My start password crackingI started cracking passwords around 1990 or so. Back then I used crack-4.1 which worked on des-crypt unix style passwords. CPUs and really small dictionaries were used for password cracking. Times sure have changed... Today multi-core CPUs are standard. Very powerful GPUs are standard. There are rainbow tables and terabyte precomputed hashes. Plaintext password dictionaries very from hundreds of megabytes to hundreds of gigabytes. Password hashing should have evolved to match, but in many cases it hasn't. Around 1979 Unix introduced 'salting' des-crypt used 12 bits of salt. So if your password was 'password' the hash for it might be stored 4096 different ways. This is used to make precomputed password hashes really big, and thus impractical. However, Microsoft doesn't seem to have gotten the message. Neither lan-man nor the current standard ntlan-man use hashing for reasons that baffle me. |
The main tools for password cracking are John the Ripper and HashCat. In my experience John the Ripper has infrequent official releases, but many unofficial relases. I had experienced poor GPU support under windows. It is easy to make custom rules. There is very good mailing list support. HashCat has more frequent releases. It has very good GPU support under windows. The rule syntax is primitive and very verbose.
There are a variety of wordlists. Some such as rockyou are very high quality. Other so called password dumps can be of much lower quality, and often contain very long lines (over 1k long), have non-ascii letters and have random junk in them. Specialized tools are needed to transform these password dumps into useful password lists.
Different password hashing algorithms have widely different speeds.
NTLM Speed 41825.0 MH/s md5 Speed 24943.1 MH/s LM Speed 18382.7 MH/s descrypt Speed 906.7 MH/s SHA1 Speed 788.2 MH/s scrypt Speed 435.1 kH/s WPA2 Speed 396.8 kH/s bcrypt Speed 13094 H/s https://gist.github.com/epixoip/a83d38f412b4737e99bbef804a270c40
In 1979 Unix descrypt used 12 bits of salt 1980's Unix used 48 bits of salt 1996 bcrypt used 128 bits of salt, Argon2 used 12 bits of salt Windows LM and NTLM don't use salt
I found a decent sized descrypt password dump. There were 1576 different passwords. It took me 5 years to find all of the passwords.
Using JTR dev pack 2023_05_14, no options (CPU) 537 words in 126 seconds 667 words in 633 seconds 758 words in 1,201 seconds 884 words in 3,985 seconds (wordlist password.lst) 1022 words in 22,128 seconds (incremental:ASCII)
Here is the power of wordlists
Using JTR dev pack 2023_05_14 with no options (using my CPU) found Rockyou (139mb) found 455 words in 52 sec Weakpass 2a (37gb) found 469 words in 5,675 sec Rockyou2021 (98gb) found 967 words in 12,363 sec Prince & Rockyou found 634 words in 9,243 sec
I have a 64 core AMD EPYC milan system. I have a Nvidia 3060ti 8gb graphics card 2.3 times faster than a Nvidia 1070 graphics card. It is 5-30 times faster than my EPYC. I picked it to maximize the performance / price.
Wordlists can be very fast depending on quality & size. Wordlists with rules can be faster than brute force.
Brute force, 1 password All 8 char lower @3 minutes on GPU All 8 char letters @13 hours on GPU All 8 lower, number, special @5.5 days on GPU All 8 char printable @80 days on GPU
Doesn't play nice with salt, but are very very fast. Works with LM, NTLM, MD5, etc. Defcon data duplication village - 6tb drives freerainbowtables.com GSM A51 and MD5 hash tables more rainbowtables, lanman, mysqlsha1, ntlm, and some word lists
Length: 3 : 0.3 % (3) 4 : 0.3 % (3) 5 : 2.8 % (30) 6 : 21.6 % (233) 7 : 25.5 % (276) 8 : 49.6 % (536) Chars: All lower: 60.2 % (651) All lower digit: 15.9 % (172) All lower upper: 10.8 % (117) All lower upper digit: 3.6 % (39) All lower special: 5.5 % (59) All upper: 0.2 % (2) All digits: 0.1 % (1) All special: 0.1 % (1) All upper digit: 0.1 % (1) All digit special: 0.1 % (1) All lower upper special: 1.7 % (18) All lower digit special: 1.4 % (15) All lower upper digit special: 0.4 % (4) String Classes: All alpha: 71.1 % (769) Alphas + numbers: 11.0 % (119) Alphas + specials: 2.1 % (23) Alphas + numbers + alphas: 6.5 % (70) Alphas + specials + alphas: 4.3 % (47)
I found one tab character. No standard character set includes tabs. I created a custom character set to include tab. I found one control-R character. No standard character set includes control chars. After failing an exhaustive search, I knew there was a control character. I tested current linux to see what control chars were allowed in a psssword. With the help of john the ripper mailing list, I made a special rule to insert a control char, as well as replace a char with a control char. Using a big dictionary, I found the password.
There was a password dump of a 1980 BSD computer. Most passwords were quickly cracked. Bill Joy's password was not. Its hash is 2xvLVqGHJm8M . The reason it was not quickly cracked is that it contains a control character. Initially I did not know that, and I performed a brute force search of all normal password characters. When that got to about 50% of the search space, I suspected there was a control character present. Using john the ripper, I helped create two rules. One would insert a control character in each of the 8 possible locations. The other would replace an existing character with a control character in each of the possible positions. Using a decent dictionary, I quickly found the password to be chess^Win . I have found that control characters are pretty rare in descrypt passwords. I have found one password with a tab and one password with a control-R.
Here are the passwords from the BSD 1980 dump
dmac uio bourne foobar network whatnot axolotl sacristy uucpuucp cowperso jilland1 /.,/. apr1744 ...hello sherril. wendy!!! 5%ghj pdq;dq theik!!! sn74193n p/q2-q4! graduat; 12ucdort 561cml.. ..pnn521 chess^WinHere are the rules for john the ripper:
[List.Rules:ins_control_1] >\r[00-6] '7 i\p[0-7][\x7f\x80\x01-\x1f] [List.Rules:rep_control_1] >[0-7] '8 o\0[\x7f\x80\x01-\x1f]