ITCamp 2011 - Paula Januszkiewicz - Password secrets revealed
1. …or had
no time to
check it!
Password Secrets Revealed!
Everything you want to know but are afraid to ask…
Paula Januszkiewicz
CQURE: IT Security Auditor, MVP, MCT
http://blogs.technet.com/plwit/
paula@cqure.pl
Premium conference on Microsoft’s Dev and ITPro technologies @itcampro / #itcampro
2. IT Camp 2011
• Thanks for coming!
• ITCamp is made possible by our sponsors:
Premium conference on Microsoft’s Dev and ITPro technologies @itcampro / #itcampro
3. MVP-Press Training Course
Planning, Deploying and Managing
Microsoft Forefront Threat Management
Gateway 2010
Available for online purchase:
http://www.mvp-press.com
Follow us on:
http://facebook.com/MVPpress
http://twitter.com/MVPpress
3
Premium conference on Microsoft’s Dev and ITPro technologies @itcampro / #itcampro
4. Agenda
Summary
What are passwords for… nothing! (Things you should remember)
1 2 3
Passwords – some examples
Premium conference on Microsoft’s Dev and ITPro technologies @itcampro / #itcampro
5. What to expect?
Life without passwords…
Passwords in the Web
Protected Storage
VNC
Wireless (In) Security
Passwords in the Operating System
Rainbow tables
Cracking toolkit
Summary
Premium conference on Microsoft’s Dev and ITPro technologies @itcampro / #itcampro
10. What to expect?
Life without passwords…
Passwords in the Web
Protected Storage
VNC
Wireless (In) Security
Passwords in the Operating System
Rainbow tables
Cracking toolkit
Summary
Premium conference on Microsoft’s Dev and ITPro technologies @itcampro / #itcampro
11. Passwords in the Web: Null Byte Injection, Inside the SSL Tunnel
DEMO
Premium conference on Microsoft’s Dev and ITPro technologies @itcampro / #itcampro
12. What to expect?
Life without passwords…
Passwords in the Web
Protected Storage
VNC
Wireless (In) Security
Passwords in the Operating System
Rainbow tables
Cracking toolkit
Summary
Premium conference on Microsoft’s Dev and ITPro technologies @itcampro / #itcampro
13. Protected Storage
• Now: Read-Only
• DPAPI
– Data Blob + Entropy
– Master Key
– User Password
Premium conference on Microsoft’s Dev and ITPro technologies @itcampro / #itcampro
14. What to expect?
Life without passwords…
Passwords in the Web
Protected Storage
VNC
Wireless (In) Security
Passwords in the Operating System
Rainbow tables
Cracking toolkit
Summary
Premium conference on Microsoft’s Dev and ITPro technologies @itcampro / #itcampro
15. VNC
DEMO
Premium conference on Microsoft’s Dev and ITPro technologies @itcampro / #itcampro
16. What to expect?
Life without passwords…
Passwords in the Web
Protected Storage
VNC
Wireless (In) Security
Passwords in the Operating System
Rainbow tables
Cracking toolkit
Summary
Premium conference on Microsoft’s Dev and ITPro technologies @itcampro / #itcampro
17. Wireless (In) Security
DEMO
Premium conference on Microsoft’s Dev and ITPro technologies @itcampro / #itcampro
18. What to expect?
Life without passwords…
Passwords in the Web
Protected Storage
VNC
Wireless (In) Security
Passwords in the Operating System
Rainbow tables
Cracking toolkit
Summary
Premium conference on Microsoft’s Dev and ITPro technologies @itcampro / #itcampro
19. Crack Basics: Windows
• Locally: Security Accounts Manager
• Domain: NTLS
• Direct reading? Why not?
– SAMInside, Cain, ERD Commander, pwdump
+ LC5, john the ripper
• PSTORE
Premium conference on Microsoft’s Dev and ITPro technologies @itcampro / #itcampro
20. SAM (Tools), DefineDosDevice, System Privileges, SAPD,
Notification Package, GINA.DLL
DEMO
Premium conference on Microsoft’s Dev and ITPro technologies @itcampro / #itcampro
21. What to expect?
Life without passwords…
Passwords in the Web
Protected Storage
VNC
Wireless (In) Security
Passwords in the Operating System
Rainbow tables
Cracking toolkit
Summary
Premium conference on Microsoft’s Dev and ITPro technologies @itcampro / #itcampro
22. Rainbow Tables
• OphCrack
• RainbowCrack
• http://www.insidepro.com/tables.php
• http://www.freerainbowtables.com/en/tables/ntlm/
• https://www.objectif-
securite.ch/en/products.php?hash=EE84987FE4DC6997
ABD2655ED5D5C144&drgn=2
Premium conference on Microsoft’s Dev and ITPro technologies @itcampro / #itcampro
23. What to expect?
Life without passwords…
Passwords in the Web
Protected Storage
VNC
Wireless (In) Security
Passwords in the Operating System
Rainbow tables
Cracking toolkit
Summary
Premium conference on Microsoft’s Dev and ITPro technologies @itcampro / #itcampro
24. Password Cracking Tools
• Linux
– John the Ripper (http://www.openwall.com/john/)
• Windows
– John the Ripper
– SamInside / Passwords Pro (http://www.insidepro.com)
– Cain (http://www.oxid.it/cain.html )
– LC5 / pwdump
– Top 10 Tools: http://sectools.org/crackers.html
Premium conference on Microsoft’s Dev and ITPro technologies @itcampro / #itcampro
25. What to expect?
Life without passwords…
Passwords in the Web
Protected Storage
VNC
Wireless (In) Security
Passwords in the Operating System
Rainbow tables
Cracking toolkit
Summary
Premium conference on Microsoft’s Dev and ITPro technologies @itcampro / #itcampro
26. Summary
• Have your own dictionary file
• Use well-designed password policies
• Train users – show them what may
happen if their password is revealed
• Test your users’ passwords
Premium conference on Microsoft’s Dev and ITPro technologies @itcampro / #itcampro
27. Q&A
Premium conference on Microsoft’s Dev and ITPro technologies @itcampro / #itcampro
28. Don’t forget!
Get your free Azure pass! We want your feedback!
• 30+15 days, no CC req’d • Win a WP7 smartphone
– http://bit.ly/ITCAMP11 – Fill in your feedback forms
– Promo code: ITCAMP11 – Raffle: end of the day
Premium conference on Microsoft’s Dev and ITPro technologies @itcampro / #itcampro