But if you start with a dictionary word, and you assume that the capital comes at the beginning (where most English speakers would feel comfortable to remember it), the inclusion of special characters is not so strong. It's not as if the user is making Troubador into T&ou(ado* (where any letter is replaced with any special character). They're using 1337$p33k, where specific letters have a 1:1 substitution with another. For this, you don't need to search a large alphabet. You search a dictionary, and use every leet-appropriate substitution for a given word.
John is pretty good at this.
Windows NTLM passwords cracked in 6 hours
DefCon crack me if you can is going on right now, so John and hashcat may get an upgrade in the following weeks
It is refreshing to see a production where they actually did some research, and use actual commands shown in a believable way, using common *nix commands like 'ifconfig' and 'cat' piped to 'grep'. He's using John the Ripper to crack their passwords, and both Gnome and KDE are mentioned as desktop environments. On top of that it's a good show :)
When you learn to love the command line, you will understand why so many find it powerful and why it is prefered. There is a reason Linux is used in everything IT, from the smallest to the most mission-critical.
No, not breaking AES. That would be major. I bet he's talking about brute forcing weak passwords on encrypted disks. I've heard that TrueCrypt doesn't stretch users keys much, so it's easier to go through all passwords of a certain length (not sure how long). They will also use known password and passphrase attacks.
https://code.google.com/p/truecrack/
That's why it's very important to use a long nonsensical passphrase to protect your encrypted disks.
Haha its so funny, they have no idea how it works. I like how he suggests changing "password" to "pa$$word" like no one's going to guess that. Tools like L0phtCrack and John the Ripper try that shit in a dictionary attack. It's not much harder to guess.
ha, anyone who cares to can easily get into your wep and wpa2 router anyways. They should be checking that we all have pass phrases that aren't dictionary words, or predictable permutations thereof.
For hacking or guessing the password (implying that you have the authentication interface and you are slugging password attempts through it), maybe.
For cracking it (implying that you have the encrypted password and are running it through a cracker), however, I've done experiments and seen results that suggest otherwise.
We took lengthy (16+ characters) passwords and ran them through a freeware cracker like John The Ripper. The uncomplicated passwords, i.e. only using lowercase alphanumeric characters such as correcthorsebatterystaple, were cracked in a matter of moments. Even introducing a single capital letter / substituting letters for numbers caused the break time to increase extremely quickly.
If you complicate the holy living hell out of your password -- and remember it, since that is what XKCD is addressing -- it will be more secure than a simple alphanumeric password.
I've taken to using the following convention:
[capital letters relating to interface][monthyear][plaintext word][two symbols]
For example, if I were to use the above for my reddit password, it would look like this:
RD0911goodpassword!#
Then it simply becomes a matter of remembering what interface you're using and what the special characters are. The rest of it is intuitive.
Yes, first of all, there are two different types of pdf passwords, one where the PDF is encrypted and so-called "edit passwords" which only protect the PDF from being edited. I'm assuming the PDF is encrypted.
First you need to make a list of all the possible combinations. I wrote a little python script that generates all upper/lower case combinations of a word:
#!/usr/bin/env python3
# generate all upper/lowercase combinations of a word. # non-letter characters will lead to duplicates.
import itertools
password = "test".lower() # edit this password case_combos = itertools.product((True,False), repeat=len(password))
for c in case_combos: combo = "" for i,x in enumerate(password): combo += x.upper() if c[i] else x print(combo) # optimize printing if list is very large
Then you need to extract the hash from the PDF file.
Now you can use hashcat (uses GPUs and is typically faster) or John (typically slower, uses CPU, but is a bit easier to use), to crack the password.
John the ripper apparently has a rar plugin. I've never used it, but short of doing a real crypt-analysis of your rar, that's the best you're going to get.
You can learn about the wonderful world of password cracking. There's a whole subculture in the hacking community around password cracking and proper password storage. Here is a really cool article where an editor for ArsTechnica teaches himself how to build a starter cracking rig. Efficient password cracking is very useful for pentesters as well. When a pentester is working a target company, a tailored wordlist and a custom config plugged into John the Ripper could get more results faster. If the passwords you're looking at are already cracked (like the ones in the article you mention) you can study what words occur the most for the given target site. If the passwords are hashed, you can test out trying to crack em.
Also, check out leakedin. They monitor several pastebin-type sites for 'interesting strings'.
>Would it be pretty much unusable because they wouldn't have the passphrase I assigned to it?
If it was a long, unguessable passphrase, then probably for most adversaries.
Tools like John the Ripper can be used to crack the passphrases on private keys:
http://www.ubuntuvibes.com/2012/10/recover-your-gpg-passphrase-using-john.html
Of course if you are up against the NSA, things are a little different.
From Edward Snowden: "... Please confirm that no one has ever had a copy of your private key and that it uses a strong passphrase. Assume your adversary is capable of one trillion guesses per second. ..."
https://www.wired.com/2014/10/snowdens-first-emails-to-poitras/
I recommend using something like John. For John you will need the 'jumbo' version and to use the included 'zip2john' tool to get the password hash out of the zip for cracking.
There are many alternative password crackers as well (Hashcat, etc.) and some may work better for your computer, just make sure you get them from their source companies and not from malware laden sites.
x264 is probably the example of an open source program that utilizes all sorts of SIMD instruction sets, cache efficiency and optimized asm. Generally they are added if they look useful and someone gives them access to a machine with them. A particular example that comes to mind is optimizing for microarchitectures that weren't even released yet.
The only other things that come to mind that even come close are jtr and BLAS.
Here's some numbers on brute forcing your password.
You'd need to find your wallet file (device probably needs to be rooted), use a program to generate the passwords (maybe John the Ripper http://www.openwall.com/john/doc/) but you'll likely need to modify said program to decrypt the wallet file using a different method from cracking a password file, unless it uses standard wallet encryption - see below. You can most likely reduce the number of time required to crack the wallet file by using any information you have about your password. This, to me, sounds like a lot of effort for a chance to retrieve your coins. If I were doing this I'd install coinomi on an emulator, create a wallet with a known strong password, then fetch the wallet so you can test the pw cracking program. I don't think there's anything out there specific to this (if it's using standard wallet encryption you can try this https://github.com/glv2/bruteforce-wallet). I would be weary allowing anyone to "assist" you. This sounds like an interesting project but might not be worth the effort. Good luck.
It's been a while since I played with John The Ripper, but that's where I'd turn. You can feed it a custom word list and it will attempt to brute force all possible combinations. However, I don't think it contains a BIP38 module, so you'd probably only use it to generate your list of possibilities. Here's an old thread where somebody combined it with the Bitcoin Address Utility.
But I think the chances are rather slim given the keyspace you implied. 10 words of 5 possibilities each is only about 23 bits of entropy, which would be manageable except that BIP38 employs scrypt to intentionally slow down brute forcing efforts. You'd have to try up to 9,765,625 permutations, which would take a very long time. If there's anything you can do to reduce the keyspace, it would greatly increase your chances of recovery.
Keep your passwords secure people. I can't believe that Rockstar Social Club doesn't allow special characters! An 8 char alpha-num pass can be cracked on cloud computing-powered hacking websites in a few minutes, or even a few seconds.
Make that password 16 chars long at least, and completely random. Dictionary words and altered dictionary words (c@t and d0g) are not secure. They also make passwords less secure when embedded within them e.g. 1234ilikedogsandcats1234.
Use Keepass or similar and keep those passwords long and random.
Be aware that this, and much more like it exists: http://www.openwall.com/john/
>Is it safe to save files to persistence.
Safety is relative and depends on who your adversaries are.
It also is heavily dependent on how good the passphrase that you used to encrypt the persistent volume is.
>is there any way that an outside entity could corrupt/infiltrate the USB drive to view or modify the files?
If they just have the USB flash drive, then they can easily corrupt files on it by writing random data to random places in the persistent volume. They won't be able to tell what files they've corrupted or be able to corrupt them in any non-random way, but you won't be able to recover them.
If they are able to guess your passphrase, then they will be able to view your files.
They could use something like John the Ripper to automate the guessing of your passphrase:
http://www.cybercrimetech.com/2014/08/how-to-brute-forcing-password-cracking.html
If your drive is booted up and your persistent partition mounted, then they would be able to get to the data from a remote location if they have discovered enough exploits to break out of the browser and the AppArmor protection that prevents the browser from accessing files in the persistent volume outside of /home/amnesia/Persistent/Tor Browser.
They could also get to the persistent volume's data if they are able to install a BIOS exploit into the firmware on your machine:
http://www.wired.com/2015/03/researchers-uncover-way-hack-bios-undermine-secure-operating-systems/
You should use a machine dedicated to running Tails so you don't have to worry about a Windows exploit being used to compromise your BIOS which could then be used against you when you boot Tails.
This site might be relevant to your interests: http://www.openwall.com/john/doc/.
And if you're bored, you should download the Gawker dump and bruteforce it with JtR. I did it a while back for educational purposes and it was a great success.
I "checked" my work again. It's "narrowed down" to 9, 10, 12, or 42 characters. No other options (i.e., it would not be 11 characters, or 13-41)... But still 72 choices per character (upper case letters, lower case, 0-9 digits, special characters on 0-9 on standard American keyboard).
I'm pretty sure I have access to that small GPU farm. Can you write a utility for this? Or would one of the already-available password cracking utilities work? Like maybe http://project-rainbowcrack.com or http://www.openwall.com/john/
John the ripper is peobably the best choice. May have to write a custom module of conversion for your particular wallet though.
Depending how much key-stretching (repeated hashes to take a certain amount of machine time), you may need a very good idea what the password is as well.
I lost some to multibit myself. Not sure if I ran into a software bug, or I entered the password wrong twice (manually tired a few dozen variations).
You can use the word mangling feature in John and that will do what you want.
http://www.openwall.com/john/doc/EXAMPLES.shtml
"5. To catch weak passwords not derived from readily available users' personal information, you should proceed with cracking modes demanding more processor time. First, let's try a tiny wordlist with word mangling rules enabled:
john --wordlist=password.lst --rules mypasswd
or abbreviating the options:
john -w=password.lst -ru mypasswd"
Crunch can also be used to generate wordlists, but will generate all possible combinations from a specific character set: https://tools.kali.org/password-attacks/crunch
>I'm new to Linux and I don't know how to fix this
It appears your attempting to manual compile john the ripper pen testing software.
The software highly likely did not compile due to unsatisfied software dependencies.
Also looks like your attempting to compile the 32 bit version which if your running 64 bit debian may not be compatible or may still have unresolved software bugs in the 1.8 version.
Have you checked the debian software repositories for a .deb package for debian that's already been pre compiled buy the debian maintainers?
If your desire to want the 1.8 version is founded by the 1.8 version being the "most updated" your unlikely to find a working build of 1.8 version of john the ripper being actively distributed by many linux distributions due to how many distros manage not distributing unstable or testing software.
You may find an older version more easily.
Gentoo Linux for example being a build everything from sourcecode distro doesn't currently offer the 1.8 version of John in the main package tree.
erebus ~ # eix john app-crypt/johntheripper Available versions: 1.7.9-r6 ~1.7.9-r10 ~1.7.9-r11 {cuda custom-cflags libressl -minimal mozilla mpi opencl openmp CPU_FLAGS_X86="mmx sse2"} Homepage: http://www.openwall.com/john/ Description: fast password cracker
John The Ripper apparently in the 1.7.9 version will only compile with GCC 4.8 compiler version which on gentoo has been made largely obsolete. This could be the main reason why it will not build on debian. last time i checked debian depreciated gcc 4.x a year or more ago.
Welcome to the everyday things you learn by using Gentoo Linux. If your still intrigued and want to learn some general software development fundamentals Gentoo awaits you.
Oh, interesting. From the examples it shows, it appears that it just iters through each line in some input it receives and tries using that as a password to decrypt the file. Since john can be used to make random passwords, it could be used to supply input. From the documentation for john, john -i
generates passwords in "incremental" mode; you can read more about that here.
Get the community enhanced windows binaries. There isn't really an install procedure as such, it is just a binary. You run it on the command line.
Usage examples http://pentestmonkey.net/cheat-sheet/john-the-ripper-hash-formats
You will need to find some good word lists too.
Ubuntu? Maybe you should take a look at Kali instead.
John The Ripper is a commonly used tool (http://www.openwall.com/john/). There are plenty of others, though.
You can 'not deal with password lists', by making a brute force attack instead of an wordlist attack but it's not really recommended. Having a password/word list is the tradeoff for trying a more targetted and thus faster and 'better' aproach.
Oracle's Solaris support site says the default password hash algorithm is crypt_sha256 so that's probably the best thing to assume unless you definitely know different.
Have you tried 'John the Ripper' on it ?
See: http://docs.oracle.com/cd/E23824_01/html/821-1456/secsys-15.html and http://www.openwall.com/john/
Two months late, but I figured I'd add something. If you run across "book246.zip", allegedly containing a "book246.pdf", yes, it is a scam. I decided to throw John the Ripper at it to see if it come up with a password. Took 8 minutes; the password is "ahamay", as I could've discovered if I'd checked Google first. The PDF is just a 15-page document entitled "HOW TO DOWNLOAD A FILE FROM THE INTERNET?". I opened it up in a hex editor, and it seems there's an embedded object which is just a stream of repeating garbage that was used to fill it out to 14MB to make it look the size of a typical large book.
File hashes:
SHA1: 690b013c2d9baced17d60badecd801573b761cd4 book246.zip a569a993a9c98158c9eef2e22561ec03b9f8b8b8 book246_pdf.zip f797852bb457a6f77f8fb27312ed12aa7a332b47 book246.pdf
MD5: b9153626eb3b1200a2f24135310fd0d4 book246.zip 46a0655a7a992678983bb6a57d75abf5 book246_pdf.zip 4a534269dbea8dab76726cebdfbda412 book246.pdf
Sometimes if youse pirates stuff, youse gets whats youse pays for.
Very true, unfortunately. But, we can at least put the ideas out there for them to see the possibilities.
The FBI, no doubt, has custom versions of these programs running on machines with some fast graphics cards for processing power:
If your son has used the sudo command, you can get his encrypted password.
Encrypted passwords are stored in /etc/shadow, but can only be accessed by root.
Copy both /etc/passwd and /etc/shadow somewhere, like a flash drive or email it to yourself.
Then, install john the ripper.
Within the install directory, there will be a program that lets you merge passwd and shadow files, so you'll need to figure out how that works, then merge the copied files.
After that, you can run john, and it will try to brute force the passwords.
Doubling your passwords to [password][password] won't help a whole lot. It would force an attacker to try both singular and doubled variants when guessing passwords, but that's only a 2x increase in difficulty (1 bit). In contrast, adding another random character (to make a 15 character password) would be a 94x increase (6.55 bits).
Cracking tools are sophisticated enough to guess stuff like doubled passwords. John the Ripper has a set of password mangling rules: when it tries "foo", it can also try "foofoo", "foo1", "f00", "Foo", and so on.
The good news is that your 14-character password is already really strong. It has about 91.8 bits of entropy, which is about equivalent to a 7-word Diceware phrase. According to the Diceware FAQ, the people who need that kind of security also need to take countermeasures against secret agents. :)
But if you still want to make your password even more secure (maybe you just love overkill security -- I do!), you might want to try Diceware and see how many words you can memorize. You might have a better memory for words than for random characters -- and you only need to memorize half as many words in order to get equivalent security.
I like Diceware, in case you haven't noticed.
The suggestions by other posters are good (I'd have suggested using a password reset tool too - I've used John the Ripper in the past with success), but, and this is a biggie...
If you use NTFS file and folder encryption and reset your password using these methods, you will lose access to your encrypted files.
If you don't use or know what NTFS encryption is... then carry on, it shouldn't affect you.
you could give a try to pyethrecover
for the list you can try to derive all type of combinations using a tool like john the ripper
Filevault can definitely be attacked using optimized tools such as JTR(JohnTheRipper). This will allow you to guess many more passwords in a fraction of the time as well as apply dictionaries/rules to increase the chances of getting it. Have a look here: http://www.openwall.com/john/
Context doesn't matter; there are loads of tools out there that do the same - see JohnTheRipper or Hashcat; if anything this will be slower than existing tools (and currently it is) I just want to see how fast I can get it compared to the competition for personal satisfaction.
md5 isn't the issue; the hex is just a way to represent the integer value of the hash.
As an Ethical Hacking student these kind of projects are not abnormal.
Its not unethical to create a personal version of something that is already publicly available.
> Those are password hashes, not actual passwords.
They're limited length salted simple DES encrypted passwords and subject to lovely dictionary attack.
Being decades old, it'd be fine to post john's results. I'd do it myself but I'm short on CPU cycles here.
Based on the FAQ, hashcat-legacy should run on any CPU, but I'm not sure how the command line differs. Apparently Hashcat (The one you downloaded) supports all OpenCL compatible CPUs (as per the FAQ).
Worst case, if both those don't work (But try them), fall back to John The Ripper, which I know some people like more, but I've never gotten around to ever using it. If you do use it, I'd be interested in your opinion of it.
I'm sure using one of the above tools, proper command-line fu, and GNU parallel, you could probably have a multi-CPU multi-computer cracking cluster going on in your house, which sounds fun.
Possible route:
Make a Kali USB disk, and boot the computer to that. Assuming it's just the home folder that's encrypted, mount the local drives, and cat
out {mounted disk}/etc/shadow
; if there's a hash in there next to his username, you might be able to crack it over a few weeks using John the Ripper (package name is john
for most distributions: sudo apt-get install john
, once you've got a terminal ready). Basically, run john --fork=4 --incremental {mounted disk}/etc/shadow
(--incremental makes it run through everything as a brute force; --fork=4 makes it throw all 4 of a quad-core machine's processors at it), and wait until it finds a match.
Could take ages if your husband had a long or complex password - my machine will try about 480 passwords a second, and my password should take some 300 billion years to crack at that rate. Still, it's your only shot, really. There's wordlist options you can try, too - you can seed the list with words your husband might have used, and use --wordlist={annotated list} --rules (which will add common mangling combinations, like caps, word separations, and number substitutions). Using this method, my personal password would take a maximum of 3 weeks to crack.
Hopefully, the encrypted partition is encrypted with the user's password, and not a second authentication token, and you'll be able to log in.
If you don't understand any of that, please PM me, and I'll see what I can do to help out.
John on Linux has a powerful configurable password munger that will meet your needs. There's a slight learning curve to the configure syntax, but it is extremely powerful and configurable.
http://www.openwall.com/john/doc/EXAMPLES.shtml
You can use John the Ripper on Tails or other Linux OS:
Install on Tails:
As root:
apt-get update (may take a little while, 5 - 20 minutes depending of the speed of your Tor connection)
apt-get install john
See this for a script to use with john:
http://www.cybercrimetech.com/2014/08/how-to-brute-forcing-password-cracking.html
man john > (...)
> SYNOPSIS
> john [options] password-files
> DESCRIPTION
> This manual page documents briefly the john command. This manual page was written for the Debian GNU/Linux distribution because the original program does not have a manual page. john, better known as John the Ripper, is a tool to find weak passwords of users in a server. John can use a dictionary or some search pattern as well as a password file to check for passwords. John supports different cracking modes and understands many ciphertext formats, like several DES variants, MD5 and blowfish. It can also be used to extract AFS and Windows NT passwords.
> USAGE
> To use John, you just need to supply it a password file and the desired options. If no mode is specified, john will try "single" first, then "wordlist" and finally "incremental".
>
> Once John finds a password, it will be printed to the terminal and saved into a file called ~/.john/john.pot. John will read this file when it restarts so it doesn't try to crack already done passwords.
> (...)
About the modes: I don't know, find out. I never used this.
> But if you use hunter2+reddit.com and I gain that.
How exactly are you going to do that? Aside from the fact that cracking the full sha256 would take ~0.65 billion billion years. You're only sending a small subset of that.
If you use Length(sha256)-1 that means there are 15 unknowns. Meaning you'd have to crack 15 passwords, try them all to see which one it was. (9.75 Billion years, give or take). Length(sha256)-2 means that there are 15^2 (146.25B years).
By only using 20 characters that means you're looking at trying to crack and test 15^44 passwords.
And that doesn't preclude you from doubling or tripling up on the hashing..
And if you have a method for doing that you could probably retire from the NSA after making a lot of money.
> I have a few different passwords I use with slight variations
So something that is easy for a computer to do? John the Ripper already has the ability to test 'similar' variations. So common substitutions like O/0, 1/l, s/$ are done instantly and don't add much difficulty. You hope that every site you signup with has a salt but there is no way to guarantee that.
I have the password. But I will post how I got it so you can learn something. If you aren't able to reproduce it then you can ask me for help or I'll just give it to you.
HOWTO:
Depends a lot on the passphrase.
This blog post gives some good information on hardening the private key encryption protection.
http://nullprogram.com/blog/2012/06/24/
Programs like this one are what could be used against you:
>If someone gets my secring.gpg do they have all my private keys?
Yes, if they crack the password you used when you created the keys.
If you used the password "password1", they will be able to instantly crack your private key and decrypt any messages they have that were encrypted to you.
If all you need is one of 10 words + some number, it's trivially easy, if you know what the 10 different words can be.
Might take a bit of reading to get it set up, but that's what you want.
Aircrack alone does not allow you to just pause or continue.
Look into John the ripper. http://www.openwall.com/john/
You would use a command such as:
john --wordlist="password Dictionary" --rules --stdout | aircrack-ng -e ssid -w - "capture file"
If you want to continue use the command:
john --restore | aircrack-ng -b bssid -w - "capture file"
found it, it was call john the ripper not jack lol
basically it uses a word list to try to brute force the password, not even sure if it will work at ALL with a wallet file FYI
also used some other program to generate the word list but can't remember that name at all
For reference: http://www.openwall.com/john/doc/MODES.shtml
I assume most hackers go with a dictionary or rainbow table attack honestly as with a giant corpus it would yield at least a decent size of results. The reality is when you see dumps of bank/website user dbs with hashes, the idiot passwords are cracked almost immedately. (Doesn't hurt that they often use really awful or non-existent salts)
P.S. Can we make it mandatory for all CS majors to take a crypto class. Or, at the very least, tell them to salt their passwords properly. I mean, there are slow algorithms and best practices already laid out too. I mean, really, instead of the 20th class on LAWLOPTIMALDESIGNPATTERNSYOUWONTREMEMBER, maybe this kind of stuff should be at paid training once and awhile.
Yeah, surprisingly these kinds of passwords are still pretty common. It's funny that the password restrictions put in place do very little for the security of passwords. For example, "password" becomes "Password1" (abiding by different case and adding a numeral), which is almost just as easy to crack. The more restrictions in place, the more likely the user is going to become pissed off as they wont remember their password, resulting in loss of customers (for big e-commerce websites, atleast).
Here's a list of commonly used passwords that I tried, and how many that were cracked (obvs. not scientific results, but just to get an idea):
If any one is interested in playing around with cracking passwords (white-hat style, of course), John the Ripper is pretty good. Bruce Schneier's article is also very good if you're into this kind of thing.
I just completed a subject on cryptography / security, so all this is fresh in my mind. :)