Password Attacks - PowerPoint PPT Presentation

1 / 32
About This Presentation
Title:

Password Attacks

Description:

Database of default passwords is publicly available at ... Unzip. John the Ripper. compiler. Start. John the Ripper. Cracking the password. Got the password ... – PowerPoint PPT presentation

Number of Views:1178
Avg rating:3.0/5.0
Slides: 33
Provided by: mini180
Category:

less

Transcript and Presenter's Notes

Title: Password Attacks


1
Password Attacks
  • Mike

2
Guessing Default Passwords
  • Many applications and operating systems include
    built-in default passwords.
  • Lazy administrators
  • Database of default passwords is publicly
    available at http//www.phenoelit.de/dpl/dpl.html

3
Lets Crack Those Passwords
  • Stealing the encrypted passwords and trying to
    recover the clear-text password.

Dictionary
Brute-force cracking
  • Create a password guess
  • Encrypt the guess
  • Compare encrypted guess with encrypted
    value from the stolen password file
  • If match,youve got the password!
  • Else,loop back.

Hybrid password cracking
Loop
4
Cracking Windows NT/2000 Passwords Using LC5
  • One of the most hyped security/attack tools.
  • Focuses only on cracking Windows passwords.
  • Available at http//www.atstake.com/products/lc/d
    ownload_thanks.html

5
Get Encrypted Passwords
Local machine
Remote machine
6
Choose Auditing Method
Simple checks
Normal checks
Strong checks
7
Pick Reporting Style
The types of report.
8
Auditing Options
  • Import

Character type
9
Import
10
Audit
Start
Got the passwords
11
Report
12
Remote machine
Check type
Remote machine
13
Remote machine
The types of report
14
Remote machine
Administrator
Passwords
15
Remote machine
Start
Got it!
16
John the Ripper
  • Focues on cracking UNIX passwords.
  • Available at
  • http//www.openwall.com/john/b/john-1.6.tar.gz
  • Current version 1.6

17
John the Ripper
Download John the Ripper
Download complete
Unzip
18
John the Ripper
compiler
Start
19
John the Ripper
Cracking the password
Got the password
Try the password
20
Defenses against Password-Cracking Attacks
  • Strong Password Policy
  • User Awareness
  • Password-Filtering Software
  • UNIX
  • Npasswd
  • Passwd
  • Windows
  • Strongpass

21
Defenses against Password-Cracking Attacks(cont.)
  • Conduct Your Own Regular Password-Cracking Tests.
  • Protect Your Encrypted/Hashed Password Files.

22
Web Application Attacks
23
Account Harvesting
  • Targeting the authentication process when an
    application requests a userID and password.

Correct userID
Invalid userID
Incorrect password
24
Account Harvesting Defenses
  • When userID or password was incorrect,all
    accompanying information sent back to the browser
    must be completely consistent.
  • Includes
  • HTML
  • URL
  • Cookies
  • Hidden form elements

25
Correct userID
Incorrect password(123456789)
26
Invalid userID
27
Undermining Web Application Session Tracking
  • Web applications generate a session ID to track
    user actions.
  • Session ID
  • Application-level data
  • Generated by the application

28
Attacking Session Tracking Mechanisms
  • Establish a session,get assigned a session ID,and
    alter the session ID.
  • The attacker usurps the legitimate users session
    ID to do anything.

29
Achilles
  • Achilles available at http//www.mavensecurity.com
    /achilles
  • Current version 0.27

Internet
Web browser
Achilles(proxy)
30
Achilles
Start
Intercept Modes
Intercept information
31
Defending against Web Application
Session-Tracking Attacks
  • Ensure the integrity of all session-tracking
    elements
  • Digitally sign or session-tracking information
    using a cryptographic algorithm.
  • Encrypt the information in the URL,
  • Hidden form element,or cookie.
  • Long session IDs.
  • Dynamic session IDs .
  • Apply a timestamp .

32
Conclusions
  • Attacker can use to gain access
  • to a target machine by attacking applications.
Write a Comment
User Comments (0)
About PowerShow.com