Showing posts with label hacking. Show all posts
Showing posts with label hacking. Show all posts

Cracking a 13 digit alphanumeric password in 160 seconds

September 18, 2007 Posted by Ravi 0 comments
The story might seem right out of science fiction. But it is true, with the rapid steep increase in computing power, it is now possible to crack a password from its encrypted state much more quickly with the aid of right kind of tools.

Jeff Attwood writes to indicate that he was able to crack a 13 digit alphanumeric password - the password in question is "Fgpyyih804423" - in just 160 seconds. For the cracking, he made use of an open source tool called Ophcrack - which is a Windows password cracker based on Rainbow tables.

A Rainbow table is a lookup table offering a time-memory tradeoff used in recovering the plain text password from a password hash generated by a hash function. For example in Linux you can store your password encrypted using MD5 or the more powerful SHA1 and SHA256. I may add that while installing Debian, Mandriva or Open SuSE, the installer asks whether you want to encrypt your password in MD5 or the more powerful SHA encryption. Choose SHA because MD5 can be easily broken....

To see your passwords in hash form in Linux, just log in as 'root' and view the /etc/shadow file.

So what this open source tool called Ophcrack does is it uses the rainbow tables to crack the passwords (thankfully only Windows passwords) in real time. They have released a LiveCD based on SlaX Linux distribution which can be used to automate the process to a large extent. The ophcrack developers claim the liveCD cracks passwords automatically, no installation necessary, no admin password necessary (as long as you can boot from CD)- so there.

While Jeff does make it sound scary, with the right precautions, Rainbow password cracking can be made useless. Thomas Ptacek a security expert explains some of the secure password schemes and the precautions you can take to secure your machine from a remote attack based on Rainbow tables.
Labels: , ,

How to find out if your Linux machine has been hacked ?

August 26, 2007 Posted by Ravi 0 comments
It is very rare that your Linux PC which you use as a Desktop will get compromised especially if you do not run any services like a web server, mail server and so on. More over many modern Linux distributions like for example Ubuntu, targeted at the end user ship with all the ports closed by default. And others like PCLinuxOS bundles with it a robust firewall. So it makes the job of an intruder all the more harder to crack into your machine.

But suppose after all the precautions you take, some resourceful cracker succeeds in finding a loophole and hacks into your machine, how do you detect that your machine has been compromised in the first place?

Lars has written a step-by-step process by which he ascertains that a Linux server run by his friend has been compromised by an intruder. His findings throw light on what you can expect and the steps to take when you are suspicious of getting your machine rooted.

The server was running a fairly updated Ubuntu 6.06 LTS. He goes on to conclude that the compromise could have been caused by :
  1. An exploit unknown to the public.
  2. A user accessing this server from an already compromised host. The attacker could then sniff the the password.
Read this very interesting article which throws some light on the actions of a hacker.
Labels: , , ,