Broken Authentication - Offline Password Cracking

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

what's up guys we're going to be taking a look at this lab offline password cracking let's just take a look at the notes this lab stores the user's password hash in a cookie it's an md5 hash the lab also contains a cross-site scripting vulnerability in the comment functionality the idea is we're going to use the cross-site scripting vulnerability to get the victim's hash we're then going to take that hash and crack it in order to get the victim's password to solve the lab obtain Carlos's stay logged in cookie and use it to crack his password then log in as Carlos and delete his account from the my account page in order to solve the lab so notice that we are dealing with a Blog and we can have a look at posts on the blog and we have the ability to leave a comment let's paste our payload in this is provided in the guidelines by portswigger and we have a constant here your exploit server ID now in order to get that we can just head to the exploit server the idea here is the exploit server represents an attacker controlled domain this is the URL so if a victim were to navigate to this URL directly they would be visiting an attacker controlled website let's grab this URL and we're going to include this as part of the payload we're going to discuss this very shortly for now let's just paste in the URL of the attack controlled domain the idea is that this particular blog post comment field is directly susceptible to cross-site scripting we can inject HTML script tags it's going to get directly embedded into into the HTML that's returned from the server so this is now JavaScript that will be executed on any visitor's browser to this particular blog what does the JavaScript do it sets the location or document.location of the browser to the URL of the attacker control domain other words it sends the victim to the attacker control domain and on the end of the URL document.cookie is going to be appended now the idea is as the owner of the attacker control domain we can see get requests that come into that endpoint so if document.cookie is attached to the end of the URL we are essentially stealing the victim's cookie so we do have to fill out some arbitrary information in order to be able to make a blog post although we don't need to be logged in so let's just add that information we can provide a fake website it just needs to have HTTP in order to bypass the frontend verification let's choose post comment thanks for your comment it's been submitted back to blog now if you have a look at our posted comment in fact we can inspect the Dom there inside paragraph tags instead of text we actually have script tags embedded into the HTML and we can see it's setting document.location to the URL of the attacker and it's also submitting document.cookie now it took a little while but you can see the browser has now actually redirected Us in accordance with that JavaScript let's head back to the blog page so I'm not sure why it takes long I think the lab is maybe a bit lagged but eventually again we'll get directed once the page is fully loaded up that JavaScript will kick in and it will send us to the attacker control domain so now we have this section on the exploit server access log and it's possible in order to trigger or simulate a victim to visit the lag we may need to store some kind of body on the page I'm just going to click store on hello world because there doesn't need to be any malicious code on the attacker controled page we just need to be able to access the access log so we can see the URLs of the get requests coming into the attacker control domain so let's chose access log and we can see in the access log there is a get request coming into our attacker control domain and we can also see the cookies appended to the end of that URL so we have the secret but we're interested in this stay logged in cookie we've seen in previous Labs that the value of this stay logged in cookie is base 64 encoded string and underneath that we're going to see the username and an md5 hash of the password so let's copy that to the clipboard so just to finalize the cross-site scripting component of this we've obviously stored a comment on the blog which injects JavaScript into the HTML that's returned victim visits the blog the JavaScript is executed which redirects the victim's browser to the attacker control domain we then harvest the cookie information which we've designed to be appended to the end of the URL so how do we do that we're going to copy the value of the stay loged in cookie here is the decoder tab in burp we've pasted in our Bas 64 encoded string it's being decoded and we can see that we have username Carlos that's our victim then we have a colon then we have the md5 hash of the password so we're going to grab that next and this is really where we get to the actual title of the lab which is offline cracking of passwords in other words we have an md5 hash we want to reverse engineer that so we have the actual password of Carlos now it turns out if we search for that md5 hash directly you can see the first result there md5 reverse 4 followed by our md5 hash if we take a look at that we can actually see the value of the reverse engineered md5 hash reverse string Once Upon a Time now that was very fast the question is how were we able to reverse the md5 hash so quickly and it's a result of what we can describe as rainbow tables in other words someone has taken a very long list of passwords iterated through every single password and generated the md5 hash that way when we have access to an md5 hash it's just a lookup operation we have a database of passwords along with the md5 hashes we can then look up very quickly the relevant md5 hash and we can check out the Reversed hash to get the original password string so this is a concept known as rainbow tables now there are ways to defeat the concept of rainbow tables for example making use of salting when generating md5 hashes which has obviously not been done in this case this is just a raw md5 hash of Once Upon a Time but this is not the only way of cracking md5 hashes very often we might make use of a program for example something like John the Ripper something like hashcat and there are different ways of attacking an md5 hash as well for example we could make use of word lists but there's also a concept known as rule based attacking of md5 hashes basically it makes use of a set of rules in a Brute Force way so for example it could be the first two digits need to be consonants followed by digit followed by two consonants then based on that rule set a tool like hashcat can go through all of the iterations of a possible password even something like an md5 hash brute forcing can take a long time especially if we're dealing with a complex password but one of the interesting things about md5 is it's not secure against Collision attacks so we don't necessarily increase the security by increasing the length of a password Beyond a certain point and that's because we are simply looking for any password that generates the correct md5 hash in other words more than one string could generate the same hash this is something that's referred to as a collision and md5 is no longer considered cryptographically secure because it's susceptible to these types of collision attacks so let's see a quick example of using John the Ripper to crack an md5 hash we can see in the current directory we have to file has. text and if we cap that to the screen we can see that all this file does is contain the md5 hash string now making use of John first of all you need to install it we can type John here to see that it is installed using a deviant system you can do something like sudu app get install John in order to grab this slightly different depending on the flavor of Linux that you're using now on a very basic level we can just point John at has. text so let's start by doing that this is not going to give us the result we want it's a little bit too broad at the moment let's see what happens so first of all we can see that John is trying to detect the format so one of the things that we can do which is a good idea is actually to explicitly tell John the Ripper this is the format of the hash that I'm passing to you and then it proceeds to go through a password list you can see it says they're proceeding with word list and it's contained at USR share John password. LST now if you press enter it gives us an idea regarding the process it's going through each password the list but as you can see 0.05% of the way through the password list plus there does seem to be some level of confusion regarding what this string actually is first of all we can specify what we're looking for so we're looking for an md5 hash so we can type john-- format equals raw hyphen md5 so we're explicitly telling John the string we're passing to is an md5 hash please go through your word list and try and crack this hash now we do actually have the option as well of providing a word list so for example if there's one in the current directory we could just point it to word list. text and what we're going to do is we're going to make use of the default word list for this but you can use a custom word list let's just check out that default word list in fact I'm going to Vim into USR share John password. LST let's take a look at that and you can see at the beginning of the password list I've actually added the password once upon a time I don't know if it's in here by default I'm going to assume that it's not seems to mostly be single words this is where we might make use of rule-based hash cracking because we can actually set up rules such as combine words in different ways so we could combine two words from this word list for example in all of the possible iterations but as you can imagine that just makes the word list longer so let's exit this document so we're simply going to specify that the format is raw md5 and then we're going to point John to hh. text let's run that so you can see now it has a word list that does in fact definitely contain the password we've set it as the first match to speed things up and we've also told John explicitly that this is raw md5 and you can see straight away we get Once Upon a Time Echo to the output with a question mark by it basically it's telling us that this is the string that's produced at md5 hash in other words this is the victim's password now if you want to check the passwords that have been cracked we can make use of the John show command so we'll specify the format again we'll type John format equals raw hyphen md5 D- show and then we'll Point John to has. text again so we're asking it which hashes have been cracked from the hash do text file press enter you can see one password hash cracked you can see it has the value Once Upon a Time so obviously this was fairly fast for us if you are making use of a list that has hundreds of thousands of passwords in it's going to take a while in order to crack the hash and ultimately you may not even crack the hash using that method so using pre-compiled rainbow tables available online is potentially going to yield you the fastest result for your time investment but as you can see it's not the only method for cracking a hash and we use a word list but there are a range of Brute Force options making use of rule-based hash cracking as well now I don't believe that the hash changes for this lab in other words the victim's password is always going to be the same so technically you could just cheat with this lab all you really have to do is go to the login page username Carlos password Once Upon a Time press enter and in order to solve the lab we just need to choose the delete account option are you sure it actually prompts us for our password again once upon a time delete account then we get the flag congratulations you solve the lab so there are number of key problems with this lab ostensibly this is a lab on offline password cracking so although there was the whole cross-site scripting vulnerability which was quite severe in this case that's not really the purpose of the lab but obviously the cross-site scripting attack Vector needs to be patched but the key idea behind this lab was offline password cracking making use of the md5 Hat most straightforward mitigation here is simply not to use md5 hashes because they're not considered cryptographically secure in the modern era so although there are things that we can do to make md5 hashing algorithm more secure in the way that we implemented as part of our web app the easiest thing to do here is just don't use md5 and if a web app is using md5 it implies in many cases that if you get access to the md5 hash is as good as having the password itself which is obviously a problem this this is why we store passwords in a hashed format it's so that someone can have access to the hash but still not know the underlying password that's becoming less and less true with md5 hashing algorithm as time goes on basically don't use md5 all right hope it was helpful thanks for checking out the content and I'll catch you guys in the next Lab

Info

Channel: z3nsh3ll

Views: 8

Rating: undefined out of 5

Keywords:

Id: QlJ7Ojh80e8

Channel Id: undefined

Length: 12min 48sec (768 seconds)

Published: Thu Jul 11 2024