As a penetration tester, you will often encounter words like hash, password, and encryption; cracking a hash value is a separate category of ethical hacking, and it belongs to the Password Attacks submenu in the Applications menu of Kali Linux. If you want to dig deep, you can enter the world of cryptography, which I will discuss in the next chapter. There are also many good password-cracking tools available in Kali Linux. You will also learn how to use a few of them.
In this chapter, you will get an overview of what hashes and passwords are and how they are related. You will also learn the difference between the password-cracking tools that are available in Kali Linux.
Let’s start with a real-world scenario so that it will be easier for you to understand why penetration testers attach great importance to this category. In 2012, a collection of 177 million LinkedIn accounts was stolen and went up for sale on a dark web market. You can read the full story on the Internet. No one knows who bought them and whether the buyers were able to decipher those hashed passwords. As the report goes, one thing was certain: the passwords were hashed.
Passwords are not stored in a human-readable form; they are stored in a collection of cryptographic hashes. In other words, they are scrambled text that normally takes years to decipher. Let’s see how hashes work.
Hashes and Encryption
Hashing is a one-way function. It’s irreversible; theoretically, if you apply a secure hash algorithm, you cannot get the original string back. You can attack a secured hash by using a rainbow table. You can also use tools such as John the Ripper and Johnny. (You will learn more about them in the coming sections.)
Let’s first try to understand what a one-way function is. Basically, it’s a mathematical operation that is easy to perform but difficult to reverse. Every modern programming language has more than one hash library function.
Let’s consider a simple PHP function called hash() and test some code, like this:
//code to create hash value in PHP
<?php
echo hash('ripemd160', 'The quick brown fox jumped over the lazy dog.');
?>
This will give you output like this:
//output of the hash value created by PHP
ec457d0a974c48d5685a7efa03d137dc8bbde7e3
Here, ripemd160 is a hash algorithm. There are many other types of hash algorithms available in PHP. I will show you how a simple password like hello changes to many hash values in PHP when you test it against different hash algorithms.
The first column shows the hash algorithm, and the second column shows where you see numbers like 32, 48, 64, and 128; they are string lengths. The third column represents the hash value or digest. I have cut the long numbers down here; otherwise, I could not have fit the string on the book’s page.
A hash does not allow a user to decrypt the data with a specific key.
By contrast, encryption enables users to use a two-way function. Encryption is reversible; you can decrypt mangled data if you have the key. When you encrypt a password, your application has the key stored somewhere. In this case, if an attacker gets both the key and the encrypted text, he can easily get the original password. With a hash, this is not possible.
When you enter data for hashing, it is called a message. The output is known as the messagedigest or simply digest. One of the main properties of an ideal hash function is always deterministic, which means the same message always results in the same digest. Without trying all possible messages, you cannot generate the original message from the hash value (digest). One message always correlates to one digest. Two difference messages never come up with the same digest.
You can use a precomputed table tool such as a rainbow table to reverse the cryptographic hash functions to crack password hashes. You can use a rainbow table to recover passwords or even credit card numbers; however, it works up to a certain length consisting of a limited set of characters. While exploiting any victim’s machine, you can get the victim machine’s password listing even if the passwords are hashed. The advantage of a rainbow table is you can create a different rainbow table based on the hash value.
Password Testing Tools
In Kali Linux, click the Applications menu and look at the Password Attacks submenu, which will show the major password attack tools, such as Cewl, Crunch, John, Johnny, Medusa, Rainbowcrack, Wordlists, and so on. If you click the Password Attacks submenu, you will see four categories: Offline Attacks, Online Attacks, Passing the Hash tools, and Password Profiling & Wordlists (Figure 13-1). New tools are continuing to be added.
Figure 13-1
Password Attacks menu in Kali Linux
As a penetration tester, you must convince your client to use long passwords by showing that it is quite easy to crack simple passwords with simple combinations of words or letters.
Each of the submenus contains various tools specific to the submenu topic. The submenu Offline Attacks refers to the set of tools that takes the extracted collection of passwords and tries to match the message (password) and the digest (hash value). The Online Attacks submenu contains tools that are used to attack a live system and enter it. The submenu Passing the Hash tools also tries to gain control of a password by getting the hash value with hash tools, without recovering the original password.
The fourth submenu, Password Profiling & Wordlists, contains tools that perform dictionary attacks, which are much faster than brute-force attacks, although having access to the privileged lists is important.
Let’s click Wordlists at the bottom of the main menu. On the terminal you will immediately notice that there are many directories containing Wordlists tools. There is also an archive file of password lists; open it now.
You can see what is inside that text file by issuing the following command. Let’s extract the file. It’s long, so you can stop the output by pressing Ctrl+C. There are various password candidate lists in the file.
//code and output from a wordlist password file
root@kali:/usr/share/wordlists# cat rockyou.txt
123456
12345
123456789
password
iloveyou
princess
1234567
rockyou
12345678
abc123
nicole
daniel
babygirl
monkey
lovely
jessica
654321
michael
...
Next let’s open the directory and see what’s inside.
Crunch will now generate the following amount of data: 700 bytes
0 MB
0 GB
0 TB
0 PB
Crunch will now generate 100 lines.
// output of crunch
test00
test01
test02
test03
test04
test05
test06
test07
test08
...
This list is also incomplete; for brevity, I have to cut it down for the book.
The password testing tool Crunch helps you generate password files. To do that, it uses a special % sign to add numbers after a certain set of words. It also uses a special @ sign to add characters (one for every @) after a certain set of words of your choice. You can test it on the terminal. Just replace % with @ to see the output.
Crunch also has a man page that you can take a look at (Figure 13-2) before moving further.
//code for crunch manual
man crunch
Figure 13-2
Manual page of Crunch
You can also create a list of the passwords using crunch, and you can store that output in a text file. In that case, instead of using %, you can use the @ sign so that this time after a designated word no numbers are added.
To generate a long list of passwords with various permutations and combinations, I have chosen the four-letter word test, and after that I added two @@ special characters. Finally, I generate the password file as test.txt.
// code and output of crunch generating password dictionary
The file test.txt is there in the current directory, so you can take a look what it contains now.
//code and output of generated password
root@kali:/usr/share/wordlists# cat test.txt
testaa
testab
testac
testad
testae
testaf
testag
testah
testai
testaj
testak
testal
...
I cannot give the full output here. It’s too long, but our purposes it has been saved by crunch. As you can see, you are able to generate any type of complex password dictionary file with the help of crunch.
There is another good tool called rsmangler that has a wide range of usages. From a certain list of password files, it can manipulate and generate a rich dictionary file using various sets of permutations and combinations. By default, all rsmangler options are on.
Let’s first create a simple password list file that contains only three words (thing, anything, and nothing), and let’s store it in a file called thing.txt.
// code and output of creating thing.txt in nano
nano thing.txt
The tool rsmangler has a range of options available. You can take a look at the help page on your terminal and see what type of options you can use.
//code and output of rsmangler help page
root@kali:/usr/share/wordlists# rsmangler -h
rsmangler v 1.4 Robin Wood ([email protected]) <www.randomstorm.com>
All options are ON by default, these parameters turn them OFF
Usage: rsmangler [OPTION]
--help, -h: show help
--file, -f: the input file, use - for STDIN
--max, -x: maximum word length
--min, -m: minimum word length
--perms, -p: permutate all the words
--double, -d: double each word
--reverse, -r: reverser the word
--leet, -t: l33t speak the word
--full-leet, -T: all possibilities l33t
--capital, -c: capitalise the word
--upper, -u: uppercase the word
--lower, -l: lowercase the word
--swap, -s: swap the case of the word
--ed, -e: add ed to the end of the word
--ing, -i: add ing to the end of the word
--punctuation: add common punctuation to the end of the word
--years, -y: add all years from 1990 to current year to start and end
--acronym, -a: create an acronym based on all the words entered in order and add to word list
--common, -C: add the following words to start and end: admin, sys, pw, pwd
--pna: add 01 - 09 to the end of the word
--pnb: add 01 - 09 to the beginning of the word
--na: add 1 - 123 to the end of the word
--nb: add 1 - 123 to the beginning of the word
--force - don't check ooutput size
--space - add spaces between words
This help page clearly says what you can do with this powerful password generator. If you add -a to rsmangler, it will create an acronym based on all the words entered in order and add it to the word list. If you add --pnb, it will add 01 to 09 at the beginning of the word. So, you can probably see how powerful password generator it is.
Let’s try some of the options available in rsmangler and take a look at the output. You can always use all the options available in rsmangler, and you can try to make a strong password combination.
You have already a file called thing.txt, and you know that it contains three words. So, you will apply a few options of rsmangler on it and redirect the generated output into a new file called toughthing.txt.
//code of using a few options of rsmangler and redirect it to a new file
The whole output is too long to print here. Test it on your terminal to see the full output. The following is a slice of output from the middle so that you will have an idea of what type of permutations have been used by rsmangler.
// more output from the file "toughthing.txt"
75nothing
nothing75
76nothing
nothing76
77nothing
nothing77
78nothing
nothing78
79nothing
nothing79
80nothing
nothing80
...
John the Ripper and Johnny
John the Ripper (or John for short) is a password cracker tool. It has its own highly optimized modules for different hash types and processor architectures. The interface used in John is based on assembly language routines for several processor architectures.
The free version of John, which is community-based, adds support for many more password hash types, including Windows NTLM(MD4-based), Mac OS X 10.4-10.6 salted SHA-1 hashes, and more. A salt is random data that is used as additional input to a one-way function that hashes data, and SHA-1 is a cryptographic hash function that produces a 160-bit hash value known as a message digest.
The main advantages of John are that it is designed to be both feature-rich and fast and it is available for several platforms. The combinations of several cracking modes in one program make it almost unparalleled.
Another tool, Johnny, provides a GUI for the John the Ripper password-cracking tool.
You will see how to use them in this section.
In any Debian-based Linux distribution, the hash values of passwords are kept in a file called phile.txt in the /etc/shadow directory. Let’s copy the phile.txt file to the Kali Linux home directory and check it out.
//copying the "phile.txt" in home directory
root@kali:~# cp /etc/shadow phile.txt
root@kali:~# ls
Desktop Documents Downloads Music phile.txt Pictures Public Templates Videos
Take a look at it in the terminal. The output is fairly long, so I am giving you a partial view here.
At the top of the list you probably noticed the root password, which is a long hash value. To test John, I have also created more than one user. At the bottom, the users are shown.
Now, you can run John against this phile.txt file and see how it handles the cracking job.
//code of running John
root@kali:~# john phile.txt
Warning: detected hash type "sha512crypt", but the string is also recognized as "crypt"
Use the "--format=crypt" option to force loading these as that type instead
Using default input encoding: UTF-8
Loaded 5 password hashes with 5 different salts (sha512crypt, crypt(3) $6$ [SHA512 128/128 SSE2 2x])
Remaining 3 password hashes with 3 different salts
Press 'q' or Ctrl-C to abort, almost any other key for status
Use the "--show" option to display all of the cracked passwords reliably
Session aborted
John has done its job on the password file, and the cracked passwords can now be found by using the following command:
//code to show the cracked password
root@kali:~# john --show phile.txt
sanjib:ss:17695:0:99999:7:::
ss:ss:17697:0:99999:7:::
pg:pg@:17697:0:99999:7:::
3 password hashes cracked, 2 left
I have used a somewhat simple password for the three users, so John took almost no time to crack them. Try to add more users in Kali Linux and give them strong passwords to see the results.
As a penetration tester, your first duty is to convince your client to use long passwords with a mixture of numbers and alphanumeric characters.
Johnny uses the same technique, and you can open Johnny from the Applications menu. Go to the Password Attacks submenu, and you will find the Johnny there.
Before going to use Johnny, I have created another user called John Smith in my virtual Kali Linux machine. Since Johnny is a GUI-based password-cracking tool, you can easily open the phile.txt file from the File menu.
If Johnny finds a moderately simple password, it cracks it immediately (Figure 13-3).
Figure 13-3
Johnny is cracking the hash value
By the time I took the screenshot in Figure 13-3, Johnny had already cracked three passwords, and it was working on the others.
How to Use RainbowCrack
RainbowCrack is another good password cracker tool that uses a special type of time-memory algorithm called trade-off to crack hashes. It differs from the typical hash crackers. It creates a rainbow table first, and then with the use of a faster time-memory trade-off technique, it cracks hashes.
In the previous chapter, you learned how to conduct exploits, and in the final chapter, you will learn more about exploitation. In any case, you know how to get a victim machine’s password listing, although the passwords are in their hash values. The advantage of a rainbow table is that you can create a different rainbow table based on the hash value. If your victim machine is Windows XP and it uses the Windows NTLM (MD4-based) hash type, then you can create the rainbow table accordingly.
Let’s go to the Applications menu first and then open the RainbowCrack from the Password Attacks submenu.
You will first see what is inside, and then you will go inside the rainbow directory.
//output of the inside of rainbowcrack and going inside
charset data in hex: 61 62 63 64 65 66 67 68 69 6a 6b 6c 6d 6e 6f 70 71 72 73 74 75 76 77 78 79 7a
charset length: 26
plaintext length range: 6 - 6
reduce offset: 0x00000000
plaintext total: 308915776
sequential starting point begin from 0 (0x0000000000000000)
generating...
65536 of 335540 rainbow chains generated (0 m 30.2 s)
131072 of 335540 rainbow chains generated (0 m 32.6 s)
196608 of 335540 rainbow chains generated (0 m 30.6 s)
262144 of 335540 rainbow chains generated (0 m 30.2 s)
327680 of 335540 rainbow chains generated (0 m 30.9 s)
335540 of 335540 rainbow chains generated (0 m 3.7 s)
In the previous code, you can increase the password characters just by changing the value of 6 to 7 or 8 characters long, such as I have done in the following code. If you change the value to 7 or 8, make sure to change both.
rtgen md5 loweralpha 6 6 0 3800 335540 0
Usually, in a brute-force password-cracking technique, the hash cracker generates all the possible plain text, and the hash cracker computes the corresponding hashes accordingly. At the same time, it compares the hashes with the hash value to be cracked. Once a match is found, the plain text is also found. If no match is found, the plain-text value is also not found.
In the trade-off algorithm, the cracking computation does not start immediately. It needs a precomputation stage. In that precomputation stage, the hashes are stored in a rainbow table. The process is time-consuming, but once the precomputation is finished and the hashes are stored in the table, it performs better than any brute-force technique.
