2. Who am I?
➢ Director of Engineering at Web Hosting Canada
➢ Previously partner and Head of DevOps at SiteGround
➢ A SysAdmin and System Architect
➢ A hacker at heart
3. We will be talking
➢ passwd
➢ Enigma
➢ Password cracking
➢ Abusing cryptography
9. passwd - cracking
hackman@possum:~/john-1.9.0/run$ cat pass2
00xQPHYlVDIw6
hackman@possum:~/john-1.9.0/run$ ./john pass2
Loaded 1 password hash (descrypt, traditional crypt(3) [DES 256/256 AVX2])
Press 'q' or Ctrl-C to abort, almost any other key for status
password (?)
1g 0:00:00:00 100% 2/3 33.33g/s 8533p/s 8533c/s 8533C/s
123456..horses
Use the "--show" option to display all of the cracked passwords reliably
Session completed
10. passwd - cracking
hackman@possum:~/john-1.9.0/run$ cat pass2
00xQPHYlVDIw6
hackman@possum:~/john-1.9.0/run$ ./john pass2
Loaded 1 password hash (descrypt, traditional crypt(3) [DES 256/256 AVX2])
Press 'q' or Ctrl-C to abort, almost any other key for status
password (?)
1g 0:00:00:00 100% 2/3 33.33g/s 8533p/s 8533c/s 8533C/s
123456..horses
Use the "--show" option to display all of the cracked passwords reliably
Session completed
11. passwd - cracking
hackman@possum:~/john-1.9.0/run$ tail -n3 password.lst
notused
sss
myVerySecurePassword
hackman@possum:~/john-1.9.0/run$ ./john pass
Loaded 1 password hash (descrypt, traditional crypt(3) [DES 256/256 AVX2])
Press 'q' or Ctrl-C to abort, almost any other key for status
myVerySe (?)
1g 0:00:00:00 100% 2/3 50.00g/s 179200p/s 179200c/s 179200C/s
snowski..internet
Use the "--show" option to display all of the cracked passwords reliably
Session completed
12. John the Ripper
$ ./john
John the Ripper password cracker, version 1.9.0
Copyright (c) 1996-2019 by Solar Designer
Homepage: http://www.openwall.com/john/
21. Chosen plaintext
➢ Attacker sends a predefined plaintext
➢ Victim sends back encrypted message
➢ Essentially every crypto handshake
Wikipedia: Chosen plaintext attack
22. Chosen ciphertext
Wikipedia: Chosen ciphertext attack
➢ The attacker selects the ciphertext
➢ Sends it to the victim
➢ Victim returns the corresponding plaintext or some part of it
➢ Adaptive?
➢
if the attacker can chose the ciphertext based on previous
outcomes
23. Known plaintext
➢ Attacker has access to the plain text
➢ Attacker has access to the original or parts of the original
ciphertext
24. Known plaintext
➢ Attacker has access to the plain text
➢ Attacker has access to the original or parts of the original
ciphertext
➢ AND THIS IS HOW Enigma got cracked
Wikipedia: Known plaintext attack
27. SSL Attacks
1998 Chosen Ciphertext Attacks Against Protocols Based on the RSA Encryption Standard PKCS #1
2014 Bleichenbacher SSL
➢ SSL/TLS uses public key cryptography
➢
public key
➢
private key
➢ You always have the public key
➢ You can execute chosen cihpertext attacks
➢ You have an oracle to work with (web servers)
28. SSL Attack
➢ BEAST 2011
➢
an attacker observing 2 consecutive ciphertext blocks C0, C1
can test if the plaintext block P1 is equal to x by choosing the
next plaintext block P2 = x C0 C1; as per CBC
⊕ ⊕
operation
➢ CRIME 2012
➢
chosen plaintext attack where the attacker observes the size
of the message, when chosen plaintext controlled by attacker
is provided
➢ BREACH 2013
➢ POODLE 2014
29. SSL Attack
➢ BEAST 2011
➢ CRIME 2012
➢ BREACH 2013
➢
similar to CRIME but uses the well defined structure of gzip
or deflate compression algorithms
➢ POODLE 2014
➢
injecting data in the HTTP response’s padding
30. Cracking WiFi
➢ Start by identifying the Wifi network
➢
if hidden, use Kismet to find it
➢ Use aircrack-ng to capture the Wifi traffic
➢ Use aircrack-ng to crack the password
➢ You would need a good dictionary to be successful
Aircrack-ng - cracking WPA