SlideShare une entreprise Scribd logo

How-to crack 43kk passwords while drinking your juice/smoozie in the Hood

Télécharger en tant que PPTX, PDF
Y
Yurii Bilyk

Analysis of leaked LinkedIn dumps, methods of cracking passwords, what hardware do you need and how long it could take, some interesting statistics

Technologie
1  sur  42
Yurii Bilyk | 2016 How-to crack 43kk passwords while drinking your in the Hood
WHO AM I 26 vs 27.5 vs 29
TEAM  WE are Security Group  WE are ALL Engineers (Almost;)  WE are OWASP Lviv Chapter  WE are Legio… oops blog: http://owasp-lviv.blogspot.com skype: y.bilyk
o But WHY??!! o Our CRACKING RIG o Different obvious methods o Not so obvious methods o Some interesting statistics Agenda
Tell Me WHY!? what’s wrong with you?
The Reason Just for FUN Good example of Open Source Intelligence You can really test your skills in password cracking
Some Info LinkedIn DB contains 250 758 057 e-mails Only 61 829 208 contains unique hashes File size of all unique hashes is 2.5 GB
Our CRACKING RIG because we can
P - Podgotovka LinkedIn DB contains unsalted SHA-1 hashes GPU should be best option for such type of hashes Best tool for this case is HashCat
GTX 1080 SHA-1 Benchmark 8xGPU SHA-1 crack speed: 68 771.0 MH/s 8xCHARS password Z!sN0/7u: 95 symbols length alphabet 6.70 X 1015 search space 1 days 3 hours 4 minutes 54 seconds to brute ALL combinations
Question of Money 738x8 = 5904 $$$
Amazon K80 SHA-1 Benchmark 36xGPU SHA-1 crack speed: 75 200.0 MH/s 8xCHARS password Z!sN0/7u: 95 symbols length alphabet 6.70 X 1015 search space 1 days 45 minutes 59 seconds to brute ALL combinations
So You’ve said Amazon? (14.4+14.4+7.2)x25 = 900 $$$
Rainbow Alternatives 1000 $$$
RainBow Seek SHA-1 Benchmark SHA-1 crack speed: 3 880 000.0 MH/s for 1 hash 784 000.0 MH/s for 10 hashes 8xCHARS password Z!sN0/7u: 95 symbols length alphabet 6.70 X 1015 search space 28 minutes <-> 2 hours 22 minutes to brute ALL combinations
Return to Reality Intel Core i5-3570 @ 3.4Ghz SHA-1 crack speed: ~120.0 MH/s NVIDIA 750GT (Mobile): SHA-1 crack speed: ~120.0 MH/s
1xi5-3570 SHA-1 Benchmark SHA-1 crack speed: 120.0 MH/s 8xCHARS password Z!sN0/7u: 95 symbols length alphabet 6.70 X 1015 search space 1 years 281 days 10 hours 30 minutes 48 seconds to brute ALL combinations
Some OBVIOUS STEPS let’s play
Where to Start? We used dictionary attack as the first attempt You need good dictionary. We started with rockyou.txt You need memory for your hashes. It could be problem for GPU
So First Try Cracked around 20% of all hashes (with rockyou.txt dictionary) It took around 5 mins  And now you have to think what to do next 
We need moar dictionaries! RockYou contains 14 344 391 words We tried different dictionaries. The biggest was 1 212 356 398 words and 15 GB in size All this gives us approx 35% of all hashes
Let’s brute it! We selected up to 6 char passwords with full set of characters It took around 2 hours All this gives us approx 45% of all hashes
Magic of STATISTICS new is well-forgotten old
What we can do get moar? HashCat has rules of transformation It mutates original word Quality of your dictionary is essential. Size doesn’t rly matters Using rules is more time consuming than just dictionary attack
What rules are effective? We used best64, InsidePro- PasswordsPro and d3ad0ne rules It was very effective in terms of number of hashes All this gives us approx 60% of all hashes
Time to go smarter way We have 36 millions of cracked passwords We can analyze cracked password to determine patters This patterns can produce more efficient bruteforce masks
Meet PACK Tool http://thesprawl.org/projects/pack/
PACK Tool Features Can analyze list of password and generate bruteforce mask You can specify password length, time, complexity constrains Gives you some idea what type of passwords are popular
Is PACK effective? It can crack similar passwords according that you already have You can flexibly choose best masks regarding constrains All this gives us approx 65% of all hashes
Other types of attacks PRINCE attack, somehow similar to the using PACK tool + mutation Combination of TWO and more dictionaries Hybrid attack, that uses dictionaries + rules + bruteforce masks
Some CHARTS It’s easy
Length of password (Our)
Length of password (Korelogic)
Character-set of password (Our)
Most Popular Passwords (Korelogic)
Mails (Korelogic)
Base Words (Korelogic)
Thank YOU!

Recommandé

The Cryptography has YOU
The Cryptography has YOUThe Cryptography has YOU
The Cryptography has YOUYurii Bilyk
 
SSL/POODLE: History repeats itself
SSL/POODLE: History repeats itselfSSL/POODLE: History repeats itself
SSL/POODLE: History repeats itselfYurii Bilyk
 
Collision vulnerability for hash data structures in web platforms
Collision vulnerability for hash data structures in web platformsCollision vulnerability for hash data structures in web platforms
Collision vulnerability for hash data structures in web platformsBerescu Ionut
 
Message Authentication using Message Digests and the MD5 Algorithm
Message Authentication using Message Digests and the MD5 AlgorithmMessage Authentication using Message Digests and the MD5 Algorithm
Message Authentication using Message Digests and the MD5 AlgorithmAjay Karri
 
Message authentication with md5
Message authentication with md5Message authentication with md5
Message authentication with md5志璿 楊
 
Hash Techniques in Cryptography
Hash Techniques in CryptographyHash Techniques in Cryptography
Hash Techniques in CryptographyBasudev Saha
 
Password Security
Password SecurityPassword Security
Password SecurityAlex Hyer
 
Hash crypto
Hash cryptoHash crypto
Hash cryptoHarry Potter
 

Recommandé

The Cryptography has YOU
The Cryptography has YOUThe Cryptography has YOU
The Cryptography has YOUYurii Bilyk
 
SSL/POODLE: History repeats itself
SSL/POODLE: History repeats itselfSSL/POODLE: History repeats itself
SSL/POODLE: History repeats itselfYurii Bilyk
 
Collision vulnerability for hash data structures in web platforms
Collision vulnerability for hash data structures in web platformsCollision vulnerability for hash data structures in web platforms
Collision vulnerability for hash data structures in web platformsBerescu Ionut
 
Message Authentication using Message Digests and the MD5 Algorithm
Message Authentication using Message Digests and the MD5 AlgorithmMessage Authentication using Message Digests and the MD5 Algorithm
Message Authentication using Message Digests and the MD5 AlgorithmAjay Karri
 
Message authentication with md5
Message authentication with md5Message authentication with md5
Message authentication with md5志璿 楊
 
Hash Techniques in Cryptography
Hash Techniques in CryptographyHash Techniques in Cryptography
Hash Techniques in CryptographyBasudev Saha
 
Password Security
Password SecurityPassword Security
Password SecurityAlex Hyer
 
Hash crypto
Hash cryptoHash crypto
Hash cryptoHarry Potter
 
MD5
MD5MD5
MD5rokham khawaja
 
Hash Function & Analysis
Hash Function & AnalysisHash Function & Analysis
Hash Function & AnalysisPawandeep Kaur
 
Stripe CTF3 wrap-up
Stripe CTF3 wrap-upStripe CTF3 wrap-up
Stripe CTF3 wrap-upStripe
 
6.hash mac
6.hash mac6.hash mac
6.hash macVirendrakumar Dhotre
 
Academy PRO: Cryptography 3
Academy PRO: Cryptography 3Academy PRO: Cryptography 3
Academy PRO: Cryptography 3Binary Studio
 
MD5Algorithm
MD5AlgorithmMD5Algorithm
MD5AlgorithmMirza Tarannum
 
Cryptography - Simplified - Hash Functions
Cryptography - Simplified - Hash FunctionsCryptography - Simplified - Hash Functions
Cryptography - Simplified - Hash FunctionsAbdul Manaf Vellakodath
 
IPv6 for Pentester
IPv6 for PentesterIPv6 for Pentester
IPv6 for PentesterAmish Patadiya
 
MD-5 : Algorithm
MD-5 : AlgorithmMD-5 : Algorithm
MD-5 : AlgorithmSahil Kureel
 
Password Security
Password SecurityPassword Security
Password SecurityCSCJournals
 
Cryptographic Hashing Functions
Cryptographic Hashing FunctionsCryptographic Hashing Functions
Cryptographic Hashing FunctionsYusuf Uzun
 
Hash function
Hash functionHash function
Hash functionHarry Potter
 
Strong cryptography in PHP
Strong cryptography in PHPStrong cryptography in PHP
Strong cryptography in PHPEnrico Zimuel
 
Cryptography For The Average Developer - Sunshine PHP
Cryptography For The Average Developer - Sunshine PHPCryptography For The Average Developer - Sunshine PHP
Cryptography For The Average Developer - Sunshine PHPAnthony Ferrara
 
Cryptography in PHP: use cases
Cryptography in PHP: use casesCryptography in PHP: use cases
Cryptography in PHP: use casesEnrico Zimuel
 
Secure password - CYBER SECURITY
Secure password - CYBER SECURITYSecure password - CYBER SECURITY
Secure password - CYBER SECURITYSupanShah2
 
Hash Function
Hash FunctionHash Function
Hash FunctionSiddharth Srivastava
 
Information and data security cryptographic hash functions
Information and data security cryptographic hash functionsInformation and data security cryptographic hash functions
Information and data security cryptographic hash functionsMazin Alwaaly
 
Cryptographic hash function md5
Cryptographic hash function md5Cryptographic hash function md5
Cryptographic hash function md5Khulna University, Khulna, Bangladesh
 
Rainbow Tables
Rainbow TablesRainbow Tables
Rainbow TablesPanggi Libersa
 
Techniques for password hashing and cracking
Techniques for password hashing and crackingTechniques for password hashing and cracking
Techniques for password hashing and crackingNipun Joshi
 
Password Storage And Attacking In PHP - PHP Argentina
Password Storage And Attacking In PHP - PHP ArgentinaPassword Storage And Attacking In PHP - PHP Argentina
Password Storage And Attacking In PHP - PHP ArgentinaAnthony Ferrara
 

Contenu connexe

Tendances

Hash Function & Analysis
Hash Function & AnalysisHash Function & Analysis
Hash Function & AnalysisPawandeep Kaur
 
Stripe CTF3 wrap-up
Stripe CTF3 wrap-upStripe CTF3 wrap-up
Stripe CTF3 wrap-upStripe
 
Academy PRO: Cryptography 3
Academy PRO: Cryptography 3Academy PRO: Cryptography 3
Academy PRO: Cryptography 3Binary Studio
 
Cryptography - Simplified - Hash Functions
Cryptography - Simplified - Hash FunctionsCryptography - Simplified - Hash Functions
Cryptography - Simplified - Hash FunctionsAbdul Manaf Vellakodath
 
Password Security
Password SecurityPassword Security
Password SecurityCSCJournals
 
Cryptographic Hashing Functions
Cryptographic Hashing FunctionsCryptographic Hashing Functions
Cryptographic Hashing FunctionsYusuf Uzun
 
Strong cryptography in PHP
Strong cryptography in PHPStrong cryptography in PHP
Strong cryptography in PHPEnrico Zimuel
 
Cryptography For The Average Developer - Sunshine PHP
Cryptography For The Average Developer - Sunshine PHPCryptography For The Average Developer - Sunshine PHP
Cryptography For The Average Developer - Sunshine PHPAnthony Ferrara
 
Cryptography in PHP: use cases
Cryptography in PHP: use casesCryptography in PHP: use cases
Cryptography in PHP: use casesEnrico Zimuel
 
Secure password - CYBER SECURITY
Secure password - CYBER SECURITYSecure password - CYBER SECURITY
Secure password - CYBER SECURITYSupanShah2
 
Information and data security cryptographic hash functions
Information and data security cryptographic hash functionsInformation and data security cryptographic hash functions
Information and data security cryptographic hash functionsMazin Alwaaly
 

Tendances (20)

MD5
MD5MD5
MD5
 
Hash Function & Analysis
Hash Function & AnalysisHash Function & Analysis
Hash Function & Analysis
 
Stripe CTF3 wrap-up
Stripe CTF3 wrap-upStripe CTF3 wrap-up
Stripe CTF3 wrap-up
 
6.hash mac
6.hash mac6.hash mac
6.hash mac
 
Academy PRO: Cryptography 3
Academy PRO: Cryptography 3Academy PRO: Cryptography 3
Academy PRO: Cryptography 3
 
MD5Algorithm
MD5AlgorithmMD5Algorithm
MD5Algorithm
 
Cryptography - Simplified - Hash Functions
Cryptography - Simplified - Hash FunctionsCryptography - Simplified - Hash Functions
Cryptography - Simplified - Hash Functions
 
IPv6 for Pentester
IPv6 for PentesterIPv6 for Pentester
IPv6 for Pentester
 
MD-5 : Algorithm
MD-5 : AlgorithmMD-5 : Algorithm
MD-5 : Algorithm
 
Password Security
Password SecurityPassword Security
Password Security
 
Cryptographic Hashing Functions
Cryptographic Hashing FunctionsCryptographic Hashing Functions
Cryptographic Hashing Functions
 
Hash function
Hash functionHash function
Hash function
 
Strong cryptography in PHP
Strong cryptography in PHPStrong cryptography in PHP
Strong cryptography in PHP
 
Cryptography For The Average Developer - Sunshine PHP
Cryptography For The Average Developer - Sunshine PHPCryptography For The Average Developer - Sunshine PHP
Cryptography For The Average Developer - Sunshine PHP
 
Cryptography in PHP: use cases
Cryptography in PHP: use casesCryptography in PHP: use cases
Cryptography in PHP: use cases
 
Secure password - CYBER SECURITY
Secure password - CYBER SECURITYSecure password - CYBER SECURITY
Secure password - CYBER SECURITY
 
Hash Function
Hash FunctionHash Function
Hash Function
 
Information and data security cryptographic hash functions
Information and data security cryptographic hash functionsInformation and data security cryptographic hash functions
Information and data security cryptographic hash functions
 
Cryptographic hash function md5
Cryptographic hash function md5Cryptographic hash function md5
Cryptographic hash function md5
 
Rainbow Tables
Rainbow TablesRainbow Tables
Rainbow Tables
 

Similaire à How-to crack 43kk passwords while drinking your juice/smoozie in the Hood

Techniques for password hashing and cracking
Techniques for password hashing and crackingTechniques for password hashing and cracking
Techniques for password hashing and crackingNipun Joshi
 
Password Storage And Attacking In PHP - PHP Argentina
Password Storage And Attacking In PHP - PHP ArgentinaPassword Storage And Attacking In PHP - PHP Argentina
Password Storage And Attacking In PHP - PHP ArgentinaAnthony Ferrara
 
Password (in)security
Password (in)securityPassword (in)security
Password (in)securityEnrico Zimuel
 
Password Storage and Attacking in PHP
Password Storage and Attacking in PHPPassword Storage and Attacking in PHP
Password Storage and Attacking in PHPAnthony Ferrara
 
Password Storage Sucks!
Password Storage Sucks!Password Storage Sucks!
Password Storage Sucks!nerdybeardo
 
Kieon secure passwords theory and practice 2011
Kieon secure passwords theory and practice 2011Kieon secure passwords theory and practice 2011
Kieon secure passwords theory and practice 2011Kieon
 
Passwords, Passwords and more Passwords
Passwords, Passwords and more PasswordsPasswords, Passwords and more Passwords
Passwords, Passwords and more Passwordsclcewing
 
What Video Games and BotCoin Did To The World Of Security... On Accident
What Video Games and BotCoin Did To The World Of Security... On AccidentWhat Video Games and BotCoin Did To The World Of Security... On Accident
What Video Games and BotCoin Did To The World Of Security... On AccidentBen Finke
 
Password Policies
Password PoliciesPassword Policies
Password Policiesallengalvan
 
Lightning Talk: What You Need to Know Before You Shard in 20 Minutes
Lightning Talk: What You Need to Know Before You Shard in 20 MinutesLightning Talk: What You Need to Know Before You Shard in 20 Minutes
Lightning Talk: What You Need to Know Before You Shard in 20 MinutesMongoDB
 
Sharding why,what,when, how
Sharding why,what,when, howSharding why,what,when, how
Sharding why,what,when, howDavid Murphy
 
A Survey of Password Attacks and Safe Hashing Algorithms
A Survey of Password Attacks and Safe Hashing AlgorithmsA Survey of Password Attacks and Safe Hashing Algorithms
A Survey of Password Attacks and Safe Hashing AlgorithmsIRJET Journal
 
Passwords good badugly181212-2
Passwords good badugly181212-2Passwords good badugly181212-2
Passwords good badugly181212-2Iftach Ian Amit
 
User Credential handling in Web Applications done right
User Credential handling in Web Applications done rightUser Credential handling in Web Applications done right
User Credential handling in Web Applications done righttladesignz
 

Similaire à How-to crack 43kk passwords while drinking your juice/smoozie in the Hood (20)

Techniques for password hashing and cracking
Techniques for password hashing and crackingTechniques for password hashing and cracking
Techniques for password hashing and cracking
 
Password Storage And Attacking In PHP - PHP Argentina
Password Storage And Attacking In PHP - PHP ArgentinaPassword Storage And Attacking In PHP - PHP Argentina
Password Storage And Attacking In PHP - PHP Argentina
 
Password (in)security
Password (in)securityPassword (in)security
Password (in)security
 
Password Storage and Attacking in PHP
Password Storage and Attacking in PHPPassword Storage and Attacking in PHP
Password Storage and Attacking in PHP
 
P@ssw0rds
P@ssw0rdsP@ssw0rds
P@ssw0rds
 
Stu r33 b (2)
Stu r33 b (2)Stu r33 b (2)
Stu r33 b (2)
 
Iam r31 a (2)
Iam r31 a (2)Iam r31 a (2)
Iam r31 a (2)
 
Password Storage Sucks!
Password Storage Sucks!Password Storage Sucks!
Password Storage Sucks!
 
Kieon secure passwords theory and practice 2011
Kieon secure passwords theory and practice 2011Kieon secure passwords theory and practice 2011
Kieon secure passwords theory and practice 2011
 
Passwords, Passwords and more Passwords
Passwords, Passwords and more PasswordsPasswords, Passwords and more Passwords
Passwords, Passwords and more Passwords
 
The Hacker's Guide to JWT Security
The Hacker's Guide to JWT SecurityThe Hacker's Guide to JWT Security
The Hacker's Guide to JWT Security
 
What Video Games and BotCoin Did To The World Of Security... On Accident
What Video Games and BotCoin Did To The World Of Security... On AccidentWhat Video Games and BotCoin Did To The World Of Security... On Accident
What Video Games and BotCoin Did To The World Of Security... On Accident
 
Password Policies
Password PoliciesPassword Policies
Password Policies
 
Lightning Talk: What You Need to Know Before You Shard in 20 Minutes
Lightning Talk: What You Need to Know Before You Shard in 20 MinutesLightning Talk: What You Need to Know Before You Shard in 20 Minutes
Lightning Talk: What You Need to Know Before You Shard in 20 Minutes
 
Sharding why,what,when, how
Sharding why,what,when, howSharding why,what,when, how
Sharding why,what,when, how
 
A Survey of Password Attacks and Safe Hashing Algorithms
A Survey of Password Attacks and Safe Hashing AlgorithmsA Survey of Password Attacks and Safe Hashing Algorithms
A Survey of Password Attacks and Safe Hashing Algorithms
 
Passwords good badugly181212-2
Passwords good badugly181212-2Passwords good badugly181212-2
Passwords good badugly181212-2
 
User Credential handling in Web Applications done right
User Credential handling in Web Applications done rightUser Credential handling in Web Applications done right
User Credential handling in Web Applications done right
 
Hash cat
Hash catHash cat
Hash cat
 
Developer &lt; eat love code >
Developer &lt; eat love code >Developer &lt; eat love code >
Developer &lt; eat love code >
 

Dernier

Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native ApplicationsWSO2
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsNanddeep Nachan
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...DianaGray10
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamUiPathCommunity
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Orbitshub
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingEdi Saputra
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxRemote DBA Services
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businesspanagenda
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...apidays
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusZilliz
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...apidays
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobeapidays
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Angeliki Cooney
 
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityWSO2
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistandanishmna97
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDropbox
 

Dernier (20)

Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptx
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
 
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital Adaptability
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 

How-to crack 43kk passwords while drinking your juice/smoozie in the Hood

  • 1. Yurii Bilyk | 2016 How-to crack 43kk passwords while drinking your in the Hood
  • 2. WHO AM I 26 vs 27.5 vs 29
  • 3. TEAM  WE are Security Group  WE are ALL Engineers (Almost;)  WE are OWASP Lviv Chapter  WE are Legio… oops blog: http://owasp-lviv.blogspot.com skype: y.bilyk
  • 4. o But WHY??!! o Our CRACKING RIG o Different obvious methods o Not so obvious methods o Some interesting statistics Agenda
  • 5. Tell Me WHY!? what’s wrong with you?
  • 6. The Reason Just for FUN Good example of Open Source Intelligence You can really test your skills in password cracking
  • 7. Some Info LinkedIn DB contains 250 758 057 e-mails Only 61 829 208 contains unique hashes File size of all unique hashes is 2.5 GB
  • 9. P - Podgotovka LinkedIn DB contains unsalted SHA-1 hashes GPU should be best option for such type of hashes Best tool for this case is HashCat
  • 10.
  • 11. GTX 1080 SHA-1 Benchmark 8xGPU SHA-1 crack speed: 68 771.0 MH/s 8xCHARS password Z!sN0/7u: 95 symbols length alphabet 6.70 X 1015 search space 1 days 3 hours 4 minutes 54 seconds to brute ALL combinations
  • 13.
  • 14. Amazon K80 SHA-1 Benchmark 36xGPU SHA-1 crack speed: 75 200.0 MH/s 8xCHARS password Z!sN0/7u: 95 symbols length alphabet 6.70 X 1015 search space 1 days 45 minutes 59 seconds to brute ALL combinations
  • 15. So You’ve said Amazon? (14.4+14.4+7.2)x25 = 900 $$$
  • 16.
  • 18. RainBow Seek SHA-1 Benchmark SHA-1 crack speed: 3 880 000.0 MH/s for 1 hash 784 000.0 MH/s for 10 hashes 8xCHARS password Z!sN0/7u: 95 symbols length alphabet 6.70 X 1015 search space 28 minutes <-> 2 hours 22 minutes to brute ALL combinations
  • 19.
  • 20. Return to Reality Intel Core i5-3570 @ 3.4Ghz SHA-1 crack speed: ~120.0 MH/s NVIDIA 750GT (Mobile): SHA-1 crack speed: ~120.0 MH/s
  • 21. 1xi5-3570 SHA-1 Benchmark SHA-1 crack speed: 120.0 MH/s 8xCHARS password Z!sN0/7u: 95 symbols length alphabet 6.70 X 1015 search space 1 years 281 days 10 hours 30 minutes 48 seconds to brute ALL combinations
  • 23. Where to Start? We used dictionary attack as the first attempt You need good dictionary. We started with rockyou.txt You need memory for your hashes. It could be problem for GPU
  • 24. So First Try Cracked around 20% of all hashes (with rockyou.txt dictionary) It took around 5 mins  And now you have to think what to do next 
  • 25. We need moar dictionaries! RockYou contains 14 344 391 words We tried different dictionaries. The biggest was 1 212 356 398 words and 15 GB in size All this gives us approx 35% of all hashes
  • 26. Let’s brute it! We selected up to 6 char passwords with full set of characters It took around 2 hours All this gives us approx 45% of all hashes
  • 27. Magic of STATISTICS new is well-forgotten old
  • 28. What we can do get moar? HashCat has rules of transformation It mutates original word Quality of your dictionary is essential. Size doesn’t rly matters Using rules is more time consuming than just dictionary attack
  • 29. What rules are effective? We used best64, InsidePro- PasswordsPro and d3ad0ne rules It was very effective in terms of number of hashes All this gives us approx 60% of all hashes
  • 30. Time to go smarter way We have 36 millions of cracked passwords We can analyze cracked password to determine patters This patterns can produce more efficient bruteforce masks
  • 32. PACK Tool Features Can analyze list of password and generate bruteforce mask You can specify password length, time, complexity constrains Gives you some idea what type of passwords are popular
  • 33. Is PACK effective? It can crack similar passwords according that you already have You can flexibly choose best masks regarding constrains All this gives us approx 65% of all hashes
  • 34. Other types of attacks PRINCE attack, somehow similar to the using PACK tool + mutation Combination of TWO and more dictionaries Hybrid attack, that uses dictionaries + rules + bruteforce masks
  • 37. Length of password (Korelogic)
  • 39. Most Popular Passwords (Korelogic)