COMP4108 — Fall 2012

Computer Systems Security

Please e-mail the TA a message with the subject line: COMP4108 A4 and a zip file containing the following attached:
  1. A PDF of your assignment report, including a cover page with your name and the assignment details on the front.
  2. Any code you wrote.
  3. Any scripts you wrote.
  4. Any screenshots you reference (if not in report).
  5. Any separate output files referenced by the PDF report
If you chose to work in a pair please have both members of the team submit your team's assignment.

Hint:
Instructions on how to copy files to and from your local machine and your VM have recently been added to the bottom of the VM page. You may find this useful for submitting code/scripts/log files
When SSHing into your VM for this assignment you will be warned that the host key for your VM has changed. This is because since the last time you've connected your VM has been replaced with a new one at the same port/ip. You are safe to remove the old hostkey and trust the new one. For Linux/OSX users, edit ~/.ssh/known_hosts. On Windows with Putty I believe you just have to accept the new key when prompted.

John the Ripper

In this assignment you will be using the John The Ripper password cracker. John is a long standing UNIX based password cracker that is capable of cracking passwords in a variety of formats using a variety of cracking modes/strategies. You will be using John to perform an offline attack on both Linux password hashes as well as an AES256 encrypted file. You will also get the chance to use John for an online attack on a web site.

START EARLY!

Password cracking is an inherently CPU-bound operation. Each group will be cracking passwords from a VM running from the same host server. That means that by the due date if all students are cracking passwords on their VM at once it is likely to be considerably slower than if you started early!

The longer you run your password cracker for the more passwords it will guess. Start early to ensure you can crack as many accounts as possible to maximize your grade!

Grading Scheme

We have attempted to create the grading scheme for this assignment such that if you can't get a particular component working, or if you are unable to crack a large number of passwords it is still possible to receive a good grade by describing your work. Even if your code doesn't work please try to describe what you intended it to do, and the rationale for your decisions. For the password cracking questions we are looking for process more than volume of accounts cracked.

For the portion of the grade based on the # of accounts cracked points will be awarded based on the performance of the best submission (i.e. if the best submission cracked 10/100 accounts, they will receive full marks and other submissions will be graded in relation to 10/100 accounts).

Before you can start cracking passwords you will need to prepare John the Ripper. Generally on a Ubuntu system this would only require running aptitude install $pkgname. For this assignment you require the latest updates to John as well as a community contributed jumbo patch that adds support for more cracking options. For these reasons you will have to compile John from source as one of the first steps.

John supports a wide variety of cracking modes, in order to allow you to test these modes you have been provided with three Linux password dumps easy_dump, medium_dump and hard_dump. These dumps were created by capturing the /etc/passwd and /etc/shadow files on three Linux systems. The passwd and shadow file were combined using John's unshadow utility to transform the files into a format ready to be cracked.

For Part A, you will need to:

  1. Copy the John source archive to your home directory from /A5/
  2. Extract the John archive using the tar command.

    Hint:
    The John source code archive also includes the documentation and help files in the doc/ directory. The documentation will be invaluable in learning the cracking modes available to you
  3. Following the instructions from doc/INSTALL compile John in your home directory. Submit the commands you run to accomplish this. You do not need to submit the output from compiling John.

    Hint:
    You will need to know the architecture of the system you are building on. You can find this by running arch.
  4. Test John by changing to the run directory and invoking ./john --test
  5. 14 Marks Crack as many passwords from /A5/easy_dump, /A5/medium_dump, and /A5/hard_dump as you can. Submit your results as shown by john --show DUMP_FILE_YOU_CRACKED. Describe the cracking modes you used for each dump, and comment on the results observed. Submit the commands run, but do not submit the output from the cracking process. Please do submit the cracked passwords as displayed by john --show.

    Experiment with the various password cracking 'modes' to crack as many of the passwords from each dump as you can. Start with easy_dump, 9/10 of the passwords can be cracked with minimal effort/configuration. The other two dumps will require you to experiment with the various cracking modes & options that John offers.

    Note:

    The majority (60%) of the grades for this question will be based on your use of John, and the explanations you include. The remaining grade will be assigned based on your success cracking passwords from the three dumps. Don't worry if you don't get them all!

  6. 2 Marks The password hashes provided in the dump files are salted password hashes. Explain why password hashes are often salted, and any security properties the salt adds. Explain how the salt effected your password cracking.


  7. Hint:
    The dumps contain md5crypt formatted password hashes.

    Hint:
    There are two main ways you will improve the number of passwords you crack for this part of the assignment:
    1. Using a bigger wordlist for the dictionary attack
    2. Using different cracking modes
    John ships with a modest wordlist in run/password.lst. You could also try using the system dictionary in /usr/share/dict/. The larger the word list, the longer you will spend cracking (especially when combined with mangle rules). Consider finding auxiliary word lists from popular password dumps.

    You should start by cracking with a small wordlist, in single cracking mode and progress forward to the cracking modes that will take longer to complete. Experiment with using the rules mangle mode to transform your dictionary words with common letter substitutions/digits/symbols. Remember that mangle mode greatly increases the # of candidate passwords tried. You might also want to try incremental mode, but remember that this is a brute force attack that will likely never terminate! You should only run incremental mode as a last resort, and be prepared to stop it manually or you may be waiting a long, long time before you see any results.

You've come across an encrypted file posted online by a paranoid fellow-hacker. You're not sure what is inside the file, but you're dying to find out! You overheard the hacker bragging about his security prowess in a seedy IRC channel. It seems to you that he has some misconceptions about security that you might be able to exploit...

Given what you heard the hacker say, this is what you currently know about the file:

  • It is located in /A5/secret_file.aes256.txt
  • It was encrypted using AES 256 using the openssl command line tool.
  • The encrypted file is BASE64 encoded.
  • The hacker thought that since passwords were insecure, they would first hash their encryption password using md5 to make it "more random" and harder to guess.
  • The md5 hash of the hacker's password was used as the password given to openssl for the AES encryption.

Your job is to break the encryption on the file by using John to guess the password. The custom scheme that the hacker used meant that you will have to write your own script that uses john to guess candidate passwords, converts them to an md5 hash, and attempts to decrypt the file using the hash and the openssl command line tool.


Submit the following:

  1. 8 Marks The script(s) you wrote to crack the encryption on the file. Use whatever tools/language you wish (I used BASH and command line tools myself)
  2. 2 Marks A description of how your script works
  3. 2 Mark The contents of the decrypted file
  4. 4 Mark An explanation of why you were able to decrypt the file despite the hacker's carefully thought out (though flawed) protections
Hint:
The openssl command is very picky about ensuring that you use the same options to decrypt a file as you used to encrypt it. In order to let you verify that you know how to decrypt the encrypted /A5/secret_file.aes256.txt We have provided you /A5/practice_file.aes256.txt.

We have encrypted this file exactly the same way as the hacker, but with the password lolsecret. You should make sure you can decrypt this file using that password before you try to write your script to try decrypting secret_file.aes256.txt. When you have decrypted the practice file using the lolsecret password you will know you have the right options for openssl and can move on to guessing the password for the attacker file.

Hint:
Start by writing a script that reads candidate passwords from John. You will have to configure John to output candidate passwords on STDOUT and pipe that to your script (or read it from within the script).

Once you have John sending you candidate passwords, figure out how to create MD5 hashes of the candidate passwords. Remember not to hash a newline, i.e. if you use echo foo | md5sum it hashes foo\n. Use echo -n instead.

Next, write the code that will use the candidate passwords and the openssl command line tool to try and decrypt the file.

Finally, modify your script so that when the correct password guess is provided the script terminates. You will have to figure out how you can verify whether a guess was correct/incorrect.

You've recently stumbled onto a hot new member's only website (hosted on your VM on port 5000) that seems to be all the rage in the underground community. Nobody is willing to tell you what the website is about, and all of the good bits seem to be hidden behind a login page.

You desperately want to get an account so that you can log in to the website and find out what the big deal is. It doesn't look like the website is accepting new sign-ups, so I guess you'll have to borrow someone else's account. Trouble is, you don't know anyone with an account, or what any of the usernames could be. You estimate that there are aproximately 10,000 active usernames.

That's only the start of your troubles! Once you know some active usernames you still have to guess the passwords. It looks like the creators of the website anticipated attackers such as yourself as they have implemented a strict 3 password attempt lockout. Trying more than 3 incorrect passwords for a single account will lock that account for 2 hours.

Your task is two-fold:

  1. Using a bzipped public dump of firstnames from Facebook write a script that finds active usernames on the website. The more active usernames you find the easier it will be to crack one of them.
  2. Using your list of active usernames, write a script that tries to break into each account by guessing the password. Spend some time thinking about the optimal strategy that will get you access to the most accounts while avoiding locking the accounts out from invalid guesses.

Submit the following:

  1. 4 Marks The script/code you used to find active usernames.
  2. 2 Marks A description of how the script/code works
  3. 4 Marks The script/code you used to crack accounts.
  4. 2 Marks A description of how the script/code works.
  5. 3 Marks A paragraph or two describing your cracking strategy. Be sure to explain why the account lockout policy was ineffective against the better students (who are able to break into accounts regardless).
  6. 1 Mark A screenshot of the member's only section of the website.
Hint:
You will have to use the port forwarding techniques you learned in the last assignment to access the web service on port 5000 from outside of your VM using one of your cracked accounts to take the screenshot. You should do all other parts (i.e. finding usernames/cracking passwords) from the VM itself and not from your computer.

Hint:
You will have to send each guess to the server from your attack script. Most programming languages have library code capable of sending a HTTP POST request. If your scripting language doesn't, use the curl command line tool.