An overview of hash-opening tools: John the Ripper password cracker and MDCrack
At the moment, the hash can be opened in five ways: coarse brute force (brute force), dictionary selection, dictionary with rules (hybrid attack), rainbow tables (rainbow tables), and crypto-attack. The hashes themselves can be divided into regular hashes, and hashes with salt (salt, "seed"). This article is about the john and mdcrack programs . On their example, we also consider the main methods for implementing brute force.
John the Ripper password cracker is designed to open various types of hashes that are used in a variety of software and operating systems, from MySQL to OpenBSD. The program features: brute force password, dictionary password selection and hybrid attack. As well as signle and external password guessing methods specific to this program. All methods will be discussed below.
One of the features of the program is the fact that when opening a large number of passwords “at a time”, there is a great possibility that they will open faster than they would reveal them separately. And also the increment of the password is made “intellectually”, as will be discussed below.
The program has two limitations: john can open hashes only with salt - to open regular hashes, you need the appropriate patch or ready-made spec. build the program; You can brutess a password no longer than 8 characters (but there is no such limit when attacking a dictionary).
')
Salt (salt, "seed") is a method for complicating the calculation of a hash. For example, in FreeBSD, when calculating a hash from a password, two random characters are first generated, which are concatenated to a password, a hash is calculated from the resulting string, and these two characters are added to the resulting hash, giving the resulting hash.
To test the speed of the program on your computer, run it with the '--test' flag. The result will be given in c / s, i.e. in characters per second, not in h / s (hash per second), as is customary in other programs of this type. But each next character forms a new password. So, going through, for example, 3500 characters per second, we generate 3500 new passwords per second. Therefore, the numbers that the john - test command gives are the hashes per second.
To start the program, write the opened hash to the file: user: hash , where user is any string and hash is the hash you open. If you need to open several hashes at once, then you need to write them all into one file. As mentioned above, there is a high probability that all hashes will be opened faster than if they were written to different files separately. For example, create a file bla.pass with the following content:
To start the search, give the command john bla.pass . The program will tell you about the number of loaded hashes, about the number of different salts (in old unix-systems, salt was fixed, that is, all passwords were the same) and about the type of hashes. The hash type may be determined incorrectly. So, if you try to open the usual md5_128bit (without salt), then the version of john considered in this article will define this hash as NT LM DES, and will begin to find the password, obviously to no avail.
After starting the search, an eternity can pass before the password is revealed. To try to open a password within a reasonable time, john has a whole arsenal of different types of selection (modes of operation), rules, filters, and a flexible configuration file. Further, the modes of operation of john will be briefly considered. For more information, see the program documentation.
Single crack mode - search for a password by circumstantial evidence. The first candidates for passwords are the username, “GECOS”, “Full Name” - the fields of his account and the name of the user's home directory. And also rules (hybrid attack) are used for the received data, and there are more possible passwords. But not so much as in the dictionary attached to the program. Therefore, it is the fastest way. He completes his work (goes through all the possible options for this password options) in a few seconds.
Wordlist - dictionary password selection. The main dictionary weighs more than 600 Mb and is distributed on two disks. It contains the most commonly used passwords in more than 20 languages. This collection of passwords is worth $ 28.25. Also available is a small collection of passwords with a size of 11 Mb. The effectiveness of this collection is questionable, as it also contains passwords in more than 20 languages. The wordlist mode has a “submode”: wordlist with rules (rulets). This is a hybrid type of password guessing. The set of applicable rules can be modified and supplemented by its own. The rules are described in the configuration file with special characters and special flags that are read and processed by the John preprocessor of rules.
Incremental - brute force, i.e. brute force Brute force settings are stored in a configuration file. When iterating, the program evenly distributes the frequency increment according to the password length and the character set (limited time). There are five submodes of the incremental mode: "All", "Alnum", "Alpha", "Digits" and "LanMan". For example, "Digits" will iterate through only numbers, "Alpha" - only lowercase Latin letters. It is also possible to create your own incremental mode submode. Read more in the documentation.
External - this mode allows you to apply the “filters” described in the C configuration file using four callback functions. With this, you can write your search algorithm. But a few basic ones are already written in the configuration file, and they can be used.
All modes can be combined. By default (if you do not specify the mode and do not change anything in the configs), the program will first work out a single-mode, then try to find the password using the dictionary attached to the program (only 3108 passwords), then start searching for passwords (will go to incremental mode) length from 0 to 8 with an alphabet of 96 characters (Latin lowercase, Latin uppercase, numbers and symbols).
Practical advice: try first those modes and sub-modes that finish their work (in case of failure) the fastest. After completing the work in single, wordlist and wordlist with rulets modes, you will probably begin to brutess the password in the “All” submode. This may be your big mistake, which takes you too much time. Instead, first try the faster sub-modes in ascending order of characters: “Digits” (10 digits), “Alpha” (26 Latin lowercase letters), “Alnum” (36 symbols - letters + numbers), etc. Since users often use simple passwords, you should first try faster incremental iteration sub-modes. This can save you a lot of time.
The program aims to achieve the maximum speed brute force password. Program version 1.2 has open source code, but supports only three types of hashes: MD4, MD5 and NTLM1. Program versions 1.5 and 1.7 support more hashes, including md5_freebsd, but the source code is not provided in clear text. It is convenient to use the mdcrack program for brute-force, when the standard assembly of the john program did not fit you, i.e. when you need to open the hash without salt (without salt).
An example of calling the mdcrack program:
After this command, a “session” will be created, and if you interrupt the search, give the mdcrack command (without parameters) to return to the interrupted session. To delete a session, issue the mdcrack -d command.
Upon completion or after the interruption of the program, it gives information about the performance of the computer (the average number of hashes per second).
The -W flag is used to create a file of previously calculated pass: hash pairs. The -R flag is used to read this file. For faster read / write operation, the -F flag is used.
The -b and -e flags are used to specify challegne values. In some data transfer protocols, the transmitted password hash is encrypted (the hash from the transmitted hash is calculated). The password to which it is encrypted in this context is called challegne.
It is worth noting that the mdcrack program is looking for a collision hash. The fact is that several passwords can correspond to one hash (but the probability of this is very small), and with different lengths. If the user has set a password of 9 characters, when selecting such a password, it may turn out that another, shorter password, for example, of two characters, has exactly the same hash. And if it is introduced to the attacked system, it will be perceived as correct.
john
John the Ripper password cracker is designed to open various types of hashes that are used in a variety of software and operating systems, from MySQL to OpenBSD. The program features: brute force password, dictionary password selection and hybrid attack. As well as signle and external password guessing methods specific to this program. All methods will be discussed below.
The program has the ability to restore the selection process after its interruption.
One of the features of the program is the fact that when opening a large number of passwords “at a time”, there is a great possibility that they will open faster than they would reveal them separately. And also the increment of the password is made “intellectually”, as will be discussed below.
The program has two limitations: john can open hashes only with salt - to open regular hashes, you need the appropriate patch or ready-made spec. build the program; You can brutess a password no longer than 8 characters (but there is no such limit when attacking a dictionary).
')
Salt (salt, "seed") is a method for complicating the calculation of a hash. For example, in FreeBSD, when calculating a hash from a password, two random characters are first generated, which are concatenated to a password, a hash is calculated from the resulting string, and these two characters are added to the resulting hash, giving the resulting hash.
To test the speed of the program on your computer, run it with the '--test' flag. The result will be given in c / s, i.e. in characters per second, not in h / s (hash per second), as is customary in other programs of this type. But each next character forms a new password. So, going through, for example, 3500 characters per second, we generate 3500 new passwords per second. Therefore, the numbers that the john - test command gives are the hashes per second.
To start the program, write the opened hash to the file: user: hash , where user is any string and hash is the hash you open. If you need to open several hashes at once, then you need to write them all into one file. As mentioned above, there is a high probability that all hashes will be opened faster than if they were written to different files separately. For example, create a file bla.pass with the following content:
user1:$1$yHJlM1Y9$lzO5yVj6Drepbz6xje0wq0
user2:$1$RDBUtZMr$z8acZKa5XzY0vQuUwG6Un1
user3:$1$EP5lm7ex$poOrQvYoH78Bc63nhXx1p1
user4:$1$ths1/RY5$CUR32fPoOr/UcjeBpD4fx0To start the search, give the command john bla.pass . The program will tell you about the number of loaded hashes, about the number of different salts (in old unix-systems, salt was fixed, that is, all passwords were the same) and about the type of hashes. The hash type may be determined incorrectly. So, if you try to open the usual md5_128bit (without salt), then the version of john considered in this article will define this hash as NT LM DES, and will begin to find the password, obviously to no avail.
After starting the search, an eternity can pass before the password is revealed. To try to open a password within a reasonable time, john has a whole arsenal of different types of selection (modes of operation), rules, filters, and a flexible configuration file. Further, the modes of operation of john will be briefly considered. For more information, see the program documentation.
Total, john has 4 modes of operation, i.e. 4 ways to open a password: single crack, wordlist, incremental and external.
Single crack mode - search for a password by circumstantial evidence. The first candidates for passwords are the username, “GECOS”, “Full Name” - the fields of his account and the name of the user's home directory. And also rules (hybrid attack) are used for the received data, and there are more possible passwords. But not so much as in the dictionary attached to the program. Therefore, it is the fastest way. He completes his work (goes through all the possible options for this password options) in a few seconds.
In the GECOS-field, the user can record additional information about himself, such as a phone number, date of birth, etc.
Wordlist - dictionary password selection. The main dictionary weighs more than 600 Mb and is distributed on two disks. It contains the most commonly used passwords in more than 20 languages. This collection of passwords is worth $ 28.25. Also available is a small collection of passwords with a size of 11 Mb. The effectiveness of this collection is questionable, as it also contains passwords in more than 20 languages. The wordlist mode has a “submode”: wordlist with rules (rulets). This is a hybrid type of password guessing. The set of applicable rules can be modified and supplemented by its own. The rules are described in the configuration file with special characters and special flags that are read and processed by the John preprocessor of rules.
You can download some very useful dictionaries from passwords.ru
Incremental - brute force, i.e. brute force Brute force settings are stored in a configuration file. When iterating, the program evenly distributes the frequency increment according to the password length and the character set (limited time). There are five submodes of the incremental mode: "All", "Alnum", "Alpha", "Digits" and "LanMan". For example, "Digits" will iterate through only numbers, "Alpha" - only lowercase Latin letters. It is also possible to create your own incremental mode submode. Read more in the documentation.
External - this mode allows you to apply the “filters” described in the C configuration file using four callback functions. With this, you can write your search algorithm. But a few basic ones are already written in the configuration file, and they can be used.
All modes can be combined. By default (if you do not specify the mode and do not change anything in the configs), the program will first work out a single-mode, then try to find the password using the dictionary attached to the program (only 3108 passwords), then start searching for passwords (will go to incremental mode) length from 0 to 8 with an alphabet of 96 characters (Latin lowercase, Latin uppercase, numbers and symbols).
Practical advice: try first those modes and sub-modes that finish their work (in case of failure) the fastest. After completing the work in single, wordlist and wordlist with rulets modes, you will probably begin to brutess the password in the “All” submode. This may be your big mistake, which takes you too much time. Instead, first try the faster sub-modes in ascending order of characters: “Digits” (10 digits), “Alpha” (26 Latin lowercase letters), “Alnum” (36 symbols - letters + numbers), etc. Since users often use simple passwords, you should first try faster incremental iteration sub-modes. This can save you a lot of time.
mdcrack
The program aims to achieve the maximum speed brute force password. Program version 1.2 has open source code, but supports only three types of hashes: MD4, MD5 and NTLM1. Program versions 1.5 and 1.7 support more hashes, including md5_freebsd, but the source code is not provided in clear text. It is convenient to use the mdcrack program for brute-force, when the standard assembly of the john program did not fit you, i.e. when you need to open the hash without salt (without salt).
An example of calling the mdcrack program:
mdcrack -s qwertyuiopasdfghjklzxcvbnm -S 7 c8e5b031cee3fe69955e63f8c5e11509.
After this command, a “session” will be created, and if you interrupt the search, give the mdcrack command (without parameters) to return to the interrupted session. To delete a session, issue the mdcrack -d command.
Upon completion or after the interruption of the program, it gives information about the performance of the computer (the average number of hashes per second).
The -W flag is used to create a file of previously calculated pass: hash pairs. The -R flag is used to read this file. For faster read / write operation, the -F flag is used.
The -b and -e flags are used to specify challegne values. In some data transfer protocols, the transmitted password hash is encrypted (the hash from the transmitted hash is calculated). The password to which it is encrypted in this context is called challegne.
It is worth noting that the mdcrack program is looking for a collision hash. The fact is that several passwords can correspond to one hash (but the probability of this is very small), and with different lengths. If the user has set a password of 9 characters, when selecting such a password, it may turn out that another, shorter password, for example, of two characters, has exactly the same hash. And if it is introduced to the attacked system, it will be perceived as correct.
Subject references
- Article "Notes: which bruter to choose?": Forum.antichat.ru/showthread.php?t=37651
- Dictionaries for opening a hash, and not only: www.passwords.ru
Source: https://habr.com/ru/post/325298/
All Articles