you are dealing with. For instance, the following hash types will commonly be found in the /etc/shadow file of linux devices. If you're not familiar with the /etc/shadow file, it is where the password hashes are stored for the accounts on the device. The beginning of these hashes demonstrate identifiers of the different hash types. Though this isn't a comprehensive list and there are many more, these are some of the most common found on linux machines. There are other ways to identify hash types as well, such as kali's hash-identifier program. There are comprehensive lists online that a simple Google search can help you out with. Click HERE for a great resource to use not only with hashcat but for identifying hash types.

$1$ is Message Digest 5 (MD5)
$2a$ is blowfish
$5$ is 256-bit Secure Hash Algorithm (SHA-256)
$6$ is 512-bit Secure Hash Algorithm (SHA-512)
$y$ (or $7$) is yescrypt

Why Hashes Can't Be Reverse-Engineered

Hash functions are designed to be one-way functions. This means that while it's relatively easy to calculate a hash from input data, it's nearly impossible to reverse-engineer the original input from the hash. Password cracking exploits this limitation by trying various inputs (password guesses) to find the one that produces the same hash.

Using John the Ripper and Hashcat

Two powerful password cracking tools that are widely used in the cybersecurity community are John the Ripper and Hashcat. These tools leverage different techniques to crack passwords. John the Ripper is known for its dictionary attacks and advanced rule sets, while Hashcat is known for its GPU acceleration, making it incredibly fast. I included a demonstration of password cracking using John, and will include resources and explanations for how to use hashcat.

Rainbow Tables

Rainbow tables are precomputed tables used to reverse hashes. They contain a vast number of hashes and their corresponding plaintext inputs. When a hash needs to be cracked, rainbow tables can be used to quickly find a match. However, they require significant storage space and are less effective against strong and unique passwords as well as salted hashes, which I will explain next.

Salted Hashes: Adding an Extra Layer of Security

In our exploration of password cracking, it's essential to discuss an additional layer of security known as "salted hashes." While traditional hashes add a level of protection to passwords, they are not immune to certain attacks, such as rainbow table attacks. This is where salted hashes come into play.

What is a Salted Hash?

A salted hash is a cryptographic hash that includes a unique random value called a "salt" along with the user's password. The salt is generated separately for each user and is then combined with their password before hashing. The resulting salted hash is unique, even for users with the same passwords, thanks to the addition of the salt. So for instance, if I changed my password on a system that used salted hashes to "Password1", my password would be combined with this random generated string called the "salt" and lets say that random string is 1234# (it would never be something this simple, but trying to simplify the explanation.) The information of "1234#Password1" would go into the algorithm and then the output would be my hash. If my co worker changed his password to Password1 as well, his "salt" would be different. Let's say for instance, his salt randomly generated to 45678!. This, combined with his password, even though it's the same password as mine, would produce a different output from the algorithm. Therefore his hash would be different than mine.

Advantages of Salted Hashes

  1. Protection Against Rainbow Tables: One of the primary advantages of salted hashes is their resilience against rainbow table attacks. Since each password is hashed with a unique salt, attackers cannot rely on precomputed tables to crack passwords easily.

  2. Unique Hashes: Even if two users have the same password, their salted hashes will be different due to the unique salt. This eliminates the risk of attackers identifying identical passwords by comparing hash values.

  3. Enhanced Security: Salting adds an extra layer of security, making it more challenging and time-consuming for attackers to crack passwords. It effectively forces attackers to perform brute-force or dictionary attacks, which are slower and less efficient.

How Salted Hashes Work

Here's how the process of creating and verifying salted hashes works:

Salt Generation: When a user creates or updates their password, a random salt is generated specifically for that user. The salt is typically a long, random string of characters.

Combining Salt and Password: The salt is combined with the user's password. This creates a unique combination that is then hashed using a cryptographic hash function (e.g., SHA-256). The result is the salted hash.

Storage: The salted hash, along with the salt itself, is stored in the authentication database. When a user logs in, the system retrieves their unique salt from the database.

Verification: When the user attempts to log in, the system takes their entered password, combines it with the stored salt, and hashes the result. If the computed hash matches the stored salted hash, access is granted.

Implementing Salted Hashes

To implement salted hashes in your applications or systems, follow these steps:

  1. Generate a unique random salt for each user during registration or password update.

  2. Combine the user's password with the salt.

  3. Hash the salted combination using a secure cryptographic hash function.

  4. Store the salt and salted hash in your authentication database.

During login attempts, retrieve the user's salt from the database, compute the salted hash, and compare it to the stored hash.

Salted hashes are a robust security measure that significantly increases the difficulty of password cracking. They are a standard practice in modern security systems and a vital component of protecting user credentials.

Incorporating salted hashes into your password storage practices ensures that even if an attacker gains access to your password database, their efforts to crack passwords are considerably thwarted.

Where to Find Hashes

You might wonder where you can find hashes to practice your password cracking skills. Common sources include:

Leaked Databases: Security breaches often result in the release of hashed passwords.

Capture Files: Network captures may contain hashed credentials.

System Files: Password hashes are stored on systems for user authentication.

Demonstration

This demonstration is for Linux password cracking. I will do another one for Windows in the future, but wanted to separate the two as they use different kinds of hashes and there is quite a bit to explain with that process as well. I went ahead and created a VPS server with an auto script to create random users with random simple passwords to practice cracking them. I did this to simulate gaining root access to a compromised server and now wanting to go after other accounts or workstations or servers.

#!/bin/bash

# Function to generate a random weak password
generate_weak_password() {
    local length=$1
    < /dev/urandom tr -dc 'a-zA-Z0-9' | head -c"$length"
}

# Create users with weak passwords
echo "Creating users with weak passwords..."
sudo useradd -m -p $(openssl passwd -1 $(generate_weak_password 8)) John
sudo useradd -m -p $(openssl passwd -1 $(generate_weak_password 7)) Joe
sudo useradd -m -p $(openssl passwd -1 $(generate_weak_password 10)) Jenny
sudo useradd -m -p $(openssl passwd -1 $(generate_weak_password 8)) Jason
sudo useradd -m -p $(openssl passwd -1 $(generate_weak_password 7)) Jerry
sudo useradd -m -p $(openssl passwd -1 $(generate_weak_password 15)) Jack

echo "Users created with weak passwords:"
echo "Username: John, Password: (random 8 characters)"
echo "Username: Joe, Password: (random 7 characters)"
echo "Username: Jenny, Password: (random 10 characters)"
echo "Username: Jason, Password: (random 8 characters)"
echo "Username: Jerry, Password: (random 7 characters)"
echo "Username: Jack, Password: (random 15 characters)"

With the server spun up, I went ahead and grabbed the /etc/passwd and /etc/shadow files. I spoke about the shadow file earlier, the passwd file used to be where they stored passwords in unix/linux. This file is world readable meaning that all accounts are able to see it. This is bad security practice as anyone with access to the machine has access to everyone's passwords. So they started putting the hashes into the shadow file as this is only readable by the root account.

This is the contents of the passwd file. As you can see, the lines consist of the username then a colon, and then an "x". The x is actually a representation for the password hash, indicating that the hash is stored in the shadow file.

Now in the shadow file, you can see that there are actual hashes. The root user has a SHA-256 hash as we can see by the "$5$" at the beginning of the hash. As we scroll down further, we can see that all of the other accounts that are able to be logged in start with $1$. which is an MD5 hash. This just means that the passwords were sent through an MD5 algorithm and that's the output.

Now that we have the hashes from our compromised server, we need to put them into a format that is readable by our cracking programs. In this case it will be John the Ripper, but Hashcat will use the same format. Luckily for us, John comes with a ton of programs that automatically put common files that contain hashes into readable formats for cracking! In this case, we will use the program called "unshadow". What this program does, is takes the passwd and shadow files and combines them into one file that is readable by John and other password cracking programs. A side note to talk about some of the other programs that John has, this is not all inclusive, just examples:

  1. Zip2John:  Zip2John is a utility that extracts password hashes from ZIP archive files. It's useful for cracking passwords used to protect ZIP files.

  2. PDF2John: Similar to Zip2John, PDF2John extracts password hashes from encrypted PDF files. It allows you to crack PDF file passwords.

  3. RAR2John: This tool extracts password hashes from RAR archive files, enabling you to crack passwords used to protect RAR archives.

  4. Office2John: Office2John can extract password hashes from Microsoft Office document files (e.g., Word, Excel, PowerPoint) for password cracking purposes.

  5. AxCrypt2John: AxCrypt2John is used to extract password hashes from AxCrypt encrypted files. It helps with cracking passwords used to protect AxCrypt-encrypted files.

  6. TrueCrypt2John: This utility extracts password hashes from TrueCrypt/VeraCrypt volumes, allowing you to attempt to crack the encryption password.

  7. SSH2John: SSH2John extracts password hashes from SSH private key files. It's used for auditing SSH keys.

  8. PDFCrack: Although not part of John the Ripper, PDFCrack is often used in conjunction with John to crack the password of PDF files.

  9. CrackLM: CrackLM is specifically designed for cracking LM (LAN Manager) password hashes, commonly found in older Windows systems.

I saved the passwd and shadow files as .txt files on my attack machine and ran the following command to "unshadow" the files into one document.

unshadow passwd.txt shadow.txt > unshadowed.txt

I ran the file and cat the output to show what the contents of the file are. As you can see, it combines the passwd and shadow file. You could do this manually, but why not automate everything you can?

Now that we have hashes loaded in a readable format by John, it's time to load them into it and crack these bad boys. We can either brute force it, or, in other words try every possible combination until we get the password, or we can try a dictionary attack. In this case we will do a dictionary attack, and hope these passwords are in our dictionary.

There are quite a few ways to alter our dictionary as well. Which we will dive into a bit.

Why Alter Dictionaries?

Before diving into the specifics of dictionary manipulation, let's understand why you might want to alter dictionaries:

  1. Password Patterns: Many users create passwords with predictable patterns, such as adding numbers at the end or beginning of a word. By adding these patterns to your dictionaries, you increase the likelihood of finding matching passwords.

  2. Password Complexity: Some systems enforce password complexity rules, which may include requirements for numbers, special characters, or a mix of upper and lower case letters. Modifying your dictionary to meet these requirements can be helpful.

  3. Custom Wordlists: Altering dictionaries allows you to create custom wordlists tailored to your specific target or scenario. This can save time and increase your chances of success.

Using John the Ripper to Alter Dictionaries

John the Ripper provides a tool called rules that allows you to apply various transformation rules to a dictionary. Here's how you can use it:

  1. Start with a Dictionary: You'll need a base dictionary, which can be a text file containing a list of words, phrases, or common passwords. You can find various dictionaries online, or you can create your own.

  2. Create a Rules File: A rules file contains transformation rules that specify how the words in your dictionary should be modified. You can create custom rules files or use predefined ones.

    Example rules file (mangle.rules):

# Add numbers 0-9 to the end of words
$[0-9]
# Add numbers 0-9 to the beginning of words
^[0-9]
# Append "123" to words
$123

Tips for Effective Dictionary Alteration

Custom Rules: Experiment with custom rules that suit your specific needs. Rules can include adding numbers, special characters, reversing words, and more.

Combinations: Combine multiple rules in your rules file to generate a diverse set of password variations.

Frequency Analysis: Analyze the common patterns in your target environment to create rules that mimic those patterns.

Wordlist Size: Be mindful of the size of your modified dictionary. Extremely large wordlists can slow down the cracking process.

Hybrid Attacks: Consider combining your modified dictionary with other John the Ripper attack modes like hybrid attacks to improve your chances of success.

I won't be doing any dictionary altering for this demonstration, but you are able to do this for both John and Hashcat and most other password cracker programs. For Hashcat, they call this "masking". You can do this using the following flags in the Hashcat command line.

attack modes (-a)

0 - straight no changes to dictionary
1 - combination -combine two dictionaries
3 - Brute-Force
6 - Hybrid Wordlist + Mask (characters after word)
7 - Hybrid Mask + Wordlist (characters before word)

?l - lowercase
?u - uppercase
?d numbers
?s special
?a all

Example: add 4 digits to end of each guess: -a 6 ?d?d?d?d

--increment - option to vary the length of digits

I then ran a dicitonary attack using the "rockyou.txt" dictionary that is already on Kali Linux using the following command.

john --wordlist=/ur/share/wordlists/rockyou.txt unshadowed.txt

John is an amazing tool as it will automatically detect what kind of hashes you have loaded. In this case, it told me that it was assuming that all of the hashes were sha256crypt but "also saw type "md5crypt". It then told me to "Use the "--format=md5crypt" option to force loading hashes of that type instead".

I took John's advice and forced the format to md5crypt.

john --wordlist=/usr/share/wordlists/rockyou.txt --format=md5crypt unshadowed. txt

Almost immediately John started cracking the passwords!

So now you can see the passwords for 4 out of the 5 accounts. The 5th one, "Jack", I told the VM to randomly generate a difficult password. This password will not be on any of my dictionaries. I would have to brute force this one.

Brute Forcing Passwords

Brute forcing is a password cracking technique that involves trying every possible combination of characters until the correct password is found. It's a straightforward but time-consuming method, especially for complex and long passwords. Brute forcing is typically used as a last resort when other password cracking techniques, such as dictionary attacks and rule-based attacks, fail.

How Long It Takes

The time it takes to brute force a password depends on several factors, including:

  1. Password Length: Longer passwords take exponentially more time to crack than shorter ones. This is because the number of possible combinations increases significantly with each additional character.

  2. Character Set: The character set used in the password (e.g., uppercase letters, lowercase letters, digits, special characters) affects the number of possible combinations and, therefore, the time required for brute forcing.

  3. Hardware and Speed: The speed of the computer or hardware used for the brute force attack plays a significant role. Modern GPUs and dedicated password-cracking hardware can significantly speed up the process.

  4. Parallelization: Parallelizing the brute force attack across multiple machines or GPUs can reduce the time needed to crack a password.

  5. Target's Password Policy: Password policies enforced by the target system can also impact the time required. For example, systems that allow longer passwords with complex character sets are more secure against brute force attacks.

Length vs. Complexity

When it comes to password security, length often trumps complexity. Longer passwords are generally more secure because they increase the number of possible combinations, making brute force attacks exponentially more time-consuming. Here's why length matters:

  1. Exponential Growth: As the length of a password increases, the number of possible combinations grows exponentially. This means that even relatively simple passwords that are long can be extremely secure.

  2. Complexity Has Limits: Complex passwords with a mix of uppercase letters, lowercase letters, digits, and special characters are commonly recommended. However, if these passwords are short, they can still be cracked relatively quickly through brute force.

  3. Usability: Long passwords are often easier to remember and type than complex ones. This encourages users to create and maintain strong passwords.

  4. Password Policies: Many organizations have started encouraging longer passphrases (sequences of words) instead of complex passwords because they are both secure and user-friendly.

For example, a 12-character passphrase made up of common words and spaces (e.g., "correct horse battery staple") can be significantly more secure against brute force attacks than a shorter password with complex character requirements (e.g., "P@ssw0rd").

This image I found from Hive Systems shows exactly how long it would take for a hacker to brute force your password hash. If your password is greater in length than 20 characters, is random, and has not been exposed on any breaches in plaintext, it is safe to assume that you've got a decently secure password. I would also like to add in that you should use Multi Factor Authentication (MFA) where possible. This way, if a hacker cracks your password, there will be another layer of security they will have to overcome just to use your password.

With that said, I hope you enjoyed this demonstration and post. I will be doing Windows hashes with Hashcat in the future to demonstrate that as well. Please hit the thumbs up, share, and comment if you liked this and want to see more content like this.

-Sam

Sam Lewis
Previous

DVR4 Walkthrough- Proving Grounds OffSec
Next

Unveiling the Sweet Sting: My Homemade Raspberry Pi Honeypot