A few days ago Ars Technica published an article ‘Anatomy of a hack: How crackers ransack passwords like “qeadzcwrsfxv1331”‘. To summarize three of my fellow associates were given the opportunity to try their hand at cracking 16,449 hashes from an unknown site compromise. The results followed.
Jeremi Gosney – was able to achieve a marked score of 89.57%, given 20hrs, and a single ATI 7970 (2048 cores)
Jens Steube – reached an impressive 81.99% with 13,486, this was achieved in 1 hour using a single 6990. (3072 cores, 2 GPU’s in one card)
Radix – scored 62% using a 14M dictionary and a single ATI 7970
Having worked with Atom (Jens Steube) & Radix in past for the Korelogic – “Crack Me if you can contest” and Jeremi on the ‘Linked-in’ hashlist (achieving a 90%+ crack rate). I wasn’t surprised to learn what they were able to achieve using modest hardware, and a stringent time constraint. After I read the article I wanted to see how I might compare. I contacted Jeremi to obtain a copy of the 16,449 hash file.
On your mark, get set, go…
I assembled a test machine with a single 7970, copied the latest version of oclhashcat-plus (a GPU accelerated hash cracking tool created by Atom), a copy of the hashes from Dan’s article, and my often used specialized dictionary. The occurrence sorted dictionary amounts to 1.1GB, and contains a combined total of 111,783,746 plain text passwords that have been compiled over time from various database breaches.
I set my phone timer for the 1 hour mark. With my terminal open and a command line ready to go I hit the enter key on my first attack. Like some of the others I use a separate terminal to keep an eye on the output file.
./oclHashcat-plus64.bin --remove -o dan1.out dan.hashes.txt mydic.txt
Input.Mode.....: File (mydic.txt)
Hash.Target....: File (dan.hashes.txt)
Time.Started...: Fri May 31 02:57:27 2013 (33 secs)
Time.Estimated.: 0 secs
Speed.GPU.#1...: 22014.4 kH/s
Recovered......: 6821/16449 (41.47%) Digests, 0/1 (0.00%) Salts
Progress.......: 106007478/106007478 (100.00%)
Rejected.......: 2/106007478 (0.00%)
HWMon.GPU.#1...: 0% Util, 24c Temp, 35% Fan
Started: Fri May 31 02:57:27 2013
Stopped: Fri May 31 02:58:02 2013
In one fell swoop (33 seconds) 6,821 hashes fell off the chopping block, and in the first few seconds I had cracked 41.46%. I up arrowed in my terminal and added a single command to the end of my previous entry ‘-r rules/d3ad0ne.rule’ and pressed the enter key.
Rules.Type.....: File (rules/d3ad0ne.rule)
Input.Mode.....: File (mydic.txt)
Hash.Target....: File (dan.hashes.txt)
Time.Started...: Fri May 31 02:58:50 2013 (4 mins, 34 secs)
Time.Estimated.: Fri May 31 03:16:48 2013 (13 mins, 14 secs)
Speed.GPU.#1...: 3242.9 MH/s
Recovered......: 4833/9628 (50.20%) Digests, 0/1 (0.00%) Salts
Progress.......: 936357465216/3643265003904 (25.70%)
Rejected.......: 68736/936357465216 (0.00%)
HWMon.GPU.#1...: 87% Util, 54c Temp, 43% Fan
Started: Fri May 31 02:58:50 2013
Stopped: Fri May 31 03:03:34 2013
After a few seconds the rate at which the cracked hashes started scrolling past my monitored output started to slow down. Akin to listening to popcorn in a microwave and being cautious to stop it once the majority of the kernels were done. I ended up with another 4,833 popped hashes putting me at 70.85% cracked in the first five minutes, this left me with 4,795 hashes remaining. This continued in a similar fashion using many of the same techniques that the others used, techniques that have been developed over time to quickly widdle away the largest majority of hashes. They included using hybrid techniques which uses a combination of a dictionary while bruteforcing the last few characters of a given plain text, and rule based attacks. With each subsequent run between 30 to 400 hashes would be eliminated.
Finally with only a few minutes remaining of my hour having only used a single tool (oclhashcat-plus) I switched to the CPU version. I loaded my rule list, and a dictionary of all the cracked plaintext words from my previous runs. The CPU version not limited to the 15 character limit netted me a final 334 hashes.
Before starting I had set a goal of achieving at least 80%. I tallied my results from all my output files:
wc -l dan*.out
13137/16449*100 = 79.865% Just 22 hashes shy of reaching my goal of the 80% mark.
This put me below Atom on the scoreboard trailing by 349 hashes. Atom having a GPU with an extra 1024 cores (33% more) may have helped but overall I was happy with the results.
Why would a hacker want your password?
Dan Goodin the author of the Ars article is an excellent journalist. Having talked with him in the past he ask many of the right questions. But one thing I felt was lacking in his article was “why?” Why would a hacker want your password for a forum that you might have registered on and only posted once, or an account created to receive free coupons. The short answer is they don’t necessarily want your password, they want to crack as many from the list as they can. Hackers primarily have two goals for compromising a database. One is simply because they can. Some see it as a challenge to conquer the security of a website, a database of emails and hashes as their trophy. This also helps to raise their status as a hacker. While other hackers seek to gain monetary compensation.
In the underground world of blackhat trading, an email and an associated plain text password is worth something. If you have enough of them spammers are willing to pay top dollar for first crack to compromise your email account. The more passwords that can be cracked the more valuable the database. The Ars article shows (as well as mine) that 80%+ can be cracked with simple hardware and in a relatively short amount of time. Using bots and automated tools a spammer will check each combination of email and password to try and gain access to the list of potential accounts. A rough figure of about 10% is common for most newly compromised databases. If a successful email+password combination are found the bot/tool will enumerate all the contacts in the sent and contact list. Pilfering a list of new email addresses to add to their spamming list. Additionally most people are more likely to read an email from someone they know, so using the contact list the spammer will send out emails with “your name” in the “from” field. I’m sure many have seen an email from a relative or friend with the body of the content being spam. To make matters worse hackers who have been at it for long enough have very comprehensive plain text wordlist. As outlined in this Security Now! podcast there is virtually no way for a human to come up with a password that is 100% safe unless it is completely random & relatively long. Even then there’s no guarantee that the site isn’t storing your password in plain text.
So what can be learned from all this? As stating many (many, many, many) times before don’t use the same password on multiple sites. This is just what the hackers want you to do. Enable two-factor on your email if you can, this virtually eliminates you from being compromised by automated tools even if the same password is used. And finally “be in the 95%”. What this means is make your password harder then the other 95% of users on a given site. Hackers will generally give up after they crack the first ~90% if it’s an easy hash type. If you can hide in the upper 5% then you’re relativity safe. The easiest way to follow these rules is to use a password manager and two factor authentication (my primary reason for developing the Pass-Pal). LastPass is a wonderful password manager and even supports 2-factor login. Sites like ShouldIChangeMyPassword.com monitor public database breaches, sign up to have your email monitored against any new list.
PS – In the original article and follow up article it doesn’t seem to mention what site the 16,449 hashes came from. From what I can tell it appears to be myplan.com. So if you have an account on that site you may want to change your password.
PSS- Anyone interested in seeing the PACK results for my found hashes can viewed here.