Upload
2-funky
View
236
Download
0
Embed Size (px)
Citation preview
7/27/2019 Lab2 Lecture
1/57
ECE 4883 - Internetwork Security 1
Password Cracking and Sniffing Agenda
! Storing Passwords on the system
! Password Cracking on Windows and Linux
!Defenses against Password cracking
! Sniffing
! Defenses against Sniffing
! Address Resolution Protocol (ARP)! Man in the Middle
7/27/2019 Lab2 Lecture
2/57
ECE 4883 - Internetwork Security 2
Cracking Passwords
Passwords that can be guessed easily area problem
Lots of tools available to figure out
passwords L0phtcrack windows password cracker
John the Ripper Unix password cracker Default passwords remaining on a systemare a typical vulnerability
7/27/2019 Lab2 Lecture
3/57
ECE 4883 - Internetwork Security 3
Password storage Password files have passwords stored in a hashed or
encrypted form
Hash algorithm example is message digest 4 (MD4)
Encrypted algorithm example is Data EncryptionStandard (DES)
When you use your password, it is hashed or encryptedand then compared to the stored value
Crackers use a downloaded local copy of password fileon their own machine
7/27/2019 Lab2 Lecture
4/57
ECE 4883 - Internetwork Security 4
Storing Passwords
Systems have a file with all hashed/encrypted
passwords
! Windows SAM (Security Accounts Manager) database
! UNIX - /etc/passwd or /etc/shadow
Access to these files can make it easy for a
hacker to break in
7/27/2019 Lab2 Lecture
5/57
ECE 4883 - Internetwork Security 5
Windows Passwords Security Accounts Manager (SAM) has two versions for each
password LanMan (LM) password version for backward compatibility with
windows workgroups
NT Hash cryptographic hash for windows NT/2000 (Uses MD4)
SAM file is in \WINNT\system32\config\ directory which is a binaryfile that is hard to read
Back up copy stored in \WINNT\repair
7/27/2019 Lab2 Lecture
6/57
ECE 4883 - Internetwork Security 6
Using Passwords System has a hashed/encrypted version of the password stored
in a file
On login attempt
! system hashes/encrypts the password typed in by using for
example crypt() function in linux
! Compares hashed/encrypted value to stored
hashed/encrypted value
! Idea behind password cracking is to get a copy of the
hashed/encrypted passwords and then make guesses,
hash/encrypt the guess and compare
7/27/2019 Lab2 Lecture
7/57
ECE 4883 - Internetwork Security 7
Password Cracking Dictionary Attack
! Hackers steal a copy of the stored password file! Guess a password (may use a dictionary)
! Find hash/encrypted value of the guess
! Compare hash to entries from stored file! Continue this till success or out of options for password
guesses.
Brute Force Guess every possible combination of characters
Hybrid Use dictionary but add characters to dictionary entries
7/27/2019 Lab2 Lecture
8/57
ECE 4883 - Internetwork Security 8
Password retrieval on Windows
Sniff the network for passwords being
transmitted
From Administrators emergency repair disk
From back-up directory
7/27/2019 Lab2 Lecture
9/57
ECE 4883 - Internetwork Security 9
Password Cracking on Windows L0phtCrack lc4 (Windows)
! Available at [email protected]/research/lc/! Password Auditing and Recovery Application
! Default English dictionary 50,000 words
! Does hybrid attacks! Our free trial version does not allow brute force (for $350 can purchase
with that capability)
! Works on weaker LanMan (LM) as well as NT hashes
! Can sniff a network for LanMan hashed passwords
! Can download from a local machine or remote computer the hashed
password file
7/27/2019 Lab2 Lecture
10/57
ECE 4883 - Internetwork Security 10
L0phtCrack (lc4)
Some statistics (from the website)
! L0phtCrack obtained 18% of the passwords in 10
minutes
! 90% of the passwords were recovered within 48hours on a Pentium II/300
! The Administrator and most Domain Admin
passwords were cracked
7/27/2019 Lab2 Lecture
11/57
ECE 4883 - Internetwork Security 11
7/27/2019 Lab2 Lecture
12/57
ECE 4883 - Internetwork Security 12
Password Cracking on UNIX John the Ripper
Available at http://www.openwall.com/john/ Supports six hashing schemes including XP
Old Unix used /etc/passwd to store passwords
Password is stored after cryptographically altered Various algorithms (hash/encrypted) used by various Unix platforms
/etc/password is readable by everyone
Some Unix store in a shadow password file thus /etc/passwd does not
contain the passwords since they are instead in /etc/shadow or /etc/secure,
only root can access these files
If shadow file used, must have root to copy
7/27/2019 Lab2 Lecture
13/57
ECE 4883 - Internetwork Security 13
Password retrieval on Linux List of login names and usernames in
/etc/passwd
List of encrypted passwords in /etc/shadow
Only /etc/shadow is enough to crack the
passwords.
Having both files makes it easier
7/27/2019 Lab2 Lecture
14/57
ECE 4883 - Internetwork Security 14
John the Ripper Combine information from /etc/passwd and
/etc/shadow into one file
Use this file as input for John the Ripper
John can create guesses by
! Using built-in dictionary
! Using account information
! Using brute-force guessing algorithm
7/27/2019 Lab2 Lecture
15/57
ECE 4883 - Internetwork Security 15
John the Ripper Scrambling used for each guess
When a password is cracked, result displayed
on screen
During execution of this tool, hitting any key
will give current guess and status
Password complexity determines time neededfor cracking them
7/27/2019 Lab2 Lecture
16/57
ECE 4883 - Internetwork Security 16
Defenses against Password Cracking
Select good passwords (not dictionary based)
Change regularly
Use tools to prevent easy passwords
Use password cracking tests against own systems
Protect system back ups that have password files
Unix: activate password shadowing Windows: disable weaker LM authentication if no
windows 95/98 machines on network
7/27/2019 Lab2 Lecture
17/57
ECE 4883 - Internetwork Security 17
Agenda"Storing Passwords on the system
"Password Cracking on Windows and Linux
"Defenses against Password cracking
Sniffing
Defenses against Sniffing
Address Resolution Protocol (ARP)
Man in the Middle
7/27/2019 Lab2 Lecture
18/57
ECE 4883 - Internetwork Security 18
Sniffing Collect information being transmitted on the
network
Attacker must be either on source, destination
or intermediate network
Sniffed information can be stored/logged
7/27/2019 Lab2 Lecture
19/57
ECE 4883 - Internetwork Security 19
Sniffing traditional LANS Traditional networks
! Broadcast medium easy to sniff
H
UB
attacker
Data A
DataA
Data A
DataA
7/27/2019 Lab2 Lecture
20/57
ECE 4883 - Internetwork Security 20
Sniffing Switched LANS Switched LANS
! Difficult to do, but possible
! ARP Cache Poisoning - Attacker must inject
packets into the network to redirect traffic! Attacker lies about the MAC address intercepts
traffic
ARP tells which MAC address corresponds to which IPaddress
7/27/2019 Lab2 Lecture
21/57
ECE 4883 - Internetwork Security 21
Sniffing Switched LANS
S
W
I
T
C
H
attacker
Data A Data A
7/27/2019 Lab2 Lecture
22/57
ECE 4883 - Internetwork Security 22
Sniffit Easy to use sniffer
Available at:http://reptile.rug.ac.be/~coder/sniffit/sniffit.html
Can be run in interactive mode
Can be used to sniff traditional LANS
For Switched LANS, must be used with ARPCache Poisoning tools
7/27/2019 Lab2 Lecture
23/57
ECE 4883 - Internetwork Security 23
Sniffit Conditions to use (from the Sniffit web page):
! You should be ROOT on your machine
! The machine has to be connected to a network
! You have to be allowed to sniff (ethical condition)
7/27/2019 Lab2 Lecture
24/57
ECE 4883 - Internetwork Security 24
Sniffit Interactive mode All TCP traffic can be viewed in main screen
Traffic from each system and port to each
system and port can be seen
Has option to see data in a particular stream
flow
7/27/2019 Lab2 Lecture
25/57
ECE 4883 - Internetwork Security 25
ethereal From http://www.ethereal.com/
Ethereal is a free network protocol analyzer for Unix andWindows.
It allows you to examine data from a live network or
from a capture file on disk.
You can interactively browse the capture data, viewingsummary and detail information for each packet.
Ethereal has several powerful features, including a richdisplay filter language and the ability to view thereconstructed stream of a TCP session.
Source: www.ethereal.com
7/27/2019 Lab2 Lecture
26/57
ECE 4883 - Internetwork Security 26
Source: www.ethereal.com
7/27/2019 Lab2 Lecture
27/57
ECE 4883 - Internetwork Security 27
Defense against Sniffing Transmit encrypted data across a network
Dont use telnet, rsh,rlogin
Use Secure Shell
Use VPNs to encrypt data between systems
Use switches instead of hubs makes sniffing
more difficult
7/27/2019 Lab2 Lecture
28/57
ECE 4883 - Internetwork Security 28
Defense against Sniffing For critical systems
! MAC level filtering on switches
! Restrict MAC addresses that can send and receive
data on specific switch plugs! Hard code ARP tables on critical systems
7/27/2019 Lab2 Lecture
29/57
ECE 4883 - Internetwork Security 29
Agenda"Storing Passwords on the system
"Password Cracking on Windows and Linux
"Defenses against Password cracking
"Sniffing
"Defenses against Sniffing
Address Resolution Protocol (ARP)
Man in the Middle
7/27/2019 Lab2 Lecture
30/57
ECE 4883 - Internetwork Security 30
What is ARP?Address Resolution Protocol
! Used to convert IP addresses to MACaddresses
! Low-Level Protocol! Essential for inter-network communication
!Used in networks with broadcast capabilities;usually Ethernet
7/27/2019 Lab2 Lecture
31/57
ECE 4883 - Internetwork Security 31
How does ARP work? Inter-network Example
! A forwards packet to Gateway
! Gateway checks to see if it hasthe IP address in the cache
! If so, change the address andformat packet appropriately and
forward on the network
! Otherwise broadcast a requeston the network. B will respondwith MAC address. Format
packet and forward to B.
7/27/2019 Lab2 Lecture
32/57
ECE 4883 - Internetwork Security 32
How does ARP work?
LAN Example! A sends ARP request packet
on LAN
! Only the machine withmatching IP responds withMAC
! B caches the IP & MAC pair
! Forwards all packets forsame IP to the cached MAC
7/27/2019 Lab2 Lecture
33/57
ECE 4883 - Internetwork Security 33
Example of ARP in Use
The figure shows the
use of ARP when acomputer is trying to
contact another
computer (sysa) on
the same LAN using
the ping program:
7/27/2019 Lab2 Lecture
34/57
ECE 4883 - Internetwork Security 34
Four Types of ARP Messages
ARP request
ARP reply
RARP requestRARP reply
Reverse Address Resolution
7/27/2019 Lab2 Lecture
35/57
ECE 4883 - Internetwork Security 35
Reverse Address Resolution
Protocol (RARP) Physical address of host machine is able to
request its IP from a gateway servers ARP table
A router maps the MAC address to
corresponding Internet Protocol addresses RARP client program requests from the RARP
server on the router to be sent its IP address
RARP then returns the IP address to themachine which can store it for future use
7/27/2019 Lab2 Lecture
36/57
ECE 4883 - Internetwork Security 36
Format of ARP Message
The ARP request includes:
-target machine (TARGET IP)
-IP address of the sendermachine
(SENDER IP)
-physical address of the sender
(SENDER HA)-physical address of target
machine
(TARGET HA)
7/27/2019 Lab2 Lecture
37/57
ECE 4883 - Internetwork Security 37
ARP Poisoning
Note: ARP is stateless
The malicious computer
(Machine C) can send an
ARP Reply to A and causeA to associate Bs IP with
Cs MAC address.
This will cause allmessages from A to B to go
to C
Do the same to B
7/27/2019 Lab2 Lecture
38/57
ECE 4883 - Internetwork Security 38
ARP Poisoning
C can now act as middle
man for all communications
between A and B.
C can decide which packetsare forwarded and which
are discarded.
C can also altercommunications packets
between A and B.
This attack can act as a
doorway.
7/27/2019 Lab2 Lecture
39/57
ECE 4883 - Internetwork Security 39
After in the Middle:Sniffing It is the easiest attack to launch since all
the packets transit through the attacker.
All the plain text protocols arecompromised (the attacker can sniff userand password of many widely used
protocol such as telnet, ftp, http)
7/27/2019 Lab2 Lecture
40/57
7/27/2019 Lab2 Lecture
41/57
ECE 4883 - Internetwork Security 41
After in the Middle: Injecting Possibility to add packets to an already established
connection (only possible in full-duplex MITM)
The attacker can modify the sequence numbers and
keep the connection synchronized while injectingpackets.
If the MITM attack is a proxy attack it is even easier toinject (there are two distinct connections)
Attacks examples (1)
7/27/2019 Lab2 Lecture
42/57
ECE 4883 - Internetwork Security 42
Attacks examples (1)
Command injection
Useful in scenarios where a one time
authentication is used (e.g. RSA token). In suchscenarios sniffing the password is useless, buthijacking an already authenticated session is
possible
Injection of commands to the server
Emulation of fake replies to the client
Attacks examples (2)
7/27/2019 Lab2 Lecture
43/57
ECE 4883 - Internetwork Security 43
Attacks examples (2)
Malicious code injection
Insertion of malicious code into web
pages or mail (javascript, trojans, virus,etc)
Modification on the fly of binary files
during the download phase (virus,backdoor, etc)
7/27/2019 Lab2 Lecture
44/57
ECE 4883 - Internetwork Security 44
Attacks The attacker can modify the payload of the
packets by recalculating the checksum
The length of the payload can also be changedbut only in full-duplex (in this case the seqnumber has to be adjusted)
7/27/2019 Lab2 Lecture
45/57
ECE 4883 - Internetwork Security 45
The Lab Exercise Set up
7/27/2019 Lab2 Lecture
46/57
ECE 4883 - Internetwork Security 46
The Exercise - Tools
Ethereal Ettercap
Hunt
7/27/2019 Lab2 Lecture
47/57
ECE 4883 - Internetwork Security 47
The Exercise Playing with ARP
Check ARP Table on all machines Observe changes to the ARP table using Ethereal as
unknown IP addresses are pinged
Get a better feel for ARP by making manual changesto the ARP table
Observe effects of making incorrect entries into the
ARP table
7/27/2019 Lab2 Lecture
48/57
ECE 4883 - Internetwork Security 48
Using Ettercap
Th L b
7/27/2019 Lab2 Lecture
49/57
ECE 4883 - Internetwork Security 49
The Lab - Introduce Ettercap
Th E i U i E
7/27/2019 Lab2 Lecture
50/57
ECE 4883 - Internetwork Security 50
The Exercise Using Ettercap
Use Ettercap for Operating System finger printing Use Ettercap passively for sniffing
! Use Redhat 8.0 machine to ARP poison both 7.2 machines
! Start an FTP communication between the two 7.2 machines
! Observe traffic between the two 7.2 machines
Use Ettercap actively for disruption
! Start a telnet connection between the two 7.2 machines
! Use filters to disrupt the connection between the twomachines
Th E i U i H t
7/27/2019 Lab2 Lecture
51/57
ECE 4883 - Internetwork Security 51
The Exercise Using Hunt
Hijack a connection between the two 7.2machines
! ARP poison the 7.2 machines
! Start an active connection between the two 7.2machines
! Use Hunt to hijack the connections
#This may take a little time to complete
Session hijack exampleFrom http://staff.washington.edu/dittrich/talks/qsm-sec/
7/27/2019 Lab2 Lecture
52/57
ECE 4883 - Internetwork Security 52
This demonstration involves three hosts: attacker, victim, and target.attacker is the system used by the attacker for the hijack.
victim is the system used by the victim for telnet client connections to the target system.target is the target system that the intruder wants to compromise. It is where the telnetddaemon is running.
A simple diagram of the network shows the attacker and victim hosts are on the same network
(which can be ethernet switched and the attack will still work), while the target system can beanywhere. (Actually, either victim or target can be on the same network as attacker: it doesn'tmatter.)
For the attack to succeed, the victim must use telnet, rlogin, ftp, or any other non-encrypted
TCP/IP utility. Use of SecurID card, or other token based secondary authentication is useless asprotection against hijacking, as the attacker can simply wait until afterthe user authenticates, thenhijack the session.
7/27/2019 Lab2 Lecture
53/57
ECE 4883 - Internetwork Security 53
Session hijack example
7/27/2019 Lab2 Lecture
54/57
ECE 4883 - Internetwork Security 54
The attack scenario can be as simple as:
1. Attacker: Spends some time determining the IP addresses of target and victim
systems. Determining trust relationships can be easily done with utilities likeSATAN, finger, systat, rwho or running who, ps, or last from previously stolen(or wide open "guest" style) accounts.
2. Attacker: Runs hunt as root on attacking host. Waits for hunt to indicate asession has been detected (hunt will note a new session by changing its prompt
from "->" to "*>").
3. Attacker: Starts ARP relay daemon, prepares RST daemon entry for use later,sets option to enable host name resolution (for convenience).
4. Victim: Logs in to target using telnet. Runs pine to read/compose email.
From http://staff.washington.edu/dittrich/talks/qsm-sec/
Session hijack example
7/27/2019 Lab2 Lecture
55/57
ECE 4883 - Internetwork Security 55
5. Attacker: Sees new connection; lists active connections to see if this one is
potentially "interesting." If it is, attacker can either watch the session (packetsniffing) or hijack the session. Decides to hijack.
6. Victim: Sees strange new prompt. Tries pressing RETURN and doesn't know whatto think. Tries web browser and notices that it still works fine (not a networkproblem). Not sure what to think.
7. Attacker: Finds this is a user session and decides to give it back (resynchronizesTCP/IP stream).
8. Victim: Sees prompt for keystrokes, follows request, gets session back. Puzzled,
decides to log in to root account to take a closer look.9. Attacker: Turns on RST daemon to prevent new connections, waits to hijack root
session.
10. Victim: Runs ssu to get SecurID protected root shell.
From http://staff.washington.edu/dittrich/talks/qsm-sec/
Session hijack example
7/27/2019 Lab2 Lecture
56/57
ECE 4883 - Internetwork Security 56
11. Attacker: Completes hijack after seeing root login.
12. Victim: Sees strange prompt. Tries pressing RETURN again. Same result as
before. Tries web browser again. Same thing. Tries getting a new telnet session.Fails. Tries ftp. Fails.
13. Attacker: Sets up backdoor, disables command history, resets session, turns offRST daemon.
14. Victim: Finally gets a new session. Original session is now gone. Assumesnetwork outage or Windows TCP/IP stack corruption. Reboots system andeverything is back to "normal").
15. Attacker: Waits for admin's sessions to all disappear (gone home for the night),
then logs in using new backdoor. Installs rootkit (more backdoors, sniffer), cleanslog files.
From http://staff.washington.edu/dittrich/talks/qsm-sec/
References
7/27/2019 Lab2 Lecture
57/57
ECE 4883 - Internetwork Security 57
References
http://alor.antifork.org/talks/MITM-
BHeu03.ppt
http://www.csc.vill.edu/~fsalandr/netclass
/cassel.ppt http://staff.washington.edu/dittrich/talks/
qsm-sec/script.html