Cracking 7z files Using John The Ripper

7z or 7zip it's a compressed archive format that implements AES-256 encryption.  I have an encrypted compressed archive for which I forgot the password.  I decided to guess it using John The Ripper (JTR).

I needed another tool besides JTR. It's a python script called 7z2john.py by PyLZMA Copyright (C) 2004-2010 Joachim Bauch under the GNU LESSER GENERAL PUBLIC LICENSE.  You can Google it: https://www.google.com.co/#q=7z2john.py or clone the repository through git:

• git clone https://bitbucket.org/dhiru/pylzma-ng.git

To extract the hash of the compressed file just execute the python script:

• ./7z2john.py archive.7z > hash.txt

Finally use the output of the python script as a input file for JTR.

This attack is only possible when you have a few list of words and the certainty that they are correct, because the AES encryption used by 7z implements protection against bruteforce attacks.  It's a extremely slow process, in my laptop 193 passwords took it 8 seconds.

THC Hydra Password Cracker

Hydra is a tool that performs online attacks to guess a valid user & password from a network service.

I've tried it over mysql databases, ftp, http, https, web forms.

There are alternatives like medusa and ncrack, a full online attack may be performed with the three tools, each one can be more successful or faster for every the type of service.

Help and further instructions will be displayed with:

• hydra -h
• hydra -U http-post-form

The -U option shows help and examples, especially for the web form attacks. You will need to know deeply how the web form works to perform a successful attack. Tools like Burp Suite will help to track the requests, headers and responses generated by the login pages.

To perform an unsuccessful attack for a ftp service:

hydra 255.255.255.254 ftp -l ftpuser -P /wordlists/passwords.lst -vV

Only one username (-l option) and file with a list of passwords (-P option) -vV for verbosity and 

Hydra v8.1 (c) 2014 by van Hauser/THC - Please do not use in military or secret service organizations, or for illegal purposes.

Hydra (http://www.thc.org/thc-hydra) starting at 2016-01-25 17:44:07
[DATA] max 16 tasks per 1 server, overall 64 tasks, 16 login tries (l:1/p:16), ~0 tries per task
[DATA] attacking service ftp on port 21
[VERBOSE] Resolving addresses ... done
[ATTEMPT] target 255.255.255.254 - login "pruebaftp" - pass "dic" - 1 of 16 [child 0]
[ATTEMPT] target 255.255.255.254 - login "pruebaftp" - pass "nov" - 2 of 16 [child 1]
[ATTEMPT] target 255.255.255.254 - login "pruebaftp" - pass "oct" - 3 of 16 [child 2]
[ATTEMPT] target 255.255.255.254 - login "pruebaftp" - pass "sep" - 4 of 16 [child 3]
[ATTEMPT] target 255.255.255.254 - login "pruebaftp" - pass "ago" - 5 of 16 [child 4]
[ATTEMPT] target 255.255.255.254 - login "pruebaftp" - pass "jul" - 6 of 16 [child 5]
[ATTEMPT] target 255.255.255.254 - login "pruebaftp" - pass "jun" - 7 of 16 [child 6]
[ATTEMPT] target 255.255.255.254 - login "pruebaftp" - pass "may" - 8 of 16 [child 7]
[ATTEMPT] target 255.255.255.254 - login "pruebaftp" - pass "abr" - 9 of 16 [child 8]
[ATTEMPT] target 255.255.255.254 - login "pruebaftp" - pass "mar" - 10 of 16 [child 9]
[ATTEMPT] target 255.255.255.254 - login "pruebaftp" - pass "feb" - 11 of 16 [child 10]
[ATTEMPT] target 255.255.255.254 - login "pruebaftp" - pass "ene" - 12 of 16 [child 11]
[ATTEMPT] target 255.255.255.254 - login "pruebaftp" - pass "mateo" - 13 of 16 [child 13]
[ATTEMPT] target 255.255.255.254 - login "pruebaftp" - pass "staff" - 14 of 16 [child 6]
[ATTEMPT] target 255.255.255.254 - login "pruebaftp" - pass "inf" - 15 of 16 [child 12]
[ATTEMPT] target 255.255.255.254 - login "pruebaftp" - pass "matias" - 16 of 16 [child 15]
[STATUS] attack finished for 255.255.255.254 (waiting for children to complete tests)
[STATUS] 16.00 tries/min, 16 tries in 00:01h, 1 todo in 00:01h, 5 active
[VERBOSE] Retrying connection for child 13
[VERBOSE] Retrying connection for child 12
[VERBOSE] Retrying connection for child 3
[VERBOSE] Retrying connection for child 14
[VERBOSE] Retrying connection for child 15
1 of 1 target completed, 0 valid passwords found
Hydra (http://www.thc.org/thc-hydra) finished at 2016-01-25 17:45:16

The attack failed because a valid pair user-password wasn't found, the option -L could help replacing the single "-l admin" username with a list of usernames (-L usernames.lst)


To perform a successful attack to an http basic authentication service which resides in folder "stats":

hydra 255.255.255.254 http-get -m /stats -l admin -P list.lst -e nsr -vV

Hydra v8.1 (c) 2014 by van Hauser/THC - Please do not use in military or secret service organizations, or for illegal purposes.

Hydra (http://www.thc.org/thc-hydra) starting at 2016-01-26 09:38:08
[DATA] max 16 tasks per 1 server, overall 64 tasks, 20 login tries (l:1/p:20), ~0 tries per task
[DATA] attacking service http-get on port 80
[VERBOSE] Resolving addresses ... done
[ATTEMPT] 255.255.255.254 - login "admin" - pass "admin" - 1 of 20 [child 0]
[ATTEMPT] 255.255.255.254 - login "admin" - pass "" - 2 of 20 [child 1]
[ATTEMPT] 255.255.255.254 - login "admin" - pass "nimda" - 3 of 20 [child 2]
[ATTEMPT] 255.255.255.254 - login "admin" - pass "dic" - 4 of 20 [child 3]
[ATTEMPT] 255.255.255.254 - login "admin" - pass "nov" - 5 of 20 [child 4]
[ATTEMPT] 255.255.255.254 - login "admin" - pass "oct" - 6 of 20 [child 5]
[ATTEMPT] 255.255.255.254 - login "admin" - pass "sep" - 7 of 20 [child 6]
[ATTEMPT] 255.255.255.254 - login "admin" - pass "ago" - 8 of 20 [child 7]
[ATTEMPT] 255.255.255.254 - login "admin" - pass "jul" - 9 of 20 [child 8]
[ATTEMPT] 255.255.255.254 - login "admin" - pass "jun" - 10 of 20 [child 9]
[ATTEMPT] 255.255.255.254 - login "admin" - pass "may" - 11 of 20 [child 10]
[ATTEMPT] 255.255.255.254 - login "admin" - pass "abr" - 12 of 20 [child 11]
[ATTEMPT] 255.255.255.254 - login "admin" - pass "mar" - 13 of 20 [child 12]
[ATTEMPT] 255.255.255.254 - login "admin" - pass "feb" - 14 of 20 [child 13]
[ATTEMPT] 255.255.255.254 - login "admin" - pass "ene" - 15 of 20 [child 14]
[ATTEMPT] 255.255.255.254 - login "admin" - pass "Dic.2015" - 16 of 20 [child 15]
[ATTEMPT] 255.255.255.254 - login "admin" - pass "mateo" - 17 of 20 [child 1]
[ATTEMPT] 255.255.255.254 - login "admin" - pass "staff" - 18 of 20 [child 8]
[ATTEMPT] 255.255.255.254 - login "admin" - pass "inf" - 19 of 20 [child 2]
[ATTEMPT] 255.255.255.254 - login "admin" - pass "matias" - 20 of 20 [child 3]
[STATUS] attack finished for prueba.edatel.net.co (waiting for children to complete tests)
[80][http-get] host: 255.255.255.254   login: admin   password: Dic.2015
1 of 1 target successfully completed, 1 valid password found
Hydra (http://www.thc.org/thc-hydra) finished at 2016-01-26 09:38:08

The attack tried the null password, login as password and reverse login as password (option -e nsr) and found a valid pair user-password, the quality of the dictionary of words is the key to success,

If you're are not a fan of the command line tools try Xhydra, a graphical front-end to build and customize your attack.

Checking Password Policy With John The Ripper Using --rules

John The Ripper (JTR) is a tool useful to check the strenght of password policy, I've tried on SQL Server databases, Linux passwords, Oracle databases, Windows passwords, etc.

John it's included on some Linux distributions focused on security like Backtrack, Kali or you can get the source code and build it on your system from the official site http://www.openwall.com/john/

My favorite is the dictionary attack. It needs a wordlist file (dictionary) that combined with --rules option gives a plus trying many additional and known combinations, symbols, numbers, concatenations, etc. for every word in the wordlist.

Below there is an example on how work John on Backtrack Linux with a file with 3 hashes md5 (FreeBSD MD5 [32/32]). In my laptop it can test 6141 passwords per second (Depends on the hash type)

/pentest/passwords/john/john-x86-sse2 --wordlist=español.lst --rules shadowmd5

Loaded 3 password hashes with 3 different salts (FreeBSD MD5 [32/32])
guesses: 0  time: 0:00:00:01 0.01% (ETA: Fri Oct 21 23:17:28 2011)  c/s: 6141 
guesses: 0  time: 0:00:00:10 0.10% (ETA: Fri Oct 21 23:17:28 2011)  c/s: 6262  trying: almatriche
guesses: 0  time: 0:00:03:21 3.70% (ETA: Fri Oct 21 22:01:20 2011)  c/s: 6100  trying: Asesoro

Below there is a simple explanation of the inputs for John used in the example:

• shadowmd5: Is a example file taken from the system itself (/etc/shadow), to make able John to read it, first it needs to use the program unshadow that mixes the /etc/passwd and /etc/shadowfiles like this:
  
  unshadow /etc/passwd /etc/shadow > shadowmd5

• --wordlist: Is the file containing the candidate passwords, a sample of a 5 characters upper dictionary looks like:
  
  MARIA
  MONEY
  MONES
  MARLA
  MARLY
  MONIA
  MONIE

• --rules: Is the option that tells John to take every word from the dictionary and mutate it to another words according to the rules existing in the John config file (/etc/john/john.conf) you can also edit the file and put your own rules, but I believe that the default rules are enough to check the password policy.
  
  When you use the option --rules (same as --rules=Wordlist) John will try approximately 52 new passwords based on variations of the word, for the word "crack" John will mutate words like:
  
  Cracks
  cracked
  cracking
  Cracked
  Cracking
  crack5
  crack!
  2crack
  
  John will put numbers 0-9, three symbols ?!. at the beginning and the end of the word, apply english grammar and uppercase and lowercase combinations to guess the password.
  
  
  When you use the option --rules=NT John will try approximately 32 new passwords based on lowercase and uppercase variations in every character that's been used on the word, for the word "crack" John will mutate words like:
  
  crack
  CraCkCrACkCRaCkCRACkcracKcraCKcrAcK
  CRACK
  
  
  When you use the option --rules=Single John will try approximately 836 new passwords based on the same default variations from the --rules option without SECTION specified, but extended with more special characters and bigger numeric combinations, for the word "crack" John will mutate words like:
  
  crack
  ack
  crackm
  crack#
  Crack's
  @crack
  Dr.crack
  Crack99
  crack1900
  crack2019
  
  When you use the option --rules=Extra John will try approximately 4288 new passwords based on lowercase and uppercase variations, combinations with two characters at the beginning and the end of the word and finally numbers from 000 to 999,  for the word "crack" John will mutate words like:
  
  crack
  crackzk
  crack000
  Crack999
  crackdd
  crackzz
  zcrackz
  
  
  When you use the option --rules=Jumbo John will try approximately 5206 new passwords based on the --rules=Wordlist, --rules=NT, --rules=Single, --rules=Extra, this rule it's declared in the /etc/john/john.conf file:
  
  
• #For Wordlist mode and very fast hashes
• [List.Rules:Jumbo]
• .include [List.Rules:Wordlist]
• .include [List.Rules:Single]
• .include [List.Rules:Extra]
  
• .include [List.Rules:NT]


There are some other rules that can replace 1, 2 o 3 characters at the same time, increasing exponentially the number of variations per word, below are the quantity of variations for the word "crack"

o1:3420 passwords
o2:220900 passwords
o3:103823000 passwords

i1:3420 passwords
i2:2030625 passwords
i3:857375000 passwords

i:2034045 passwords
o:224320 passwords
oi:2258365 passwords

The options --rules=Jumbo, --rules=Extra, --rules=Single or the "i" and "o" rules must be used carefully either, with fast hashes or small dictionaries unless you want to wait years for John to finish the attack.

For more examples and documentation visit the official site: http://www.openwall.com/john/doc/

Encrypt & Decrypt (Using GPG To Encrypt And Sign Your Data Part III)

After the creation of the private and public keys GPG allows the encryption, decryption and signing.

Encrypt: To encrypt a file, GPG use the public key and the only way to decrypt is using the private key.

In the image below the file encrypted.file is the input to the gpg command, the option -a creates a readable ASCII output, "god@spam.com" is the userid associated to the public key, and the option --encrypt speaks for itself.

The encrypted content resides in the file encrypted.file.asc, without the -a option GPG will generate a file with a binary content called encrypted.file.gpg


Decrypt: To decrypt, a file GPG use the private key.

In the image below the file encrypted.file.asc is the input to the gpg command, the option --output creates a new file called plain.file with decrypted content, "god@spam.com" is the userid associated to the private key, and the option --decrypt speaks for itself.  GPG will ask for passphrase of the private key unless that the option --passphrase XXX is present in the options of the gpg --decrypt command.

The encrypted content resides in the file encrypted.file.asc, without the -a option GPG will generate a file with a binary content called encrypted.file.gpg


Sign In Clear Text: GPG can sign in cleartext.  For the signing purposes it's mandatory to use the private key.

In the image below the file encrypted.file is the input to the gpg command, the option --clearsign perform a new file with the message in plain text and the signature in ASCII.

If the content of the message it's different from "This is a encrypted message" (corrupted.file.asc) the verification of the signature will fail as shown in the next image:

But if the message is "This is a encrypted message" (encrypted.file.asc) the verification will be OK.

Sign & Encrypt: GPG can sign & encrypt a file  For the signing purposes it's mandatory to use the private key.

In the image below the file encrypted.file is the input to the gpg command, the option --sign perform a new file signed and encrypted in a single GPG message:

The content in the file encrypted.file.asc is valid to check the signature and to decrypt the original message with the private key.

Listing & Managing Keys (Using GPG To Encrypt And Sign Your Data Part II)

After the creation of the private and public keys, GPG allows the listing of both public and private rings
using "gpg --list-keys" and "gpg --list-secret-keys" as shown in the next image:

Sometimes the need to exchange keys appears,  GPG has it's tools for exporting and importing keys.

To export a key from the public ring to a plain text file use the option --output, the option --armor creates
a readable ASCII output, "god@spam.com" is the user id associated to the key.

To export a key from the private ring to a plain text file use the option --output, the option --armor creates
a readable ASCII output, "god@spam.com" is the userid associated to the key.

To import keys to the public or private rings just use "gpg --import" the program will add it to the correct ring by the header of the key.

Key imported to the public ring withe the user id jesus@spam.com (It was generated with GPG For Windows) as shown in the next image:

Key imported to the private ring withe the user id jesus@spam.com (It was generated with GPG For Windows) as shown in the next image:

The next entry shows how to encrypt and decrypt with GPG: http://davidalexandermejia.blogspot.com/2014/04/encrypt-decrypt-using-gpg-to-encrypt.html

Generating Keys (Using GPG To Encrypt And Sign Your Data Part I)

GPG is a GNU solution that can be used when we need to implement the PKI (Public Key Infrastructure) without the costs of something like PGP.

GPG is a multiplatform solution that can be used with Windows (Command Line) or Linux, this example is under a Linux platform.

There is an option --gen-key that can generate four kind of keys, for our purpose (1) RSA and RSA or (2) DSA and Elgamal are useful. In the next image (1) RSA and RSA was chosen.

The program asks for the key length (between 1024 and 4096 bits) and the expiration time, a year or two is a common caducity time.

In the example the keys have 2048 bits and 2 years of time before the key expires.

The program asks for a name, email address to identify the owner of the key and an optional comment.  In the example the userid and the email address are the same (god@spam.com) after that the program shows the options to change the name (N), commen (C) or email (E) or Okay (O) for commit the changes or (Q) for quit the program.

After choosing the (O)kay the program asks for a passphrase to protect the private key, depending of the length of the key the program will need some  time to generate the random numbers.

The keys and their signatures are created after the program find the randon numbers, finally it saves the keys in the private and the public rings of the gpg program.

The next entry shows how to list and manage the keys: http://davidalexandermejia.blogspot.com/2013/11/showing-managing-keys-using-gpg-to.html

Oracle LAST_DAY function in SQL Server

Today I was working in SQL Server 2008. I need to use a function similar to Oracle's LAST_DAY in my scripts, but I cannot find an equivalent function, so I decided to perform a new one.

This is the script to build the function in SQL Server:

CREATE FUNCTION [dbo].[LAST_DAY] ( @pInputDate    DATETIME )

RETURNS DATETIME

BEGIN

    DECLARE @vOutputDate        DATETIME

    SET @vOutputDate = CAST(YEAR(@pInputDate) AS VARCHAR(4)) + '/' +

                       CAST(MONTH(@pInputDate) AS VARCHAR(2)) + '/01'

    SET @vOutputDate = DATEADD(DD, -1, DATEADD(M, 1, @vOutputDate))

    RETURN @vOutputDate

END

These are the test scripts in SQL Server and Oracle:

• SELECT dbo.LAST_DAY(getdate())

• SELECT LAST_DAY(TRUNC(SYSDATE)) FROM dual

The result row in both scripts was: 2012-10-31 00:00:00.000