Sunday, October 15, 2017

Decrypting Windows and Linux password hashing with John the Ripper


- Layout for this exercise:

1 - John The Ripper

- John The Ripper is a free password cracking software tool:

- Initially developed for the Unix operating system, it now runs on fifteen different platforms, eleven of which are architecture-specific versions of Unix, DOS, Win32, BeOS, and OpenVMS. 

- John The Ripper combines a number of password crackers into one package, autodetects password hash types, and includes a customizable cracker.

- It can be run against various encrypted password formats including several crypt password hash types most commonly found on various Unix versions (based on DES, MD5, or Blowfish), Kerberos AFS, and Windows NT/2000/XP/2003 LM hash. 

- One of the modes John can use is the dictionary attack.

- It takes text string samples (usually from a file, called a wordlist, containing words found in a dictionary or real passwords cracked before), encrypting it in the same format as the password being examined (including both the encryption algorithm and key), and comparing the output to the encrypted string.

- It can also perform a variety of alterations to the dictionary words and try these.

- Many of these alterations are also used in John's single attack mode, which modifies an associated plaintext (such as a username with an encrypted password) and checks the variations against the hashes.

- John also offers a brute force attack mode, the program goes through all the possible plaintexts, hashing each one and then comparing it to the input hash. 

- John uses character frequency tables to try plaintexts containing more frequently used characters first.

- This method is useful for cracking passwords which do not appear in dictionary wordlists, but it takes a long time to run.

2 - Decrypting Windows password hashing with John The Ripper brute force attack

- For this part of the exercise, let's take the hashes obtained with pwdump/fgdump and WCE in this previous exercise:


- Creating two hashes text files (fgdump_hash.txt and wce_hash.txt), locating both of them at the TFTP folder so  that they can be transferred from Windows 7 to the Kali Linux machine:

- There is a difference between both files, the first one only contains the LM hashes while the second one contains both the LM and NTLM hashes:

- Let's transfer both files from Windows 7 to Kali Linux using TFTP service:

- The transfer is successful:

- Now, let's decrypt with John The Ripper running the command john at the Kali machine, which  will work in brute force mode just adding the name of the text files as parameters:

- The decryption is successful for fgdump_hash.txt:

- For wce_hash.txt the result is also successful, though the clear text passwords are presented in uppercase format:

- Let's notice that this type of brute force attack can take a long time to be run.

- However, due to the presence of both LM and NTLM at the file wce_hash.txt, the process is a lot faster in comparison when only LM is present, as happens with fgdump_hash.txt.

3 - Decrypting Windows password hashing with John The Ripper dictionary attack

- In order to avoid the long time taken by the previous mode, let's perform a dictionary attack using a wordlist. 

- The difference is that now a wordlist is provided to John The Ripper. 

- For instance, let's create a text file list1 containing different strings as potential cleartext passwords:

- Passing list1 as wordlist for cracking fgdump_hash.txt:

- The result is successful:

- Passing list1 as wordlist for cracking wce_hash.txt:

- The result is also successful:

- Of course, in order the dictionary attack to be successful the wordlist provided must contain the cleartext correct passwords, as it was the case at list1.

4 - Decrypting Linux password hashing with John The Ripper

- Similar modes are used for Linux passwords, but before using John The Ripper it is necessary to "unshadow" the hashes obtained from a compromised system.

- First, there is a file passwords containing a dump from /etc/passwd:

- Also we have a file named shadow_hash containing some hashes derived from a /cat/shadow dump:

- Let's use the unshadow command:

- "Unshadow"-ing:

- Finally, applying John The Ripper with the wordlist list2 to unshadow_hashes, the cleartext passwords are obtained:

5 - Hashing identifier

- Let's hash the string today, applying different hashing cryptographic algorithms:

- Now, hash-indentifier can help to discover what type of hash function has been applied, for instance the MD5 (Message Digest 5):

- Also, the SHA-256 (Secure Hash Algorithm):