mvp@v7fs1.UUCP (Michael Van Pelt) (12/03/88)
My favorite idea for a password-guesser trap is to set a flag after <x> bad attempts, where <x> is about 10 or so. Then, login will stop checking the password, it will just echo "bad login /n login:" as if it was a bad password. The cracker gets no notification that he's no longer going to know if he gets the password correct. If the user hangs up and calls back, the flag is reset, and he gets another <x> cracks at it. There should be some notification mechanism to go with this. This has another advantage, in that the system is doing a cheap sleep(3) instead of an expensive password encrypt when a cracker is banging on the line. AT&T System V.3 has the nifty feature that you wait 30 seconds after a bad password before the login: prompt comes back. That's a pain when you miskey the password, but it would be much worse for someone trying to brute-force guess. -- Mike Van Pelt When the fog came in on little cat feet Video 7 last night, it left these little muddy ...ames!vsi1!v7fs1!mvp paw prints on the hood of my car.
861087p@aucs.UUCP (A N D R E A S) (06/01/89)
A long time ago someone posted a program that did password
guessing using the Unix dictionary and the /etc/passwd file.
Can someone mail me the progra?
Please don't post it in the list.
Best Regards
Andreas
******************************************************************************
Andreas Pikoulas UUCP : {uunet|watmath|utai|garfield}!dalcs!aucs!861087p
Acadia University BITNET: 861087p@Acadia
Wolfville, NS Internet: 861087p%Acadia.BITNET@CUNYVM.CUNY.EDU
CANADA B0P 1X0 (902) 542-5623
*****************************************************************************
IF YOU CANNOT CONVINCE THEM ,CONFUSE THEM.
-----------------------------------------------------------------------------
pat@rwing.UUCP (Pat Myrto) (07/23/89)
In article <1919@aucs.UUCP>, 861087p@aucs.UUCP (A N D R E A S) writes: > > > A long time ago someone posted a program that did password > guessing using the Unix dictionary and the /etc/passwd file. > Can someone mail me the progra? > Please don't post it in the list. Your account name and .signature doesn't indicate that you have any special needs, (like being a sysad, or user responsible for system security) and none are stated in your posting. What would you want with a password cracking program anyway - I think that due to the nature of your request, a reason would be appropriate. No, I don't have a copy of what you ask for - just making an observation. -- pat@rwing ...!nwnexus!mltco!camco!happym!\ (Pat Myrto), Seattle, WA ...!uunet!pilchuck!rwing!pat ...!uw-beaver!sumax!polari!/ WISDOM: "Travelling unarmed is like boating without a life jacket"
mccoy@accuvax.nwu.edu (Jim McCoy ) (08/13/89)
In article <737@rwing.UUCP> pat@rwing.UUCP (Pat Myrto) writes: >In article <1919@aucs.UUCP>, 861087p@aucs.UUCP (A N D R E A S) writes: >> >> >> A long time ago someone posted a program that did password >> guessing using the Unix dictionary and the /etc/passwd file. >> Can someone mail me the progra? >> Please don't post it in the list. > >Your account name and .signature doesn't indicate that you have any >special needs, (like being a sysad, or user responsible for system >security) and none are stated in your posting. What would you >want with a password cracking program anyway - I think that due to the >nature of your request, a reason would be appropriate. No, I don't >have a copy of what you ask for - just making an observation. > Gimme a break! It may come as a shock, but some people who ARE sysads (like me) don't post or use trivial programs when we are root. Besides, a password cracker is not a difficult program to make, and is generally considered a rite of passage at some places ( like here :-). First, it should be obvious that a "password cracker" will only get the most obvious and insecure passwords. When we do a check of security around here (about once every three months or so) we usually let this beast run for a day or two on a machine with no one else logged in, so if you are trying to "hack the system" this is not the reccommended method unless your sysads won't notice a program that runs for a day and eats up almost all CPU time. While i won't post this program out of the paranoid fear some people may have, I will give a general overview that any sysad should be able to code (or have someone else code for him ;-). 1) Look at the crypt call (man3 i think), the format that the passwd file uses is [salt-2 chars][passwd-11 chars]. 2) Make repeated calls to crypt using the salt in passwd and the words in /usr/dict/words plus things like user name and GECOS info. 3) This should make a resonable check for stupid passwords that some people use. BTW, If you are looking to set up a more secure passwd scheme, look into shadow password files, and changing the passwd program to not accept any entries that the above would find (i have the modified code if you want it, it will also generate secure passwords that are fairly easy to remember). >-- >pat@rwing ...!nwnexus!mltco!camco!happym!\ (Pat Myrto), Seattle, WA > ...!uunet!pilchuck!rwing!pat > ...!uw-beaver!sumax!polari!/ >WISDOM: "Travelling unarmed is like boating without a life jacket" jim ------------------------------< Jim McCoy >------------------------------------ mccoy@acns.nwu.edu | "...far too many notes for my taste" #include <disclaimer.h> | -Phantom of the Opera "To thine own self be true"
earlw@Apple.COM (Earl Wallace) (08/14/89)
I like passwords that are created by using the first letter in each word of a sentence such as: "I like eating hot soup in the winter" So, the passwd would be "ilehsitw" -- not a word you would find in most dictionaries and (somewhat) easy to remember. If everyone would switch to this system of selecting passwords, I think we would make the password guessing game a little more difficult and just think of the neat sentences you could make up: "I want a Volvo Turbo for my next car" ---> IwaVTfmnc "You and I make great waves together" ----> YaImgwt "I wish you would stop smoking in here" --> Iwywssih "Can you break this password, dude?" ----> Cybtp,d? -earlw
trt@rti.UUCP (Thomas Truscott) (08/14/89)
> I like passwords that are created by using the first letter in each word > of a sentence such as: > > "I like eating hot soup in the winter" > > So, the passwd would be "ilehsitw" ... This approach is fine, so long as the resulting password is hard to guess. The Bad Guy is aware of this style of password generation and is likely to try it on everything in Bartlett's Familiar Quotations (for example). So "pppapopp" may seem obscure, but "Peter Piper picked a peck of pickled peppers" is not and that matters too. No problem, just randomize the password by changing or adding letters. E.g. change the "pa" to "qb", yielding "ppqbpopp" which is only slightly harder to remember but is much harder to guess. There are lots of different ways to randomize a password, just make sure you choose a random way! The "ilehsitw" has about 36 bits of effective key according to an "obviousness" detector that I wrote based on James Gilogly's routine that uses frequency of English letter triples. Your mileage may vary but 36 bits is an excellent key compared to most, and the other passwords (e.g. "IwaVTfmnc") are even better. Just make sure there aren't sneaky ways to guess the password. Tom Truscott
gordon@prls.UUCP (Gordon Vickers) (08/15/89)
In article <3126@rti.UUCP> trt@rti.UUCP (Thomas Truscott) writes:
-> I like passwords that are created by using the first letter in each word
-> of a sentence such as:
->
-> "I like eating hot soup in the winter"
->
-> So, the passwd would be "ilehsitw" ...
The advice I see most often, and use myself is to simply pick
two unrelated words that are seperated by a symbol, with the entire
password being seven or eight charectors in length. Care to figure
what the odds are of a hacker breaking it ?
Gordon Vickers 408/991-5370 (Sunnyvale,Ca); {mips|pyramid|philabs}!prls!gordon
------------------------------------------------------------------------------
Every extinction, whether animal, mineral, or vegetable, hastens our own demise.nick@toro.UUCP (Nicholas Jacobs) (08/16/89)
A method that I'm fond of is using romanized foreign words. Particularly if you know words that are not likely to be commonly known. This avoids the "run the Unix dictionary" syndrome. Of course, your users may not appreciate be asked to remember passwords in Serbo-Croatian or Turkish! :-) Nicholas Jacobs UUCP: ...!uunet!toro!nick Internet: toro!nick@uunet.uu.net AT&T: (212) 236-3230
Kemp@DOCKMASTER.NCSC.MIL (08/18/89)
Any time a human tries to think up a "random" password, chances are it
won't be as "random" as a machine could choose. So why not have the
machine generate it for you, and stop worrying. The system I am using
now enforces the use of machine-generated pronounceable passwords, and
VMS systems can also generate them, although our system managers didn't
make them mandatory. I think there are similar programs floating around
the unix archives.
It usually only takes three or four tries before the machine comes up
with something that conjures up outrageous images or is vaguely obscene,
like the trick used by people who memorize long lists of numbers.
My favorite machine password (long since expired :-)) was "biwithmi" -
a sort of computer proposition!
Dave Kemp <Kemp@dockmaster.ncsc.mil>thor@stout.ucar.edu (Rich Neitzel) (08/18/89)
In article <20648@adm.BRL.MIL> Kemp@DOCKMASTER.NCSC.MIL writes: >Any time a human tries to think up a "random" password, chances are it >won't be as "random" as a machine could choose. So why not have the >machine generate it for you, and stop worrying. The system I am using >now enforces the use of machine-generated pronounceable passwords, and >VMS systems can also generate them, although our system managers didn't >make them mandatory. I think there are similar programs floating around >the unix archives. > I formerly worked at a clessified DOE site and all passwords for classified computers were machine generated. However, there was added twist - a password generated on machine A could not be used on that machine or any simularly configured machine. For example, VAX/VMS generated passwords were used on the HPs, IBM's on the VAX, etc. The reasoning was that to try and crack the generator required access to two machines, which hopefully was difficult enough to reduce the likelyhood of its occurrence. -------------------------------------------------------------------------------
chris@mimsy.UUCP (Chris Torek) (08/20/89)
In article <20648@adm.BRL.MIL> Kemp@DOCKMASTER.NCSC.MIL writes: >Any time a human tries to think up a "random" password, chances are it >won't be as "random" as a machine could choose. So why not have the >machine generate it for you, and stop worrying. I am a bit surprised that someone at NCSC would suggest this without at least a caveat. (I suppose I ought not to be surprised....) While a machine-generated password *could* be `very random', the average machine generating the average pronounceable password is not very random at all. People have been known to use a 15-bit random number generator (maximum of 32768 distinct passwords) and filter it through a `pronounceability test' that discards more than half of the numbers generated! I generally construct my own passwords by taking one or more words that form a memorable sequence (such as `military intelligence' :-) ), translating some or all into some other language(s), rearranging and/or dropping some of the letters in the result, and changing some into punctuation and/or control characters. For instance: `to write the great American novel' might become `sdvAn^L.' -- In-Real-Life: Chris Torek, Univ of MD Comp Sci Dept (+1 301 454 7163) Domain: chris@mimsy.umd.edu Path: uunet!mimsy!chris
Kemp@DOCKMASTER.NCSC.MIL (08/21/89)
Chris Torek writes: > I am a bit surprised that someone at NCSC would suggest this without > at least a caveat. Chris is absolutely correct here (as usual). One should not just take any program for password generation (like you might find on a unix archive) and blindly trust that it will actually generate good random passwords. I was extrapolating from the Multics and VMS programs, which presumably use decent algorithms and have been verified by computer security experts. I also did not include a very important disclaimer: "Although this message was posted from a NCSC machine, it's contents do not reflect the views of anyone but the author, who is not in any sense an authority on computer security." Dave Kemp <Kemp@dockmaster.ncsc.mil> P.S. Several people have sent mail asking where password generating programs might be found. I have no idea; just a vague memory of having seen references to them.
madd@bu-cs.BU.EDU (Jim Frost) (08/21/89)
In article <24888@prls.UUCP> gordon@prls.UUCP (Gordon Vickers) writes: | The advice I see most often, and use myself is to simply pick | two unrelated words that are seperated by a symbol, with the entire | password being seven or eight charectors in length. Care to figure | what the odds are of a hacker breaking it ? Sure. Very good if the hacker has (exclusive) access to a good parallel machine, or access to several PC's and a good crypt() implementation. One of the problems of the UNIX password scheme is that it believes that you don't have 50+ mips of processing power and a reasonably efficient crypt(). (In fact I know someone who did a fairly complete scan of 6 letter passwords using heavy parallelism; this is likely to become more common as machines get faster.) Since there are a variety of simple ways to get around this problem which have been discussed in full on this and other newsgroups, I won't go into it. Just remember that machine speed is rising quick enough for brute-force to be effective. jim frost software tool & die madd@std.com
jfh@rpp386.Dallas.TX.US (John F. Haugh II) (08/21/89)
In article <36830@bu-cs.BU.EDU> madd@buit15.bu.edu (Jim Frost) writes: >In article <24888@prls.UUCP> gordon@prls.UUCP (Gordon Vickers) writes: >| The advice I see most often, and use myself is to simply pick >| two unrelated words that are seperated by a symbol, with the entire >| password being seven or eight charectors in length. Care to figure >| what the odds are of a hacker breaking it ? > >Sure. Very good if the hacker has (exclusive) access to a good >parallel machine, or access to several PC's and a good crypt() >implementation. I'd say its a virtual certainty any good programmer could break that system in a very small amount of time. A few questions crop up - how many three or four letter words are there, versus possible three or four letter combinations of letters. Next, how many special symbols are there. The answer should be a small enough number for my PC to get it over one or two nights of crunching. -- John F. Haugh II +-Quote of the month club: ------------ VoiceNet: (512) 832-8832 Data: -8835 | Speaking of Netnews Administration: InterNet: jfh@rpp386.cactus.org | "If Bill Vajk can do it, anyone can" UUCPNet: {texbell|bigtex}!rpp386!jfh +--------- -- Patricia O Tuama-----
nagle@well.UUCP (John Nagle) (08/21/89)
Some years ago, I was told by someone at the Computer Security
Center that guidance on how to generate random (not psuedorandom)
passwords under various operating systems would be forthcoming. Did
this ever happen?
An adequate approach is to get bits from places like the low-order
bits of a fast clock, angular address registers of disk controllers,
horizontal position registers of display controllers, and other rapidly
changing sources. Such schemes, though, need to be looked at carefully
by people who have some idea of cryptographic key generation. Any
deterministic scheme is no good, of course.
I've seen code posted which uses the output from time(II) as
input to a password generator. Anything that works that way is
easy to crack.
John Naglegordon@prls.UUCP (Gordon Vickers) (08/21/89)
In article <16924@rpp386.Dallas.TX.US> jfh@rpp386.cactus.org (John F. Haugh II) writes: ->In article <36830@bu-cs.BU.EDU> madd@buit15.bu.edu (Jim Frost) writes: ->>In article <24888@prls.UUCP> gordon@prls.UUCP (Gordon Vickers) writes: ->>| The advice I see most often, and use myself is to simply pick ->>| two unrelated words that are seperated by a symbol, with the entire ->>| password being seven or eight charectors in length. Care to figure ->>| what the odds are of a hacker breaking it ? ->> ->>Sure. Very good if the hacker has (exclusive) access to a good ->>parallel machine, or access to several PC's and a good crypt() ->>implementation. -> ->I'd say its a virtual certainty any good programmer could break that ->system in a very small amount of time. -> ->A few questions crop up - how many three or four letter words are ->there, versus possible three or four letter combinations of letters. ->Next, how many special symbols are there. -> ->The answer should be a small enough number for my PC to get it over ->one or two nights of crunching. ->-- On a PC ? Anyone care to try ? Here's my password from another Unix machine: gordon:FM9M5x3Dlt/ao:202:40:Gordon Vickers,5370,9021,69,:/a/gordon:/bin/csh The password was choosen as I recommended and each of the two words can be found in the New Websters's Dictionary of the English Language. Remember though, you must use a P.C. If you can do it, I'd be interested in knowing how. I'm no expert on security but I am interested since I manage another multiuser system. Gordon Vickers 408/991-5370 (Sunnyvale,Ca); {mips|pyramid|philabs}!prls!gordon ------------------------------------------------------------------------------ Every extinction, whether animal, mineral, or vegetable, hastens our own demise.
jeffm@uokmax.UUCP (Jeff Medcalf) (08/23/89)
(Taken from many different articles...) >>| The advice I see most often, and use myself is to simply pick >>| two unrelated words that are seperated by a symbol, with the entire >>| password being seven or eight charectors in length. Care to figure >>| what the odds are of a hacker breaking it ? > >I'd say its a virtual certainty any good programmer could break that >system in a very small amount of time. > >A few questions crop up - how many three or four letter words are >there, versus possible three or four letter combinations of letters. >Next, how many special symbols are there. > >The answer should be a small enough number for my PC to get it over >one or two nights of crunching. The problem is that you assume that you KNOW that this is the scheme being used. In actuality, a true password breaking program would require checking: 1) the words in /usr/dict/words 2) the username 3) the user id (ex: uid41 in my case, or just 41, or uid 41, etc.) In effect, your best bet is to start checking each single character, then each character pair, then each three, etc. You could send several long documents through a program to generate letter pair and triple frequencies, then check them in order of frequency. In effect, you really *would* need to run a good mainframe in single-user mode for a few weeks to be assured of breaking a password. Disclaimer: You can always use ^K. Flames > /dev/null jeffm@uokmax.UUCP | What do you mean "segmentation fault?" Jeff Medcalf | Phasers on deep baste!
doug@letni.UUCP (Doug Davis) (08/23/89)
From an actual experment I ran a few months ago on some of our machines
the password in question was "zzzzzzzz" the processors were 33mhz 68030's
doing the crunching. If theres a good reason I might post the program.
Otherwise the program consisted of 8 for loops using pointers to reference
the "trial-string" and a very quick implmentation of the crypt() library
call. just how much quicker? roughly 20 times as fast as the implmentation
that comes with generic sysV. (It was done by making pointer references out
of everything, some in-line code, and lots of try it and see if it goes
any faster *this* way ;-) )
The purpose of this experiment was to prove that given enough computing power
and a resonably fast crypt() a person could *EASLY*, with a brute force
approach, crack passwords without any major difficulty.
Each machine was given a section of "test" data to grind, for example
machine 1 would be given "\1\0\0\0\0\0\0\0" thru "\200\200\200\200\0\0\0\0" and
so forth. They were then allowed to crunch until they finished their
tasks.
Now then, on to the statisics. These numbers will vary greatly with the
split of the data, i.e which set of "test data" each machine gets to perform.
In this test I recorded the time it took the last machine to complete, not
the one that actually guessed the password.
Number of machines crunching, Aprox Hours to guess password
1 1012*
4 209
16 67
*Except for one powerfailure the one machine ran for an entire 6 week period.
Now if someone has a real parallel machine or a C2 I could borrow i'ed
be glad to generate some statistics with some real computing power.. ;-)
Anyway this data should really be considered rough, When I get
some time (haha) I will be re-doing the experment under a very tight
control and probably write a paper on it.
Oh yeah, I have the same experment running on a PeeCee (286 @ 16mhz)
it's 5 weeks into it now, and not real close. However a rough guess says
20-25 weeks given where it is now and how fast it's incrementing.
Kinda gives ya the willies doesn't it?
BTW, theres a good public domain shadow password package available from
comp.sources archives, jfh@rpp386 and others have been putting lots of
time keeping it alive. If these numbers scare you and they did me, get
the package, compile it for double length passwords and use them. The
time it takes to brute force a password goes up exponentially based on
it's length.
Anyway, gotta go change that password again.
doug
--
Doug Davis/1030 Pleasant Valley Lane/Arlington/Texas/76015/817-467-3740
{sys1.tandy.com, motown!sys1, uiucuxc!sys1 lawnet, attctc, texbell} letni!dougjthomp@hemaneh.Central.Sun.COM (Jim Thompson Sun Dallas IR) (08/24/89)
> and a resonably fast crypt() a person could *EASLY*, with a brute force > approach, crack passwords without any major difficulty. > tasks. > Now if someone has a real parallel machine or a C2 I could borrow i'ed > be glad to generate some statistics with some real computing power.. ;-) I don't know if Doug meant 'Cray 2', 'Convex C2', or something else here. What I do know is that crypt is fairly vectorizable, and will fall to the Convex vector 'C' compiler as is. (Ok, so you take out the obvioius slowdowns..) VC *loves* array references. Anyway, it turns out that you can do some blazingly huge number of (en)cryptions/sec on a Convex C1, (2000-2500). At Convex, we had a password daemon that would fire up once per night, and guess 'obvious' passwords, ("convex", login name, common obscenities, /usr/dict/words, etc. If it found that you had a naughty password, it would send you a nastygram via email asking you to change your password. A 4-headed C2 would be just plain wicked on this problem. (Since you get 4 vector units all chugging at the problem.) Also, remember that when the Internet worm strode forth last Nov, it was as interested in 'ordinary Joe' passwords as others. It 'used' the information gained about your password on 'this' system to attempt gaining access to 'that' system. Moral? Don't keep the same password on all your accounts. (But you knew that, right?) Jim Thompson - Network Engineering - Sun Microsystems - jthomp@central.sun.com Member of the Fatalistic International Society for Hedonistic Youth (FISHY) "I woudn't recommend sex, drugs, or unix for everyone, but they work for me." - Me (paraphrasing Hunter S. Thompson)
jfh@rpp386.Dallas.TX.US (John F. Haugh II) (08/24/89)
In article <3638@uokmax.UUCP> jeffm@uokmax.UUCP (Jeff Medcalf) writes: I wrote: >>I'd say its a virtual certainty any good programmer could break that >>system in a very small amount of time. >The problem is that you assume that you KNOW that this is the scheme >being used. In actuality, a true password breaking program would >require checking: He said this was the system being used. Any information regarding character set, word selection, etc. increases the ease with which a password can be cracked. -- John F. Haugh II +-Quote of the month club: ------------ VoiceNet: (512) 832-8832 Data: -8835 | Speaking of Netnews Administration: InterNet: jfh@rpp386.cactus.org | "If Bill Vajk can do it, anyone can" UUCPNet: {texbell|bigtex}!rpp386!jfh +--------- -- Patricia O Tuama-----
chris@mimsy.UUCP (Chris Torek) (08/25/89)
In article <712@texsun.Central.Sun.COM> jthomp@hemaneh.Central.Sun.COM (Jim Thompson Sun Dallas IR) writes: >Also, remember that when the Internet worm strode forth last Nov, >it was as interested in 'ordinary Joe' passwords as others. It 'used' >the information gained about your password on 'this' system to attempt >gaining access to 'that' system. Nope. It could have, but the code to do that was not present. -- In-Real-Life: Chris Torek, Univ of MD Comp Sci Dept (+1 301 454 7163) Domain: chris@mimsy.umd.edu Path: uunet!mimsy!chris
jc@minya.UUCP (John Chambers) (09/04/89)
In article <16937@rpp386.Dallas.TX.US>, jfh@rpp386.Dallas.TX.US (John F. Haugh II) writes: > In article <3638@uokmax.UUCP> jeffm@uokmax.UUCP (Jeff Medcalf) writes: > > He said this was the system being used. Any information regarding > character set, word selection, etc. increases the ease with which > a password can be cracked. For instance, if you know that the system discourages or prevents the users from using passwords of less than 5 characters, you can use this to trim away all the short words from the on-line dictionary, greatly speeding up the cracking job. (Not that any system we know of would do something so silly. ;-) -- #echo 'Opinions Copyright 1989 by John Chambers; for licensing information contact:' echo ' John Chambers <{adelie,ima,mit-eddie}!minya!{jc,root}> (617/484-6393)' echo '' saying
rusty@cadnetix.COM (Rusty Carruth) (09/20/89)
In article <24888@prls.UUCP> gordon@prls.UUCP (Gordon Vickers) writes: > The advice I see most often, and use myself is to simply pick > two unrelated words that are seperated by a symbol,... How about two unrelated words interspersed with each other? Thus "PASSWORD guessing" becomes PgAuSeSsWsOiRnDg. However, it took me about 30 seconds to type that, and I had to continually refer to both what I had typed and to the two words I was using. Oh, well, never mind. >..... Care to figure > what the odds are of a hacker breaking it ? > I'm surprised we have not seen the answer yet :-) ---------- Rusty Carruth UUCP:{uunet,boulder}!cadnetix!rusty DOMAIN: rusty@cadnetix.com Daisy/Cadnetix Corp. (303) 444-8075\ 5775 Flatiron Pkwy. \ Boulder, Co 80301 Radio: N7IKQ 'home': P.O.B. 461 \ Lafayette, CO 80026