SlideShare a Scribd company logo

How-to crack 43kk passwords while drinking your juice/smoozie in the Hood

Download as PPTX, PDF
Y
Yurii Bilyk

Analysis of leaked LinkedIn dumps, methods of cracking passwords, what hardware do you need and how long it could take, some interesting statistics

Technology
1 of 42
Yurii Bilyk | 2016 How-to crack 43kk passwords while drinking your in the Hood
WHO AM I 26 vs 27.5 vs 29
TEAM  WE are Security Group  WE are ALL Engineers (Almost;)  WE are OWASP Lviv Chapter  WE are Legio… oops blog: http://owasp-lviv.blogspot.com skype: y.bilyk
o But WHY??!! o Our CRACKING RIG o Different obvious methods o Not so obvious methods o Some interesting statistics Agenda
Tell Me WHY!? what’s wrong with you?
The Reason Just for FUN Good example of Open Source Intelligence You can really test your skills in password cracking
Some Info LinkedIn DB contains 250 758 057 e-mails Only 61 829 208 contains unique hashes File size of all unique hashes is 2.5 GB
Our CRACKING RIG because we can
P - Podgotovka LinkedIn DB contains unsalted SHA-1 hashes GPU should be best option for such type of hashes Best tool for this case is HashCat
GTX 1080 SHA-1 Benchmark 8xGPU SHA-1 crack speed: 68 771.0 MH/s 8xCHARS password Z!sN0/7u: 95 symbols length alphabet 6.70 X 1015 search space 1 days 3 hours 4 minutes 54 seconds to brute ALL combinations
Question of Money 738x8 = 5904 $$$
Amazon K80 SHA-1 Benchmark 36xGPU SHA-1 crack speed: 75 200.0 MH/s 8xCHARS password Z!sN0/7u: 95 symbols length alphabet 6.70 X 1015 search space 1 days 45 minutes 59 seconds to brute ALL combinations
So You’ve said Amazon? (14.4+14.4+7.2)x25 = 900 $$$
Rainbow Alternatives 1000 $$$
RainBow Seek SHA-1 Benchmark SHA-1 crack speed: 3 880 000.0 MH/s for 1 hash 784 000.0 MH/s for 10 hashes 8xCHARS password Z!sN0/7u: 95 symbols length alphabet 6.70 X 1015 search space 28 minutes <-> 2 hours 22 minutes to brute ALL combinations
Return to Reality Intel Core i5-3570 @ 3.4Ghz SHA-1 crack speed: ~120.0 MH/s NVIDIA 750GT (Mobile): SHA-1 crack speed: ~120.0 MH/s
1xi5-3570 SHA-1 Benchmark SHA-1 crack speed: 120.0 MH/s 8xCHARS password Z!sN0/7u: 95 symbols length alphabet 6.70 X 1015 search space 1 years 281 days 10 hours 30 minutes 48 seconds to brute ALL combinations
Some OBVIOUS STEPS let’s play
Where to Start? We used dictionary attack as the first attempt You need good dictionary. We started with rockyou.txt You need memory for your hashes. It could be problem for GPU
So First Try Cracked around 20% of all hashes (with rockyou.txt dictionary) It took around 5 mins  And now you have to think what to do next 
We need moar dictionaries! RockYou contains 14 344 391 words We tried different dictionaries. The biggest was 1 212 356 398 words and 15 GB in size All this gives us approx 35% of all hashes
Let’s brute it! We selected up to 6 char passwords with full set of characters It took around 2 hours All this gives us approx 45% of all hashes
Magic of STATISTICS new is well-forgotten old
What we can do get moar? HashCat has rules of transformation It mutates original word Quality of your dictionary is essential. Size doesn’t rly matters Using rules is more time consuming than just dictionary attack
What rules are effective? We used best64, InsidePro- PasswordsPro and d3ad0ne rules It was very effective in terms of number of hashes All this gives us approx 60% of all hashes
Time to go smarter way We have 36 millions of cracked passwords We can analyze cracked password to determine patters This patterns can produce more efficient bruteforce masks
Meet PACK Tool http://thesprawl.org/projects/pack/
PACK Tool Features Can analyze list of password and generate bruteforce mask You can specify password length, time, complexity constrains Gives you some idea what type of passwords are popular
Is PACK effective? It can crack similar passwords according that you already have You can flexibly choose best masks regarding constrains All this gives us approx 65% of all hashes
Other types of attacks PRINCE attack, somehow similar to the using PACK tool + mutation Combination of TWO and more dictionaries Hybrid attack, that uses dictionaries + rules + bruteforce masks
Some CHARTS It’s easy
Length of password (Our)
Length of password (Korelogic)
Character-set of password (Our)
Most Popular Passwords (Korelogic)
Mails (Korelogic)
Base Words (Korelogic)
Thank YOU!

Recommended

The Cryptography has YOU
The Cryptography has YOUThe Cryptography has YOU
The Cryptography has YOUYurii Bilyk
 
SSL/POODLE: History repeats itself
SSL/POODLE: History repeats itselfSSL/POODLE: History repeats itself
SSL/POODLE: History repeats itselfYurii Bilyk
 
Collision vulnerability for hash data structures in web platforms
Collision vulnerability for hash data structures in web platformsCollision vulnerability for hash data structures in web platforms
Collision vulnerability for hash data structures in web platformsBerescu Ionut
 
Message Authentication using Message Digests and the MD5 Algorithm
Message Authentication using Message Digests and the MD5 AlgorithmMessage Authentication using Message Digests and the MD5 Algorithm
Message Authentication using Message Digests and the MD5 AlgorithmAjay Karri
 
Message authentication with md5
Message authentication with md5Message authentication with md5
Message authentication with md5志璿 楊
 
Hash Techniques in Cryptography
Hash Techniques in CryptographyHash Techniques in Cryptography
Hash Techniques in CryptographyBasudev Saha
 
Password Security
Password SecurityPassword Security
Password SecurityAlex Hyer
 
Hash crypto
Hash cryptoHash crypto
Hash cryptoHarry Potter
 

Recommended

The Cryptography has YOU
The Cryptography has YOUThe Cryptography has YOU
The Cryptography has YOUYurii Bilyk
 
SSL/POODLE: History repeats itself
SSL/POODLE: History repeats itselfSSL/POODLE: History repeats itself
SSL/POODLE: History repeats itselfYurii Bilyk
 
Collision vulnerability for hash data structures in web platforms
Collision vulnerability for hash data structures in web platformsCollision vulnerability for hash data structures in web platforms
Collision vulnerability for hash data structures in web platformsBerescu Ionut
 
Message Authentication using Message Digests and the MD5 Algorithm
Message Authentication using Message Digests and the MD5 AlgorithmMessage Authentication using Message Digests and the MD5 Algorithm
Message Authentication using Message Digests and the MD5 AlgorithmAjay Karri
 
Message authentication with md5
Message authentication with md5Message authentication with md5
Message authentication with md5志璿 楊
 
Hash Techniques in Cryptography
Hash Techniques in CryptographyHash Techniques in Cryptography
Hash Techniques in CryptographyBasudev Saha
 
Password Security
Password SecurityPassword Security
Password SecurityAlex Hyer
 
Hash crypto
Hash cryptoHash crypto
Hash cryptoHarry Potter
 
MD5
MD5MD5
MD5rokham khawaja
 
Hash Function & Analysis
Hash Function & AnalysisHash Function & Analysis
Hash Function & AnalysisPawandeep Kaur
 
Stripe CTF3 wrap-up
Stripe CTF3 wrap-upStripe CTF3 wrap-up
Stripe CTF3 wrap-upStripe
 
6.hash mac
6.hash mac6.hash mac
6.hash macVirendrakumar Dhotre
 
Academy PRO: Cryptography 3
Academy PRO: Cryptography 3Academy PRO: Cryptography 3
Academy PRO: Cryptography 3Binary Studio
 
MD5Algorithm
MD5AlgorithmMD5Algorithm
MD5AlgorithmMirza Tarannum
 
Cryptography - Simplified - Hash Functions
Cryptography - Simplified - Hash FunctionsCryptography - Simplified - Hash Functions
Cryptography - Simplified - Hash FunctionsAbdul Manaf Vellakodath
 
IPv6 for Pentester
IPv6 for PentesterIPv6 for Pentester
IPv6 for PentesterAmish Patadiya
 
MD-5 : Algorithm
MD-5 : AlgorithmMD-5 : Algorithm
MD-5 : AlgorithmSahil Kureel
 
Password Security
Password SecurityPassword Security
Password SecurityCSCJournals
 
Cryptographic Hashing Functions
Cryptographic Hashing FunctionsCryptographic Hashing Functions
Cryptographic Hashing FunctionsYusuf Uzun
 
Hash function
Hash functionHash function
Hash functionHarry Potter
 
Strong cryptography in PHP
Strong cryptography in PHPStrong cryptography in PHP
Strong cryptography in PHPEnrico Zimuel
 
Cryptography For The Average Developer - Sunshine PHP
Cryptography For The Average Developer - Sunshine PHPCryptography For The Average Developer - Sunshine PHP
Cryptography For The Average Developer - Sunshine PHPAnthony Ferrara
 
Cryptography in PHP: use cases
Cryptography in PHP: use casesCryptography in PHP: use cases
Cryptography in PHP: use casesEnrico Zimuel
 
Secure password - CYBER SECURITY
Secure password - CYBER SECURITYSecure password - CYBER SECURITY
Secure password - CYBER SECURITYSupanShah2
 
Hash Function
Hash FunctionHash Function
Hash FunctionSiddharth Srivastava
 
Information and data security cryptographic hash functions
Information and data security cryptographic hash functionsInformation and data security cryptographic hash functions
Information and data security cryptographic hash functionsMazin Alwaaly
 
Cryptographic hash function md5
Cryptographic hash function md5Cryptographic hash function md5
Cryptographic hash function md5Khulna University, Khulna, Bangladesh
 
Rainbow Tables
Rainbow TablesRainbow Tables
Rainbow TablesPanggi Libersa
 
Techniques for password hashing and cracking
Techniques for password hashing and crackingTechniques for password hashing and cracking
Techniques for password hashing and crackingNipun Joshi
 
Password Storage And Attacking In PHP - PHP Argentina
Password Storage And Attacking In PHP - PHP ArgentinaPassword Storage And Attacking In PHP - PHP Argentina
Password Storage And Attacking In PHP - PHP ArgentinaAnthony Ferrara
 

More Related Content

What's hot

Hash Function & Analysis
Hash Function & AnalysisHash Function & Analysis
Hash Function & AnalysisPawandeep Kaur
 
Stripe CTF3 wrap-up
Stripe CTF3 wrap-upStripe CTF3 wrap-up
Stripe CTF3 wrap-upStripe
 
Academy PRO: Cryptography 3
Academy PRO: Cryptography 3Academy PRO: Cryptography 3
Academy PRO: Cryptography 3Binary Studio
 
Cryptography - Simplified - Hash Functions
Cryptography - Simplified - Hash FunctionsCryptography - Simplified - Hash Functions
Cryptography - Simplified - Hash FunctionsAbdul Manaf Vellakodath
 
Password Security
Password SecurityPassword Security
Password SecurityCSCJournals
 
Cryptographic Hashing Functions
Cryptographic Hashing FunctionsCryptographic Hashing Functions
Cryptographic Hashing FunctionsYusuf Uzun
 
Strong cryptography in PHP
Strong cryptography in PHPStrong cryptography in PHP
Strong cryptography in PHPEnrico Zimuel
 
Cryptography For The Average Developer - Sunshine PHP
Cryptography For The Average Developer - Sunshine PHPCryptography For The Average Developer - Sunshine PHP
Cryptography For The Average Developer - Sunshine PHPAnthony Ferrara
 
Cryptography in PHP: use cases
Cryptography in PHP: use casesCryptography in PHP: use cases
Cryptography in PHP: use casesEnrico Zimuel
 
Secure password - CYBER SECURITY
Secure password - CYBER SECURITYSecure password - CYBER SECURITY
Secure password - CYBER SECURITYSupanShah2
 
Information and data security cryptographic hash functions
Information and data security cryptographic hash functionsInformation and data security cryptographic hash functions
Information and data security cryptographic hash functionsMazin Alwaaly
 

What's hot (20)

MD5
MD5MD5
MD5
 
Hash Function & Analysis
Hash Function & AnalysisHash Function & Analysis
Hash Function & Analysis
 
Stripe CTF3 wrap-up
Stripe CTF3 wrap-upStripe CTF3 wrap-up
Stripe CTF3 wrap-up
 
6.hash mac
6.hash mac6.hash mac
6.hash mac
 
Academy PRO: Cryptography 3
Academy PRO: Cryptography 3Academy PRO: Cryptography 3
Academy PRO: Cryptography 3
 
MD5Algorithm
MD5AlgorithmMD5Algorithm
MD5Algorithm
 
Cryptography - Simplified - Hash Functions
Cryptography - Simplified - Hash FunctionsCryptography - Simplified - Hash Functions
Cryptography - Simplified - Hash Functions
 
IPv6 for Pentester
IPv6 for PentesterIPv6 for Pentester
IPv6 for Pentester
 
MD-5 : Algorithm
MD-5 : AlgorithmMD-5 : Algorithm
MD-5 : Algorithm
 
Password Security
Password SecurityPassword Security
Password Security
 
Cryptographic Hashing Functions
Cryptographic Hashing FunctionsCryptographic Hashing Functions
Cryptographic Hashing Functions
 
Hash function
Hash functionHash function
Hash function
 
Strong cryptography in PHP
Strong cryptography in PHPStrong cryptography in PHP
Strong cryptography in PHP
 
Cryptography For The Average Developer - Sunshine PHP
Cryptography For The Average Developer - Sunshine PHPCryptography For The Average Developer - Sunshine PHP
Cryptography For The Average Developer - Sunshine PHP
 
Cryptography in PHP: use cases
Cryptography in PHP: use casesCryptography in PHP: use cases
Cryptography in PHP: use cases
 
Secure password - CYBER SECURITY
Secure password - CYBER SECURITYSecure password - CYBER SECURITY
Secure password - CYBER SECURITY
 
Hash Function
Hash FunctionHash Function
Hash Function
 
Information and data security cryptographic hash functions
Information and data security cryptographic hash functionsInformation and data security cryptographic hash functions
Information and data security cryptographic hash functions
 
Cryptographic hash function md5
Cryptographic hash function md5Cryptographic hash function md5
Cryptographic hash function md5
 
Rainbow Tables
Rainbow TablesRainbow Tables
Rainbow Tables
 

Similar to How-to crack 43kk passwords while drinking your juice/smoozie in the Hood

Techniques for password hashing and cracking
Techniques for password hashing and crackingTechniques for password hashing and cracking
Techniques for password hashing and crackingNipun Joshi
 
Password Storage And Attacking In PHP - PHP Argentina
Password Storage And Attacking In PHP - PHP ArgentinaPassword Storage And Attacking In PHP - PHP Argentina
Password Storage And Attacking In PHP - PHP ArgentinaAnthony Ferrara
 
Password (in)security
Password (in)securityPassword (in)security
Password (in)securityEnrico Zimuel
 
Password Storage and Attacking in PHP
Password Storage and Attacking in PHPPassword Storage and Attacking in PHP
Password Storage and Attacking in PHPAnthony Ferrara
 
Password Storage Sucks!
Password Storage Sucks!Password Storage Sucks!
Password Storage Sucks!nerdybeardo
 
Kieon secure passwords theory and practice 2011
Kieon secure passwords theory and practice 2011Kieon secure passwords theory and practice 2011
Kieon secure passwords theory and practice 2011Kieon
 
Passwords, Passwords and more Passwords
Passwords, Passwords and more PasswordsPasswords, Passwords and more Passwords
Passwords, Passwords and more Passwordsclcewing
 
What Video Games and BotCoin Did To The World Of Security... On Accident
What Video Games and BotCoin Did To The World Of Security... On AccidentWhat Video Games and BotCoin Did To The World Of Security... On Accident
What Video Games and BotCoin Did To The World Of Security... On AccidentBen Finke
 
Password Policies
Password PoliciesPassword Policies
Password Policiesallengalvan
 
Lightning Talk: What You Need to Know Before You Shard in 20 Minutes
Lightning Talk: What You Need to Know Before You Shard in 20 MinutesLightning Talk: What You Need to Know Before You Shard in 20 Minutes
Lightning Talk: What You Need to Know Before You Shard in 20 MinutesMongoDB
 
Sharding why,what,when, how
Sharding why,what,when, howSharding why,what,when, how
Sharding why,what,when, howDavid Murphy
 
A Survey of Password Attacks and Safe Hashing Algorithms
A Survey of Password Attacks and Safe Hashing AlgorithmsA Survey of Password Attacks and Safe Hashing Algorithms
A Survey of Password Attacks and Safe Hashing AlgorithmsIRJET Journal
 
Passwords good badugly181212-2
Passwords good badugly181212-2Passwords good badugly181212-2
Passwords good badugly181212-2Iftach Ian Amit
 
User Credential handling in Web Applications done right
User Credential handling in Web Applications done rightUser Credential handling in Web Applications done right
User Credential handling in Web Applications done righttladesignz
 

Similar to How-to crack 43kk passwords while drinking your juice/smoozie in the Hood (20)

Techniques for password hashing and cracking
Techniques for password hashing and crackingTechniques for password hashing and cracking
Techniques for password hashing and cracking
 
Password Storage And Attacking In PHP - PHP Argentina
Password Storage And Attacking In PHP - PHP ArgentinaPassword Storage And Attacking In PHP - PHP Argentina
Password Storage And Attacking In PHP - PHP Argentina
 
Password (in)security
Password (in)securityPassword (in)security
Password (in)security
 
Password Storage and Attacking in PHP
Password Storage and Attacking in PHPPassword Storage and Attacking in PHP
Password Storage and Attacking in PHP
 
P@ssw0rds
P@ssw0rdsP@ssw0rds
P@ssw0rds
 
Stu r33 b (2)
Stu r33 b (2)Stu r33 b (2)
Stu r33 b (2)
 
Iam r31 a (2)
Iam r31 a (2)Iam r31 a (2)
Iam r31 a (2)
 
Password Storage Sucks!
Password Storage Sucks!Password Storage Sucks!
Password Storage Sucks!
 
Kieon secure passwords theory and practice 2011
Kieon secure passwords theory and practice 2011Kieon secure passwords theory and practice 2011
Kieon secure passwords theory and practice 2011
 
Passwords, Passwords and more Passwords
Passwords, Passwords and more PasswordsPasswords, Passwords and more Passwords
Passwords, Passwords and more Passwords
 
The Hacker's Guide to JWT Security
The Hacker's Guide to JWT SecurityThe Hacker's Guide to JWT Security
The Hacker's Guide to JWT Security
 
What Video Games and BotCoin Did To The World Of Security... On Accident
What Video Games and BotCoin Did To The World Of Security... On AccidentWhat Video Games and BotCoin Did To The World Of Security... On Accident
What Video Games and BotCoin Did To The World Of Security... On Accident
 
Password Policies
Password PoliciesPassword Policies
Password Policies
 
Lightning Talk: What You Need to Know Before You Shard in 20 Minutes
Lightning Talk: What You Need to Know Before You Shard in 20 MinutesLightning Talk: What You Need to Know Before You Shard in 20 Minutes
Lightning Talk: What You Need to Know Before You Shard in 20 Minutes
 
Sharding why,what,when, how
Sharding why,what,when, howSharding why,what,when, how
Sharding why,what,when, how
 
A Survey of Password Attacks and Safe Hashing Algorithms
A Survey of Password Attacks and Safe Hashing AlgorithmsA Survey of Password Attacks and Safe Hashing Algorithms
A Survey of Password Attacks and Safe Hashing Algorithms
 
Passwords good badugly181212-2
Passwords good badugly181212-2Passwords good badugly181212-2
Passwords good badugly181212-2
 
User Credential handling in Web Applications done right
User Credential handling in Web Applications done rightUser Credential handling in Web Applications done right
User Credential handling in Web Applications done right
 
Hash cat
Hash catHash cat
Hash cat
 
Developer &lt; eat love code >
Developer &lt; eat love code >Developer &lt; eat love code >
Developer &lt; eat love code >
 

Recently uploaded

Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Hiroshi SHIBATA
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxLoriGlavin3
 
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Alkin Tezuysal
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxLoriGlavin3
 
Zeshan Sattar- Assessing the skill requirements and industry expectations for...
Zeshan Sattar- Assessing the skill requirements and industry expectations for...Zeshan Sattar- Assessing the skill requirements and industry expectations for...
Zeshan Sattar- Assessing the skill requirements and industry expectations for...itnewsafrica
 
Generative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfGenerative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfIngrid Airi González
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Mark Goldstein
 
Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterScale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterMydbops
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
Generative AI - Gitex v1Generative AI - Gitex v1.pptx
Generative AI - Gitex v1Generative AI - Gitex v1.pptxGenerative AI - Gitex v1Generative AI - Gitex v1.pptx
Generative AI - Gitex v1Generative AI - Gitex v1.pptxfnnc6jmgwh
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfLoriGlavin3
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Farhan Tariq
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersNicole Novielli
 
A Framework for Development in the AI Age
A Framework for Development in the AI AgeA Framework for Development in the AI Age
A Framework for Development in the AI AgeCprime
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxLoriGlavin3
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality AssuranceInflectra
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfNeo4j
 
React Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkReact Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkPixlogix Infotech
 

Recently uploaded (20)

Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
 
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
 
Zeshan Sattar- Assessing the skill requirements and industry expectations for...
Zeshan Sattar- Assessing the skill requirements and industry expectations for...Zeshan Sattar- Assessing the skill requirements and industry expectations for...
Zeshan Sattar- Assessing the skill requirements and industry expectations for...
 
Generative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfGenerative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdf
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
 
Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterScale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL Router
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
Generative AI - Gitex v1Generative AI - Gitex v1.pptx
Generative AI - Gitex v1Generative AI - Gitex v1.pptxGenerative AI - Gitex v1Generative AI - Gitex v1.pptx
Generative AI - Gitex v1Generative AI - Gitex v1.pptx
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdf
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software Developers
 
A Framework for Development in the AI Age
A Framework for Development in the AI AgeA Framework for Development in the AI Age
A Framework for Development in the AI Age
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdf
 
React Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkReact Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App Framework
 

How-to crack 43kk passwords while drinking your juice/smoozie in the Hood

  • 1. Yurii Bilyk | 2016 How-to crack 43kk passwords while drinking your in the Hood
  • 2. WHO AM I 26 vs 27.5 vs 29
  • 3. TEAM  WE are Security Group  WE are ALL Engineers (Almost;)  WE are OWASP Lviv Chapter  WE are Legio… oops blog: http://owasp-lviv.blogspot.com skype: y.bilyk
  • 4. o But WHY??!! o Our CRACKING RIG o Different obvious methods o Not so obvious methods o Some interesting statistics Agenda
  • 5. Tell Me WHY!? what’s wrong with you?
  • 6. The Reason Just for FUN Good example of Open Source Intelligence You can really test your skills in password cracking
  • 7. Some Info LinkedIn DB contains 250 758 057 e-mails Only 61 829 208 contains unique hashes File size of all unique hashes is 2.5 GB
  • 9. P - Podgotovka LinkedIn DB contains unsalted SHA-1 hashes GPU should be best option for such type of hashes Best tool for this case is HashCat
  • 10.
  • 11. GTX 1080 SHA-1 Benchmark 8xGPU SHA-1 crack speed: 68 771.0 MH/s 8xCHARS password Z!sN0/7u: 95 symbols length alphabet 6.70 X 1015 search space 1 days 3 hours 4 minutes 54 seconds to brute ALL combinations
  • 13.
  • 14. Amazon K80 SHA-1 Benchmark 36xGPU SHA-1 crack speed: 75 200.0 MH/s 8xCHARS password Z!sN0/7u: 95 symbols length alphabet 6.70 X 1015 search space 1 days 45 minutes 59 seconds to brute ALL combinations
  • 15. So You’ve said Amazon? (14.4+14.4+7.2)x25 = 900 $$$
  • 16.
  • 18. RainBow Seek SHA-1 Benchmark SHA-1 crack speed: 3 880 000.0 MH/s for 1 hash 784 000.0 MH/s for 10 hashes 8xCHARS password Z!sN0/7u: 95 symbols length alphabet 6.70 X 1015 search space 28 minutes <-> 2 hours 22 minutes to brute ALL combinations
  • 19.
  • 20. Return to Reality Intel Core i5-3570 @ 3.4Ghz SHA-1 crack speed: ~120.0 MH/s NVIDIA 750GT (Mobile): SHA-1 crack speed: ~120.0 MH/s
  • 21. 1xi5-3570 SHA-1 Benchmark SHA-1 crack speed: 120.0 MH/s 8xCHARS password Z!sN0/7u: 95 symbols length alphabet 6.70 X 1015 search space 1 years 281 days 10 hours 30 minutes 48 seconds to brute ALL combinations
  • 23. Where to Start? We used dictionary attack as the first attempt You need good dictionary. We started with rockyou.txt You need memory for your hashes. It could be problem for GPU
  • 24. So First Try Cracked around 20% of all hashes (with rockyou.txt dictionary) It took around 5 mins  And now you have to think what to do next 
  • 25. We need moar dictionaries! RockYou contains 14 344 391 words We tried different dictionaries. The biggest was 1 212 356 398 words and 15 GB in size All this gives us approx 35% of all hashes
  • 26. Let’s brute it! We selected up to 6 char passwords with full set of characters It took around 2 hours All this gives us approx 45% of all hashes
  • 27. Magic of STATISTICS new is well-forgotten old
  • 28. What we can do get moar? HashCat has rules of transformation It mutates original word Quality of your dictionary is essential. Size doesn’t rly matters Using rules is more time consuming than just dictionary attack
  • 29. What rules are effective? We used best64, InsidePro- PasswordsPro and d3ad0ne rules It was very effective in terms of number of hashes All this gives us approx 60% of all hashes
  • 30. Time to go smarter way We have 36 millions of cracked passwords We can analyze cracked password to determine patters This patterns can produce more efficient bruteforce masks
  • 32. PACK Tool Features Can analyze list of password and generate bruteforce mask You can specify password length, time, complexity constrains Gives you some idea what type of passwords are popular
  • 33. Is PACK effective? It can crack similar passwords according that you already have You can flexibly choose best masks regarding constrains All this gives us approx 65% of all hashes
  • 34. Other types of attacks PRINCE attack, somehow similar to the using PACK tool + mutation Combination of TWO and more dictionaries Hybrid attack, that uses dictionaries + rules + bruteforce masks
  • 37. Length of password (Korelogic)
  • 39. Most Popular Passwords (Korelogic)