Cracking Windows passwords in 5 seconds (Cool concept, unless you, you know, use Windows)

SecurityFocus BUGTRAQ Mailing List ^ | July 22, 2003 | Philippe Oechslin

[Timesink]

To: BugTraq

Subject: Cracking windows passwords in 5 seconds

Date: Jul 22 2003 8:37PM

Author: Philippe Oechslin

As opposed to unix, windows password hashes can be calculated in advance because no salt or other random information si involved. This makes so called time-memory trade-off attacks possible. This vulnerability is not new but we think that we have the first tool to exploit this.

At LASEC (lasecwww.epfl.ch) we have developed an advanced time-memory trade-off method. It is based on original work which was done in 1980 but has never been applied to windows passwords. It works by calculating all possible hashes in advance and storing some of them in an organized table. The more information you keep in the table, the faster the cracking will be.

We have implemented an online demo of this method which cracks alphanumerical passwords in 5 seconds average (see http://lasecpc13.epfl.ch/ntcrack). With the help of 0.95GB of data we can find the password after an average of 4 million hash operation. A brute force cracker would need to calculate an average of 50% of all hashes, which amounts to about 40 billion hases for alphanumerical passwords (lanman hash).

More info about the method can be found at in a paper at http://lasecwww.epfl.ch/php_code/publications/search.php?ref=Oech03.

Philippe Oechslin

[general_re]

if you can get the hashed version of the password you can then crack it as they don't use any "salt" in the hash.

That's sort of like giving flying instructions akin to "Step one: Once you're airborne..." - the problem is getting hold of the hashes in the first place.

Its my understanding that if you sniff the wire when login into a domain you might be able to get this hashed password.

Kerberos and IPsec will prevent that - assuming that the bad guy managed to "Mission:Impossible" himself into your building in the first place ;)

[Ramius]

hehehe... nice policy, if you can get it. Like they say: this networking crap would be a lot of fun if it weren't for all these darn *users*.

One thought though: An indefinite lockout makes for the easiest DOS attack on the planet.

[chuckles]

I don't know about 2000 or XP, but in 98 you just boot from a floppy and delete all *.PWL files and then reboot with your own PW. I can't see why NT based OS would be different.

[Ramius]

How many people, given full access to an ATM or POS terminal, could debit the accounts of other bank customers?

An ATM or POS term doesn't give you access to the machine. Can't reboot it from there to another system, yadda yadda yadda. But can you say the same thing for somebody that has access to the *inside* of the ATM??

*That's* access.

[Ramius]

Win 98 doesn't have security, and never even pretended to. The login there is really only for setting profiles and little else.

[general_re]

For the truly paranoid, and/or those who have a fetish for truly fascist security schemes, the NSA published a series of guides about locking down Windows 2000 a few years ago. Although it's good to look through for tips about stuff that might have been missed, I recall leafing through it and thinking that only the truly masochistic would feel compelled to implement it all ;)

[general_re]

Truly, I could have said "truly" once or twice more. F*** it - it's late... ;)

[Southack]

If you are inside **either** an ATM or a Windows PC, you can take the hard drive or the cash or whatever, but that physical strategy is useless against the ATM's security sytem for the bank's customers, as no matter what you do to the ATM (well, barring running the machine and copying new cards from the typed in PINs), you can't touch the actual accounts of other bank customers, and certainly can't do it en masse to the entire bank.

So putting networked PC's in vulnerable locations, combined with storing critical data on a secure LAN, would seem to have some level of security value. That's what works for ATM's and POS terminals, after all.

And we're all wired. This is the 21st Century. We all have access to the biggest LAN around.

Pity that not all of our security takes that fact into account...

[Dimensio]

You forgot the one about setting up a "guest" account and naming it "administrator" to throw off would-be intruders.

[Ramius]

I did go through that. Funny you should mention it, and you're right. Only people that have a dungeon in the basement could endure it.

With *any* system, there is a trade-off between security and usability. Perfect security is impossible. Excellent security is possible, but most users will only put up with it for a little while before they go screaming to the board of directors wanting someone's head on a plate.

Good security is what we settle for in the real world.

Like I told my board of directors once: Look, you can spend however many millions of dollars on system security that you want, but you're protecting that server room with a twenty dollar lock.

[cspackler]

"Well, yes. Physical access to any machine is pretty much the same as complete access. Mostly."

"I don't see it, even with the "mostly" caveat tossed in."

If you can get physical access to a windows machine, there are some cute tools to crack every password on the system. The only guard against these is to enforce complex passwords that have no patterns. Simple passwords can be cracked in seconds, complex take forever. The beauty of Windows...

[Ramius]

I'm not disagreeing with you... perhaps we're just playing a semantic game with the meaning of "physical access". I would say that walking up to an ATM isn't access, any more than hitting a bank's web site is. Access to the box and the ability to reboot it to your own system... *that's* access.

[HAL9000]

Physical access to any machine is pretty much the same as complete access. Mostly.

The next version of Mac OS X will have on-the-fly encryption/decryption of the user's home directory. With that system, mere physical access will not be sufficient for an unauthorized person to use your files.

[Southack]

"The only guard against these is to enforce complex passwords that have no patterns."

Nonsense. Bank account holders are protected by a simple 4 digit PIN for a password, yet gaining full physical access to an ATM won't help you crack open and debit all the account holders of the entire bank.

Hmmm... Simple password, but secure system. Wow, that must be an **architectural** solution to a security problem as opposed to a simple tactical solution!

To paraphrase Star Wars, "Use the network, Luke"! Secure the network. Put critical data on your secure system. Put worthless or trivial data on your vulnerable PC's.

Get the picture?!

[Ramius]

I have a tool that, if you can boot on it, will crack all the passwords complex or otherwise on a windows, NT, 2K or XP box. That's why we don't rely on local windows hashes to protect networks.

Network managers need those tools though, to get *back* into machines when the @#$%@#$ user has flummoxed the whole thing up while they were drunk in their hotel room.

And just for the record... give anybody worth their salt physical access to a unix or linux box and they'll own that one too. It ain't a windows thing. It's a computer thing. Systems Security doesn't mean cutting off all possible access once you have physical control of the box. You wouldn't want that, even if you could get it.

[tortoise]

Physical access to any machine is pretty much the same as complete access. Mostly.

Only for the most poorly secured systems. Strong security such that access to the physical machine won't net you anything is pretty cheap these days, even if they have the ability to install rudimentary sniffers on the hardware. It is not even particularly inconvenient at that.

[Southack]

"I would say that walking up to an ATM isn't access, any more than hitting a bank's web site is. Access to the box and the ability to reboot it to your own system... *that's* access."

You can steal and reboot an ATM or POS terminal from now until doomsday, but that won't let you access the secure data, simply because the secure data is protected by an architectural solution (i.e. storing critical data in a secure location while putting trivial or worthless data in the vulnerable remote locations where ATMs and POS temrinals spend their working days).

If you are depending upon physical access being denied in vulnerable locations, then something is wrong with your concept of security. For God's sake, at the very least encrypt everything on your hard drive so that first pass physical access is worthless.

Or better yet, take it to the next level and use the Net to isolate and connect vulnerable PC's to and from their critical data.

[general_re]

Good security is what we settle for in the real world.

That's about the size of it. I make things difficult for people who might want to break in, hopefully difficult enough that the effort is not worth whatever they might recover, but I have no illusions about making it impossible for people to break in. And so besides me and my coworkers worrying about network security, we have a host of folks whose job it is to worry about physical security. If they do their job, and we do ours, the results should be more than enough to protect us from the black hats of the world, but neither of us is worth much without the other.

Like I told my board of directors once: Look, you can spend however many millions of dollars on system security that you want, but you're protecting that server room with a twenty dollar lock.

I once pointed out to a co-worker that if the information on his system were really valuable enough to me, no password policy and no encryption in the world could prevent me from taking a rubber hose and simply beating his password out of him... ;)

[tortoise]

And just for the record... give anybody worth their salt physical access to a unix or linux box and they'll own that one too.

That depends on how it is set up. I have a highly secure FreeBSD system that all the physical access in the world won't give you access to. Your ideas on security have been polluted by conventional practice.