Download
password cracking n.
Skip this Video
Loading SlideShow in 5 Seconds..
Password Cracking PowerPoint Presentation
Download Presentation
Password Cracking

Password Cracking

341 Vues Download Presentation
Télécharger la présentation

Password Cracking

- - - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

  1. Password Cracking COEN 252 Computer Forensics

  2. Social Engineering • Perps trick • Law enforcement, private investigators can ask. • Look for clues: • Passwords frequently use SSN, names of boyfriend, girlfriend, dog, sled, …

  3. Dictionary Attacks • Passwords need to be memorizable. • Most Passwords based on actual words. • Dictionary attacks uses a dictionary: • Try all words in dictionary. • Try all words in dictionary with slight changes. • Typically very fast.

  4. Brute Force • Just try out all combinations. • 2568 possibilities for a UNIX password. • But only if all letters are equally likely. • Not feasible on a single machine. • But possibly in a P2P system. • Using Seti@home technology.

  5. Keystroke logging / sniffing • Surveillance of suspect can yield passwords. • Keystroke loggers can be set up to automatically reveal typed in passwords. • Same for network sniffers.

  6. Default Passwords • Many applications come with a default password. • VMS used to have a default super-user password. • Often, the default password is the same as the default user name. • In principle, the sys-ad changes the default password. • Recently, applications are no longer shipped with default passwords.

  7. Bios Password • Stored in CMOS • Remove power from CMOS and CMOS is reset. • Looses valuable forensic data such as the system clock. • Some BIOS can be programmatically cleaned. • Looses valuable forensic data such as the system clock.

  8. Windows 9x • Windows 9x stores the login password • in .pwl file • in the c:\windows directory • in encrypted form. • Obtain the password from the file. • Use an offline password cracker that attacks the weak encryption.

  9. Windows 9x • Windows screen saver password is stored in user.dat file in c:\windows. • Password is in simple ASCII encryption. • The screen saver password is very often the system password.

  10. Windows NT and upUnix • Only hash of password is stored. • Computationally impossible to calculate password from the hash. • Can use the hash for a dictionary or brute force attack.

  11. Various Applications • Some applications store the password in clear text in a hidden location. • Registry in Windows. • Some file attached to the application. • Or using easily breakable encryption of password in known place.

  12. Multiple Passwords • Since few users can remember many passwords, any password for a given application might also unlock other passwords.