Qualys – Lessons Learned from Cracking LinkedIn Passwords

Singular approach from Qualys, reagarding the LinkedIn password leak. Using a patched version of John the Ripper (brute force password craker), they successfully found complex passwords in almost no time by iterating over a password file filled by newly found password from latest iteration. Ultimately cracking password as complex as this one: “lsw4linkedin”

 

Original source: https://community.qualys.com/blogs/securitylabs/2012/06/08/lessons-learned-from-cracking-2-million-linkedin-passwords

Like everyone this week, I learned about a huge file of password hashes that had been leaked by hackers. The 120MB zip file contained 6,458,020 SHA-1 hashes of passwords for end-user accounts.

 

At first, everyone was talking about a quick way to check if their password had been leaked. This simple Linux command line:

 

echo -n MyPassword | shasum | cut -c6-40 

 

allows the user to create a SHA-1 sum of his password and take the 6th through 40th characters of the result. (See note below*). Then the user could easily search the 120MB file to see if his hash was present in the file. If it was, then of course his password had been leaked and his account associated with that password was at risk.

 

John the Ripper

 

But when the OpenWall community released a patch to run John The Ripper on the leaked file, it caught my attention.  It has been a long time since I have run John The Ripper, and I decided to install this new, community-enhanced “jumbo” version and apply the LinkedIn patch.

 

John the Ripper attempts to crack SHA-1 hashes of passwords by iterating on this process: 1. guess a password, 2. generate its SHA-1 hash, and 3. check if the generated hash matches a hash in the 120MB file. When it finds a match, then it knows it has a legitimate password.  John the Ripper iterates in a very smart way, using word files (a.k.a. dictionary attack) and rules for word modifications, to make good guesses. It also has an incremental mode that can try any possible passwords (allowing you to define the set of passwords based on the length or the nature of the password, with numeric, uppercase, or special characters), but this becomes very compute-intensive for long passwords and large character sets.

 

The fact that the file of hashed passwords was not salted helps a lot.  As an aside, even if they were salted, you could concentrate the cracking session to crack the easiest passwords first using the “single” mode of John the Ripper. But this works best with additional user information like a GECOS, which was not available in this case, at least to the public. So the difficulty would be much greater for salted hashes.

 

Approach

 

In my case, I have an old machine with no GPU and no rainbow table, so I decided to use good old dictionaries and rules.

 

I ran the default john command that just launches a small set of rules (like append/prepend 1 to every word, etc.) on a small default password dictionary of less than 4000 words. It then switches to incremental mode based on statistical analysis of known password structures, which helps it try the more likely passwords first. The result was quite impressive because after 4 hours I had approximately 900K passwords already cracked.

 

But then, as it got to the point were it was trying less and less likely passwords and therefore found matches more slowly, I decided to stop it and run a series of old dictionaries I had: from default common password lists (16KB of data) to words of every existing language (40MB of data). It was very efficient and found 500K more passwords in less than an hour, for a total of 1.4M passwords.

 

Even though my dictionaries were 10 years old and didn’t contain newer words like “linkedin”, it appeared that some cracking rules, by reversing strings or removing some vowels could guess new slang words from already cracked passwords.

 

And as I had just acquired 1.4M valid passwords, I believed that using these newly discovered passwords as a dictionary I could find more. It worked and the rules applied to the already cracked passwords produced 550K new ones. I ran a second iteration using the 550K passwords from the first iteration as a dictionary, and found 22K more. I iterated in this manner a total of ten times.

 

It is interesting to see that the most elaborate passwords found in the 3rd or 4th iteration of this kind of recursive dictionary cracking were related to the word linkedin most of the time:

 

If I tried to match the word linkedin slightly modified (reversed or with ‘1’ or ‘!’ instead of ‘i’ like in l1nked1n):

 

  • In the first iteration, 558 passwords found in the 554,404 (0.1%) are related to the ‘Linkedin’ string;
  • In the second iteration, 3248 out of 22,688 (14%) are related to the ‘Linkedin’ string;
  • Third iteration: 1,733 out of 3,682 (47%);
  • Fourth iteration: 539 out of 917 (59%);
  • Fifth iteration: 217 out of 330 (66%);
  • Sixth iteration: 119 out of 152 (78%);
  • Seventh iteration: 40 out of 51 (78%);
  • And so on through the tenth iteration.

 

An example of what I found on the 7th pass is:  m0c.nideknil

 

Another example is: lsw4linkedin, which was found on the tenth pass. To illustrate how the rules work for modifying words in the dictionary, below is the actual set of modifications used to get from the dictionary entry ‘pwlink’ to the successfully cracked password ‘lsw4linkedin’ over the ten iterations:

 

  1. pwdlink from pwlink with the rule “insert d in 3rd position”
  2. pwd4link from pwdlink with the rule “insert 4 in 4th position”
  3. pwd4linked from pwd4link with the rule “append ed”
  4. pw4linked from pwd4linked with the rule “remove 3rd char”
  5. pw4linkedin from pw4linked with the rule “append in”
  6. mpw4linkedin from pw4linkedin with the rule “prepend m”
  7. mw4linkedin  from mpw4linkedin with the rule “remove second character”
  8. smw4linkedin from mw4linkedin with the rule “prepend s”
  9. sw4linkedin from smw4linkedin with the rule “remove second character”
  10. lsw4linkedin from sw4linkedin with the rule “prepend l”

 

This is the deepest password found, i.e. the only one obtained in the last iteration.

 

This clearly shows that no matter how elaborate a password you choose, as long as it is based on words and rules, even if there are many words and many rules, it will probably be cracked. The fact is that on a huge file like the LinkedIn leak, every password you find can help you to get another one. That is because human-created passwords are not random, and programs like John the Ripper and dictionary attacks can use patterns, either already known or discovered in the password hash file, to greatly reduce the time needed to crack them.

 

Password Management

 

Thus, it is highly recommended to use a strong random password generator that is known to be actually random.

 

It is funny to note that a very old version of a command line tool called “mkpasswd” produced passwords based on a bad random salt and was generating only 32768 different passwords (http://www.kb.cert.org/vuls/id/527736 ), this was reported and fixed 10 years ago, but I was still able to recover 140 passwords in the leaked file that had been generated by this vulnerable version of mkpasswd.

 

Evidence indicates that the hacker who made this leak public was most likely trying to get cracked passwords from an online community, a kind of crowdsource cracking. Since he probably possesses the list of logins as well, you might want to change your passwords in other accounts if you think he can access them with the information he has. Note that if you have unique passwords created with simple rules, you might change them as well. For example, if your password for LinkedIn is MyPW4Linkedin, a malicious cracker might guess that MyPW4Facebook might be your Facebook password.

 

It is also recommended to change your password if your username can be guessed from it, because every password cracker on the planet is currently playing with this password file.

 

The author of John the Ripper, Solar Designer, did a great presentation on the past, present and future of password security. Although the security industry has put a lot of work into making good hash functions (and there’s still more work to do), I believe that poorly chosen passwords are a concern. Maybe we should demand that our browsers (using secured storage as in Firefox Manager) or 3rd-party single-sign-on providers create easier solutions to help us resist the temptation of using simple passwords and re-using the same passwords with simple variations.

 

* Note: The hashes in the 120MB file sometimes had their five first characters rewritten with 0.  If we look at the 6th to 40th characters, we can even find duplicates of these substrings in the file meaning the first five characters have been used for some unknown purpose: is it LinkedIn that stores user information here? is it the initial attacker that tagged a set of account to compromise? This is unknown.

 

6.5M LinkedIn Passwords Leaked Online

Time has come for password change on LinkedIn …. as millions of passwords are posted on a Russian hacker website.

Few details so far:

  • The data leaked is a file of SHA1 hashes
  • The data have been first posted on a Russian hacker website
  • There are 3,521,180 hashes that begin with 00000. Probably marked to cracked(reversed user’s password).
  • The file does not contain duplicates. LinkedIn claims a user base of 161m. This file contains 6.4m unique password hashes. That’s 25 users per hash. Given the large amount of password reuse and poor password choices it is not improbable that this is the complete password file.

 

‘Flame’ is a continuation of the cyberwar history

Are we  at (Cyber) War ?

Over the last few years there has been growing event and talk about how the world seems to be plunging into cyber war as governments, hacking groups, terror groups, and hacktivists all seem to be increasing their attacks on networks, users, and data.

This is my short answer, only reflecting  my own opinion aka “the bad news”

Like it or not, but we probably are at war and worst …. this is your war.  whatever your are unwilling, you are a participant and you have an obligation to protect your computer and your data in any way you can, in order to not only avoid risks to yourself, but to reduce the chance of being used to relay attack  against others.

 

Stuxnet and Duqu were bright examples of cyber weapons which could even physically destroy infrastructure, and Flame is a continuation of this history … cyber war has been ongoing for years already. People are just not aware of it because cyber war is hidden.

 

Cyber war is evolving rapidly, and ‘Flame‘ vividly confirms this trend,Flame is a universal attacking tool kit used mostly for cyber espionage

  • It can record audio if a microphone is attached to the infected system
  • It can scan for locally visible Bluetooth devices(meaning phone for instance) if there is a Bluetooth adapter attached to the local system
  • It can do screen captures and transmit visual data
  • It can steal information from the input boxes when they are hidden behind asterisks, password fields

 

 

Can BigData reduce fraud?

Too much data can pose security concerns, and it can become overwhelming to manage. Verizon, in its latest Data Breach Investigations Report, finds most organizations get overwhelmed with too much data.

Chris Novak, who works in Verizon’s investigative response unit, says most organizations struggle to collect the right data and properly store it. “They don’t necessarily know where they have data … and how it’s being handled,” he says.

Like all organizations, financial institutions struggle with data. But many banks outsource data management to help ensure the data they collect is, in theory, protected and properly managed.

Can Data Reduce Fraud?

Here’s the question: Could institutions take advantage of their data to support fraud prevention? Experts at credit reporting bureau Experian say yes.

Experian is pushing ID theft management in a new way: to help banks prevent and detect fraud. Keir Breitenfeld, director of product management within Experian’s decision analytics team, says banking institutions are doing better jobs of capturing data.

“Institutions are saying, ‘We have to have a more enterprise-level approach,'” he says. “They know they need to warehouse data, so they can bring channels together, from a cost perspective and customer experience perspective.”

But the residual effect is that banks have a lot more data at their fingertips to track accountholders, rather than just accounts, for fraud.

The ability to capture data and warehouse it has improved so much that credit bureaus now have the ability to provide customized scores for individual accountholders.

So, the more data banks can leverage about new accountholders, in particular, the better their chances are of detecting fraud.

If banks routinely compare the data they collect about customers with information credit bureaus store, they could improve their fraud detection rates on new accounts by 20 percent or more, Breitenfeld says.

“If you can monitor accounts after they are opened, you can better detect fraud.”

Bitcoinica hacked close to $100k USD stolen

Bitcoinica has been shutdown until further notice, following a theft of 18,000 BTC.News of the hack was posted this morning by Bitcoinica’s founder, Zhoutong:

“Today, we have discovered a suspicious Bitcoin transaction that doesn’t seem to be initiated by any one of the company owners. Some of them are not online at the moment so this is not conclusive.

Suspicious transaction:

{
“account” : “”,
“address” : “182tGyiczhXSSCTciVujNRkkMw1zQxUVhp”,
“category” : “send”,
“amount” : -18547.66867623,
“fee” : 0.00000000,
“blockhash” : “00000000000003f6bfd3e2fcbf76091853b28be234b5473a67f89b9d5bee019c”,
“blockindex” : 1,
“txid” : “7a22917744aa9ed740faf3068a2f895424ed816ed1a04012b47df7a493f056e8″,
“time” : 1336738723
},

We have contacted Rackspace to suspend all our servers and lock down our accounts. All your trading and financial data is safe (as far as I know), apart from the Bitcoin loss. Thank you for your patience and understanding while we investigate this issue in detail.”

And in a follow-up post:

“Our data is kept inact. Any order placed before the shutdown will still be valid. However, no order execution will happen (no zhoutonging either).
If the market moves significantly, we will come up with a proposal to compensate disadvantaged customers once the investigation is complete.”

Bitcoinica was also the victim of a 43,000 BTC ($215,000 USD) heist back on March 1st.

It will be interesting to see how the market is affected by the inability of traders to take leveraged positions in either direction. Also, you should not surf to Bitcoinica.com, as the site has been redirected to a porn site.

55.000+ Twitter account leaked

Today Anonymous hackers leaked more than 55.000 hacked twitter accounts username and password through Pastebin. It was very shocking to see such a massive number of Twitter accounts are hacked. Also celebrity accounts are hacked.

‘The micro blogging platform is aware of this hack and was taking necessary actions to save those people’s account from malicious activity’, said a Twitter insider.

It was huge, 55.000+ accounts has been hacked and it wasn’t possible to share such a huge pile of usernames and passwords in a single paste. So it took the hackers five Pastebin pages to leak the data. This hack is just an alert to other millions of Twitter users that they could be hacked anytime.

Unbelievable that Twitter isn’t taking any necessary steps to keep its users data safe. Even after encountering a huge number of hacks in the past including celebrities account. All they need to do is to add a password strength checker during signup while changing passwords. And guide the users to create a strong password. That could save a lot of users frustration.

To check if your account is hacked, go through this five Pastebin pages ( page 1 | page 2 | page 3 | page 4page 5 ) and to find your account easily just by using the find feature in your browser (CTRL+F) and type your email id.

 

Or  using you can download the whole file list , created using the following command:

curl http://pastebin.com/raw.php?i=Kc9ng18h > twitterpw.txt
curl http://pastebin.com/raw.php?i=vCMndK2L >> twitterpw.txt 
curl http://pastebin.com/raw.php?i=JdQkuYwG >> twitterpw.txt 
curl http://pastebin.com/raw.php?i=fw43srjY >> twitterpw.txt 
curl http://pastebin.com/raw.php?i=jv4LBjPX >> twitterpw.txt

Bitcoins exchange Bitscapler user data leak

Please be warned of a possible breach in Bitscapler’s (Bitscapler.com) user database, exposing user’s login and password information.

We are still waiting for an official announcement from Bitscalper about this leak, users who use Bitscapler.com and who also happen to use the same credentials for other  services should update their  password as soon as possible on other bitcoins services.

Toshiba hacked,leaking 7,500 customers personal data

Toshiba Corp. has confirmed that its Toshiba American Information Systems Inc. server has been hacked in a press release.

Server had personal information for about 7,500 customers …681 customers’ email addresses and passwords may have been compromised or leaked during the process.

A Toshiba spokesperson noted that the company has not concluded when the hacking took place – partially why they could not comment on the matter sooner – but the U.S. unit first detected a problem on July 11 and then it was confirmed July 13 that it had, indeed, been hacked.

“On discovering the intrusion TAIS immediately took the server offline and initiated a comprehensive investigation,” said Toshiba in a statement. “Toshiba and its Group companies regard data security as a priority concern and will continue a thorough investigation of the incident. Toshiba will take all necessary precautions to avoid any recurrence of similar incidents and to ensure customer information remain secure.”

The company is still investigating the matter and customers have already been notified about the possibility that their personal data may have been affected, notes Thinq.

According to eSecurity Planet, the hacker, who identifies itself as V0iD, published the account information on two pastebin posts. The hacker claims that the leak contains 11 Toshiba administration officials’ email addresses and passwords using @tacp.com and a “top 3” list of an Air Force (@moody.af.mil), NASA (@nasa.gov) and state government official’s email login.

This is only 10 percent of the list and V0iD has promised more to come.


"Anonymous" leak military mails

Anonymous (the hacker group) uploaded 90,000 military email address and associated password hashes onto the bittorrent network on Monday .

The sensitive,leaked, data came from a hack against military contractor Booz Allen Hamilton, which Anonymous hinted had yielded further sensitive information. The loosely knit hacktivist collective claims to have pulled the information from an unprotected server.

Security watchers warn, email addresses and other data obtained(but not released) might be used to mount other attacks,

“Anonymous claims to have erased four gigabytes worth of source code and to have discovered information which could help them attack US government and other contractors’ systems,” Chester Wisniewski of net security firm Sophos notes in a blog post on the hack.

Booz Allen Hamilton declined to comment on the incident.

 

Certigna publishes SSL private key by mistake

A French provider of SSL certificates appears to have made a bit of a boo-boo in its webserver configuration: publishing its private key for the world to see, and opening up a potentially serious security hole in the world’s web browsers.

SSL certificates serve two purposes on the Internet: to encrypt information, and to verify a webserver’s identity. An SSL certificate is what is used to keep the password you log in to your Internet banking site private, and also serves to ensure that you’re genuinely logging in to the bank’s own server.

This latter function requires that certificate providers don’t issue certificates willy-nilly, instead verifying that the person requesting the certificate has some control over the domain in question. This can be as difficult as a long-winded meetings with business executives, and as simple as placing a secret file somewhere on the web server.

To prevent random users from generating their own trusted certificates, each SSL certificate provider has a ‘private key.’ This is a piece of code which is kept completely secret, and which is used to sign each issued SSL certificate to validate that it has been issued by a trusted authority. These keys are usually closely guarded, as any certificate signed by the key from a trusted authority will be implicitly trusted by a web browser without display any warning messages.

Sadly, French SSL specialist Certigna appears to have failed to keep its secret under lock and key. A visit to the site’s revocation list page – which is fully publicly accessible via a standard web browser – allows anyone and everyone to download the private key and other supposedly secret files, potentially enabling the creation of their own valid Certigna-signed SSL certificates.

 

It’s a major security breach, and one of which the company appears unaware as they didn’t react to this issue yet.