Reasoning Analytically About Password-Cracking Software Enze Alex - - PowerPoint PPT Presentation

reasoning analytically about password cracking software
SMART_READER_LITE
LIVE PREVIEW

Reasoning Analytically About Password-Cracking Software Enze Alex - - PowerPoint PPT Presentation

Nov 12, 2022 12 likes •827 views

Reasoning Analytically About Password-Cracking Software Enze Alex Liu , Amanda Nakanishi, Maximilian Golla, David Cash, Blase Ur Chic4go 2 Attack Model 80d561388725fa74f2d03cd16e1d687c 3 Attack Model 80d561388725fa74f2d03cd16e1d687c

slide-1
SLIDE 1

Reasoning Analytically About Password-Cracking Software

Enze “Alex” Liu, Amanda Nakanishi, Maximilian Golla, David Cash, Blase Ur

slide-2
SLIDE 2

Chic4go

2

slide-3
SLIDE 3

Attack Model

80d561388725fa74f2d03cd16e1d687c

3

slide-4
SLIDE 4

Attack Model

80d561388725fa74f2d03cd16e1d687c

  • 1. h(“123456”) = e10adc3949ba59abbe56e057f20f883e

4

slide-5
SLIDE 5

Attack Model

80d561388725fa74f2d03cd16e1d687c

  • 1. h(“123456”) = e10adc3949ba59abbe56e057f20f883e
  • 2. h(“password”) = 5f4dcc3b5aa765d61d8327deb882cf99

5

slide-6
SLIDE 6

Attack Model

80d561388725fa74f2d03cd16e1d687c

  • 1. h(“123456”) = e10adc3949ba59abbe56e057f20f883e
  • 2. h(“password”) = 5f4dcc3b5aa765d61d8327deb882cf99
  • 3. h(“monkey”) = d0763edaa9d9bd2a9516280e9044d885

6

slide-7
SLIDE 7

Attack Model

80d561388725fa74f2d03cd16e1d687c

  • 1. h(“123456”) = e10adc3949ba59abbe56e057f20f883e
  • 2. h(“password”) = 5f4dcc3b5aa765d61d8327deb882cf99
  • 3. h(“monkey”) = d0763edaa9d9bd2a9516280e9044d885
  • 4. h(“letmein”) = 0d107d09f5bbe40cade3de5c71e9e9b7

7

slide-8
SLIDE 8

Attack Model

80d561388725fa74f2d03cd16e1d687c

  • 1. h(“123456”) = e10adc3949ba59abbe56e057f20f883e
  • 2. h(“password”) = 5f4dcc3b5aa765d61d8327deb882cf99
  • 3. h(“monkey”) = d0763edaa9d9bd2a9516280e9044d885
  • 4. h(“letmein”) = 0d107d09f5bbe40cade3de5c71e9e9b7
  • 5. h(“p@ssw0rd”) = 0f359740bd1cda994f8b55330c86d845

8

slide-9
SLIDE 9

Attack Model

80d561388725fa74f2d03cd16e1d687c

  • 1. h(“123456”) = e10adc3949ba59abbe56e057f20f883e
  • 2. h(“password”) = 5f4dcc3b5aa765d61d8327deb882cf99
  • 3. h(“monkey”) = d0763edaa9d9bd2a9516280e9044d885
  • 4. h(“letmein”) = 0d107d09f5bbe40cade3de5c71e9e9b7
  • 5. h(“p@ssw0rd”) = 0f359740bd1cda994f8b55330c86d845
  • 6. h(“Chic4go”) = 80d561388725fa74f2d03cd16e1d687c

9

slide-10
SLIDE 10

Chic4go

10

slide-11
SLIDE 11

Guess # 6

Chic4go

11

slide-12
SLIDE 12

Guess # 6 Guess # 13,545,239,432

Chic4go

12

slide-13
SLIDE 13

13

slide-14
SLIDE 14

Password-Cracking Methods

Probabilistic Models Software Tools

14

slide-15
SLIDE 15

Password-Cracking Methods

Probabilistic Models Software Tools

Chic4go

Guess #

15

slide-16
SLIDE 16

Password-Cracking Methods

Probabilistic Models Software Tools

16

Chic4go

Guess #

slide-17
SLIDE 17

Guess Number by Enumeration

  • 1. 123456
  • 2. password
  • 3. monkey
  • 4. letmein
  • 5. p@ssw0rd
  • 6. Chic4go

17

Does Not Scale !!!

slide-18
SLIDE 18

Our Analysis Goals

  • 1. Compute guess numbers efficiently
  • 2. Configure guessing method systematically

18

slide-19
SLIDE 19

Outline

  • State of the art
  • How software password-cracking tools work
  • Our efficient techniques for guess numbers
  • Our techniques for systematic configuration

19

slide-20
SLIDE 20

Probabilistic Models

Markov Models [Narayanan and Shmatikov, CCS 2005] Probabilistic Context-Free Grammars [Weir et al., S&P 2009] Neural Networks [Melicher et al., Usenix Security 2016]

Guess # Configuration

20

slide-21
SLIDE 21

Probabilistic Models

Markov Models [Narayanan and Shmatikov, CCS 2005] Probabilistic Context-Free Grammars [Weir et al., S&P 2009] Neural Networks [Melicher et al., Usenix Security 2016]

Guess # Configuration

[CCS 2015]

21

slide-22
SLIDE 22

Probabilistic Models

Markov Models [Narayanan and Shmatikov, CCS 2005] Probabilistic Context-Free Grammars [Weir et al., S&P 2009] Neural Networks [Melicher et al., Usenix Security 2016]

Guess # Configuration

[CCS 2015]

22

slide-23
SLIDE 23

Probabilistic Models

Markov Models [Narayanan and Shmatikov, CCS 2005] Probabilistic Context-Free Grammars [Weir et al., S&P 2009] Neural Networks [Melicher et al., Usenix Security 2016]

Guess # Configuration

[CCS 2015]

23

slide-24
SLIDE 24

Probabilistic Models

Markov Models [Narayanan and Shmatikov, CCS 2005] Probabilistic Context-Free Grammars [Weir et al., S&P 2009] Neural Networks [Melicher et al., Usenix Security 2016]

Guess-Efficient

24

slide-25
SLIDE 25

Guess-Efficient Wall-Clock Time Slow

Probabilistic Models

Markov Models [Narayanan and Shmatikov, CCS 2005] Probabilistic Context-Free Grammars [Weir et al., S&P 2009] Neural Networks [Melicher et al., Usenix Security 2016]

25

slide-26
SLIDE 26

Software Tools

John the Ripper Hashcat

26

slide-27
SLIDE 27

chicago

chicago1 chicago2 chicago3 chicago6 chicago9 chicdog chicagos CHICAG chicaga Chicago CHICAGO CHIcago

Software Tools

27

slide-28
SLIDE 28

Guess-Inefficient Wall-Clock Time Fast

Software Tools

John the Ripper Hashcat

28

slide-29
SLIDE 29

Guess-Inefficient Wall-Clock Time Fast

Software Tools

John the Ripper Hashcat

29

slide-30
SLIDE 30

Software Tools

John the Ripper Hashcat

Guess # Configuration

[S&P 2019]

30

slide-31
SLIDE 31

Outline

  • State of the art
  • How software password-cracking tools work
  • Our efficient techniques for guess numbers
  • Our techniques for systematic configuration

31

slide-32
SLIDE 32

Mangled Wordlist Attack

32

slide-33
SLIDE 33

Mangled Wordlist Attack

Wordlist

Super Password Chicago

33

slide-34
SLIDE 34

Mangled Wordlist Attack

Wordlist

Super Password Chicago

  • 1. Append “1”
  • 2. Replace “a” → “4”
  • 3. Lowercase all

34

Rulelist

slide-35
SLIDE 35

Mangled Wordlist Attack

Wordlist

Super Password Chicago

  • 1. Append “1”
  • 2. Replace “a” → “4”
  • 3. Lowercase all

35

Super1

Rulelist Guesses

slide-36
SLIDE 36

Mangled Wordlist Attack

Wordlist Rulelist

Super Password Chicago

  • 1. Append “1”
  • 2. Replace “a” → “4”
  • 3. Lowercase all

Guesses

36

Super1 Password1

slide-37
SLIDE 37

Mangled Wordlist Attack

Wordlist

Super Password Chicago

  • 1. Append “1”
  • 2. Replace “a” → “4”
  • 3. Lowercase all

Super1 Password1 Chicago1

37

Rulelist Guesses

slide-38
SLIDE 38

Mangled Wordlist Attack

Wordlist

Super Password Chicago

  • 1. Append “1”
  • 2. Replace “a” → “4”
  • 3. Lowercase all

Super1 Password1 Chicago1 Super P4ssword Chic4go

38

Rulelist Guesses

slide-39
SLIDE 39

Mangled Wordlist Attack

Wordlist

Super Password Chicago

  • 1. Append “1”
  • 2. Replace “a” → “4”
  • 3. Lowercase all

Super1 Password1 Chicago1 Super P4ssword Chic4go super password chicago

39

Rulelist Guesses

slide-40
SLIDE 40

Example Wordlists and Rulelists

Wordlist

PGS (≈ 20,000,000) Linkedin (≈ 60,000,000) HIBP (≈ 500,000,000)

40

slide-41
SLIDE 41

Example Wordlists and Rulelists

Wordlist Rulelist

PGS (≈ 20,000,000) Linkedin (≈ 60,000,000) HIBP (≈ 500,000,000) Korelogic (≈ 5,000) Megatron (≈ 15,000) Generated2 (≈ 65,000)

41

slide-42
SLIDE 42

Example Wordlists and Rulelists

Wordlist Rulelist

PGS (≈ 20,000,000) Linkedin (≈ 60,000,000) HIBP (≈ 500,000,000) Korelogic (≈ 5,000) Megatron (≈ 15,000) Generated2 (≈ 65,000)

42

109 - 1015 guesses

slide-43
SLIDE 43

Example Wordlists and Rulelists

Wordlist Rulelist

PGS (≈ 20,000,000) Linkedin (≈ 60,000,000) HIBP (≈ 500,000,000) Korelogic (≈ 5,000) Megatron (≈ 15,000) Generated2 (≈ 65,000)

109 - 1015 guesses

+ Hackers’ private word/rule lists

43

slide-44
SLIDE 44

Outline

  • State of the art
  • How software password-cracking tools work
  • Our efficient techniques for guess numbers
  • Our techniques for systematic configuration

44

slide-45
SLIDE 45

Guesses

Super1 Password1 Chicago1 Super P4ssword Chic4go super password chicago

Is This Password in the Guesses?

45

Chic4go

slide-46
SLIDE 46

Is This Password in the Guesses?

Wordlist Rulelist

Super Password Chicago

  • 1. Append “1”
  • 2. Replace “a” → “4”
  • 3. Lowercase all

Guesses

Super1 Password1 Chicago1 Super P4ssword Chic4go super password chicago

46

slide-47
SLIDE 47

We can work backwards!

Insight

47

slide-48
SLIDE 48

Insight: Invert Rules

Password

48

Chic4go

slide-49
SLIDE 49

Insight: Invert Rules

Rulelist

  • 1. Append “1”
  • 2. Replace “a” → “4”
  • 3. Lowercase all

Password

49

Chic4go

slide-50
SLIDE 50

Insight: Invert Rules

Rulelist

  • 1. Append “1”
  • 2. Replace “a” → “4”
  • 3. Lowercase all

Password

50

Chic4go

slide-51
SLIDE 51

Preimages

Chicago Chic4go

Insight: Invert Rules

Rulelist

  • 1. Append “1”
  • 2. Replace “a” → “4”
  • 3. Lowercase all

Password

Chic4go

51

slide-52
SLIDE 52

52

slide-53
SLIDE 53

*05 O03 d '7

Switch the first and the sixth char; Delete the first three chars; Duplicate the whole word; Truncate the word to length 7;

53

Chic4go

Preimages? Preimages?

slide-54
SLIDE 54

Where in the Stream?

Wordlist Rulelist

Super Password Chicago

  • 1. Append “1”
  • 2. Replace “a” → “4”
  • 3. Lowercase all

Guesses

Super1 Password1 Chicago1 Super P4ssword Chic4go

54

slide-55
SLIDE 55

Where in the Stream?

Wordlist Rulelist

Super Password Chicago

  • 1. Append “1”
  • 2. Replace “a” → “4”
  • 3. Lowercase all

Guesses

Super1 Password1 Chicago1 Super P4ssword Chic4go

55

slide-56
SLIDE 56

Counting Guesses For Each Rule

Super Password Chicago

Wordlist Rule Guesses

Reject if no “a”; Replace a→ 4 2

56

slide-57
SLIDE 57
  • Fast Guess Number Estimation

Our First Contribution

57

slide-58
SLIDE 58

Fast Guess Number Estimation

58

Linkedin + SpiderLab

slide-59
SLIDE 59

Fast Guess Number Estimation

59

Linkedin + SpiderLab Guesses

slide-60
SLIDE 60

Fast Guess Number Estimation

60

Enumeration Our Approach Size ~ 3 PB ~ 10 GB Linkedin + SpiderLab Guesses

slide-61
SLIDE 61

Fast Guess Number Estimation

61

Enumeration Our Approach Size ~ 3 PB ~ 10 GB Preprocessing > 2 years < 1 day Linkedin + SpiderLab Guesses

slide-62
SLIDE 62

Fast Guess Number Estimation

62

Enumeration Our Approach Size ~ 3 PB ~ 10 GB Preprocessing > 2 years < 1 day Mean Lookup ??? < 1 second Linkedin + SpiderLab Guesses

slide-63
SLIDE 63

Outline

  • State of the art
  • How software password-cracking tools work
  • Our efficient techniques for guess numbers
  • Our techniques for systematic configuration

63

slide-64
SLIDE 64

Software Tools Depend On

  • Order of rules
  • Contents of the rulelist
  • Order of words
  • Contents of the wordlist

64

slide-65
SLIDE 65

Wordlist Rulelist

Insight: Data-Driven Configuration

65

Password Set

slide-66
SLIDE 66

Wordlist Rulelist New configuration

Insight: Data-Driven Configuration

66

Password Set

slide-67
SLIDE 67

Data-Driven Configuration

  • Order of rules
  • Contents of the rulelist
  • Order of words
  • Contents of the wordlist

67

slide-68
SLIDE 68
  • Should the rules be in a different order?

Rule Ordering

  • 1. Append “1”
  • 2. Replace “a” → “4”
  • 3. Lowercase all
  • 1. Replace “a” → “4”
  • 2. Lowercase all
  • 3. Append “1”

68

slide-69
SLIDE 69
  • Should the rules be in a different order?
  • Key idea: Order by # cracks per guess

Rule Ordering

  • 1. Append “1”
  • 2. Replace “a” → “4”
  • 3. Lowercase all
  • 1. Replace “a” → “4”
  • 2. Lowercase all
  • 3. Append “1”

69

slide-70
SLIDE 70

Rule Ordering Results

70

Ideal Data-driven Original

slide-71
SLIDE 71

Rule Ordering Results

71

Ideal Data-driven Original

slide-72
SLIDE 72

Rule Ordering Results

72

Ideal Data-driven Original

72

slide-73
SLIDE 73
  • Should other words be in the wordlist?
  • Key idea: Add frequent preimage “misses”

Word Completeness

Preimages Rulelist

  • 1. Append “1”
  • 2. Replace “a” → “4”
  • 3. Lowercase all

Oakland1 O@kl@nd

  • akland

Oakland

73

slide-74
SLIDE 74

Word Completeness (Sample Results)

Category Examples Set-specific bfheros; ilovmyneopets”””

74

slide-75
SLIDE 75

Word Completeness (Sample Results)

Category Examples Set-specific bfheros; ilovmyneopets””” Meaningful MaSterBrain; la la la

75

slide-76
SLIDE 76

Word Completeness (Sample Results)

Category Examples Set-specific bfheros; ilovmyneopets””” Meaningful MaSterBrain; la la la Short strings a2; a23; 7a; b2; q2

76

slide-77
SLIDE 77

Takeaway

77

Analytical Tools

slide-78
SLIDE 78

Analytical Tools Guess Number

Takeaway

78

Analytical Tools Guess Number

slide-79
SLIDE 79

Takeaway

79

Analytical Tools Guess Number Configuration Tools

slide-80
SLIDE 80

Takeaway

https://github.com/UChicagoSUPERgroup/

80

Analytical Tools Guess Number Configuration Tools

slide-81
SLIDE 81

Analytical Tools Guess Number Configuration Tools

https://github.com/UChicagoSUPERgroup/

Takeaway

Reasoning Analytically About Password-Cracking Software

Enze “Alex” Liu, Amanda Nakanishi, Maximilian Golla, David Cash, Blase Ur

81