Slashdot Mirror

← Back to Stories (view on slashdot.org)

Swiss Researchers Exploit Windows Password Flaw

Posted by timothy on from the sigh dept.

Bueller_007 writes "CNET is carrying an article about a new (albeit simplistic) method used to hack alphanumeric Windows passwords in a matter of seconds, rather than minutes. To blame is a 'weakness in Microsoft's method of encoding passwords.' According to the authors, the same method, when used on Mac OS X, Unix and Linux boxes, however, could require either 4,096 times more memory or 4,096 times longer." A few more details: Mister.de writes "As an example we have implemented an attack on MS-Windows password hashes. Using 1.4GB of data (two CD-ROMs) we can crack 99.9% of all alphanumerical passwords hashes (2 37 ) in 13.6 seconds whereas it takes 101 seconds with the current approach using distinguished points. We show that the gain could be even much higher depending on the parameters used. This was found at the Cryptography and Security Laboratory of the Swiss Federal Institute of Technology in Lausanne (EPFL)."

30 of 519 comments (clear)

  1. This is why... by mgcsinc · · Score: 5, Funny

    This is why I use Biopassword Perhaps their encryption method is just as insecure as microsoft's, but at least there aren't quite so many Swiss researchers trying to crack it...

    1. Re:This is why... by Charleton+Heston · · Score: 5, Funny

      I use plaintext. Granted, some people are working on cracking plaintext, but they are almost always in a 1st grade reading class and I ain't scared of them.

      --
      ======
      Get your stinking paws off me, you damned dirty ape!
    2. Re:This is why... by enomar · · Score: 5, Insightful

      I read the parent post as, "Because MS uses security through obscurity, many people think that Linux distros are inherently more secure than MS." I think he meant that security through obscurity doesn't work very well.

      Building a lock that cannot be picked by a blind man is a lot easier (and less effective in the real world) than building a lock that cannot be picked by someone with the blueprints.

      --

      :wq
  2. Performance increase by levik · · Score: 5, Insightful
    THis sort of performance increase is only useful for Mission Impossible type movie spies... I mean come on - who can't wait 100 seconds???

    People are really running out of interesting stuff to "research", aren't they...

    --
    Ñ'
    1. Re:Performance increase by Marx_Mrvelous · · Score: 5, Insightful

      You obviously aren't a computer scientist (or a computer hacker). What they got was a power of ten increase (roughly). This is a significant improvement because it is not simply incremental. Look at it this way:
      Let's say it usually took 200 days to crack a password. A company could enforce a 90-day (3 month) requirement to change passwords, and a brute force technique would have roughly a 1-in-2 chance of getting a password in any given 90-day period. Now they increased it by a factor of 10.
      Now it takes 20 days to crack a password. If the company want to keep the same level of password security, users would have to change their passwords every 7 days!

      This is a pretty big issue.

      --

      Moderation: Put your hand inside the puppet head!
    2. Re:Performance increase by M00TP01NT · · Score: 5, Funny

      Yes, and soon we'll be at a point where the password will be changing so fast you can run a brute-force attack with a static keyword!

  3. Yoddle-Aay-Hee-Hooo by ambisinistral · · Score: 5, Funny
    This post isn't by me, it is by some Swiss guy who hacked my /. password to make me look bad.

    --

    deserve's got nothing to do with it...

  4. One problem by felix9x · · Score: 5, Informative

    LanMan is not used on win2000 and winXP machines.

    NThash dont know, probably not.

    This hack is obsolte

    1. Re:One problem by Shell!U4$ · · Score: 5, Informative
      Actually,

      The LANMAN hashes are still used in Win2k. They are enabled and kept in the ActiveDirectory by default.

      If your a 100% Win2k or higher shop, you can disable the LANMAN hashes and use NTLM 2 hashes exclusively.

      Microsoft is willing to tell you how, if you look here, along with some details about the whole subject.

      Hello, my name is Shakey Weaselteat and this is a song about a whale ...

    2. Re:One problem by Torne · · Score: 5, Informative

      This crack breaks both LanMan and NTLM hashes. NTLMv2 is not affected.

      NTLMv2 was introduced in Windows 2000 and is still not the default; Windows Server 2003 Enterprise defaults to 'Send NTLM only', which will stop LanMan attacks, but not prevent NTLM attacks. It will also not ALLOW NTLMv2 to be used, even if the client supports it. I.E. the only secure authentication system which is available is disabled by default.

      Yes, all the MS security practise documents will tell you to set it to NTLMv2 only (which requires upgrading all clients to Windows 2000 or above).. but it's still not the *default*. Enabling NTLMv2 does not break backward compatibility (only disabling v1 does), so I'm not sure how they justify this decision =)

      Torne

  5. Of course the Swiss were able to hack it... by JDRipper · · Score: 5, Funny

    They've got those great knives after all.

    --
    "You know Myra, some people might think you're cute. But me, I think you're one very large baked potato."
  6. I don't understand by Trelane,+the+Squire · · Score: 5, Insightful
    While an attacker would need administrator rights to a system to grab the file that contains the password hashes, the file is still valuable, said David Dittrich, a senior security researcher at University of Washington.
    if a hacker had administrator rights, wouldn't it already be game over? On the other hand, a 20 gb hack isn't extremely portable
  7. Nothing new by raffe · · Score: 5, Informative

    "We fear, however, that the titles of these articles are a little sensational. While it is true that the LANMAN and NTHash windows password techniques have issues, the paper that kicked off this whole hub-bub [PDF] describes a refinement of an existing attack, not a new attack. We wanted to remind our readers that adequate password security is a good idea, whether your windows systems are being attacked with an adversary with an old copy of L0phtCrack, or with Philippe Oechslin's new system."

    Read it all here

  8. I hope someone hacks my passwords at work by gorjusborg · · Score: 5, Funny

    I hope someone hacks my passwords at work and deletes this stinking code I'm debugging.

    Oh, and the backups too. Just point your password crackers to ...

    --
    If it's not one thing, it's Steve's Mother
  9. Only works with NTMLv1, NTLM v2 not effected. by figleaf · · Score: 5, Informative

    This only works with NTML v1. Not with NTML v2.

    In order to prevent this
    Using secpol.mmc,
    in you security pocilies set the LAN manager authentication level to 'NTLMv2 response only refuse LM & NTLM'

    The passwords are only crackable if you have Win 9x machines in your doamin.

    If you have Windows 2000/2003 domain without Win 9x machines then you passwords cannot be recovered.

    Admins can prevent Windows 9x machines from logging in to the network.

    This is reason enough to migrate to Windows XP.

  10. If You RTA by deadlinegrunt · · Score: 5, Informative

    You'll notice the line:

    Users can protect themselves against the attack by adding nonalphanumeric characters to a password. The inclusion of symbols other than alphanumeric characters adds complexity to the process of breaking passwords--and that means the code cracker needs more time or more memory or both.

    For those that don't realize considering the following for example:

    # characters/Upper Case Only
    8 /208,827,064,576
    # characters/Upper, Lower, Numbers & Symbols
    8 /6,634,204,312,890,620

    This post is more for the types that really don't consider their password selection...

    --
    BSD is designed. Linux is grown. C++ libs
  11. So? by ioErr · · Score: 5, Insightful

    13.6 seconds or 101 seconds doesn't make much difference, now does it? The real problem is still getting administrator access to the target computer in the first place.

  12. With distributed computing, why bother? by jeeves99 · · Score: 5, Insightful

    Cracking becomes easier if you have access to a distributed network. Parse the table into managable chunks and throw it out to 100 computers. While the time taken to crack the password might not scale down in a linear fashion [ie: time/(N computers)], it will most definately drop the crack time down to less than an hour for those computers with 12bit salts (4906*.6min= 41 hr, 41hr/100comps= 25 minutes).

    Even if the 12 bit salt for mac/linux/etc was increased in size, a scale up in the number of computers used would defeat this added protection. The trend in the comp world seems to be more connectivity between large numbers of computers. All it takes is one disgruntled folding@Home grad student out at stanford to break even the most stringent password.

    It seems that increasing the size of the salt would prevent the average script kiddie from breaking your password, but does nothing to alleviate the threat distributed computing presents. So what other options are there?

    1. Re:With distributed computing, why bother? by phkamp · · Score: 5, Informative
      Nobody but old fashioned "enterprise" UNIXes like HPUX, AIX, Solaris use 12 bit salt.

      FreeBSD started using 64 bit salt and MD5 scrambled passwords back in 1994 (when I wrote the code) and since then NetBSD, OpenBSD, Cisco, GLIBC and presumably MAC OSX have adopted that code.

      Look for the tell-tale "$1$..." magic marker.

      (The fact that GLIBC doesn't correctly attribute the algorithm is somewhat sad, but they refused to do so, even when asked directly).

      --
      Poul-Henning Kamp -- FreeBSD since before it was called that...
  13. Re:Scary stuff... by PaizuriTatsujin · · Score: 5, Funny

    What we need is no passwords at all and a midget sitting on everyone's desk guarding their computer.

    When that happens I'll feel safe

  14. I for one welcome our new Swiss Overlords!!! by Picass0 · · Score: 5, Funny

    13.6 seconds! Aren't swiss watches wunderful?

  15. Wow, less memory? by Nanite · · Score: 5, Funny

    Windows uses less memory to do this trick than Linux. Who knew Windows was so efficient at handling memory when being hacked?

    Nanite

    --
    God is real unless declared integer.
  16. Welcome to the 90s by jeeptj · · Score: 5, Informative

    This authN method is 8 or 9 years old. You can disable the NT hash by using either a password length of more than 14 chars or by using a simple registry value on Windows 2000 SP2 systems or higher. This KB explains how. Any good sys admin should have the LM hash disabled on all Windows machines by default anyways and set strong passwords which contains more than simple letters and numbers.

    Mindless Microsoft bashing at it's best!

  17. Incorrect Information In The Article by Jerk+City+Troll · · Score: 5, Informative

    The article makes a statement that I think is untrue:

    While an attacker would need administrator rights to a system to grab the file that contains the password hashes, the file is still valuable, said David Dittrich, a senior security researcher at University of Washington.

    Using a tool like Cain & Able, it is possible to get access to this information without having administrative rights.

    You can also dump the hashes using Cain & Able's password cracking tool. It is really quite trivial to do.

    By the way, you can easily acquire the passwords of the last five users who logged into an NT system. They are stored in LSA "secrets", an area of memory which is easy to dump. Cain & Able does this for you.

    Have fun.

    --
    Join Tor today!
  18. Re:Scary stuff... by b!arg · · Score: 5, Funny

    Midget? No...Troll...and god knows we have enough of those around to take care of the demand. Maybe it'll solve our unemployment problem too.

    Before you can logon you must answer three questions...

    --

    Everybody dies frustrated and sad and that is beautiful
  19. Re:Gee... by ncc74656 · · Score: 5, Insightful
    I always thought there was something wrong with Microsofts password "encryption." Now it's confirmed.

    Why bother cracking NT (and Win2K/XP) passwords when you can just overwrite them? Boot from this floppy and you can change any local password (including the administrator). It's been useful on more than one occasion at work...when somebody quits or is fired, I can go in and retrieve everything in just a few minutes.

    That they're nearly as trivial to crack is somewhat disturbing...but given the ready availability of the password changer, it doesn't make Windows significantly less secure than it already is (hell, it can't get much less secure).

    --
    20 January 2017: the End of an Error.
  20. Re:No salt by Anonymous+Struct · · Score: 5, Insightful
    To their debit, most WinDesktops that I'm aware of end up as glorified single-user machines, and that user is also.... Admin. Finally build a decent security model, and then customers ignore it.

    I think the customers only ignore it because they've been bred on Win9x, which sort of casually asked if you felt like typing in a password, but didn't really care one way or the other if you actually did. You can't train people that passwords don't matter for 7 years and then expect them to start caring about security when you finally decide to implement it. So now we have a sea of internet users who don't know or care one whit about security all because they've been taught from the very beginning that all they ever have to do is plug it in, turn it on, and start browsing.

  21. Company Memo: New security procedures. by barracg8 · · Score: 5, Funny
    All,

    As you know we have a company security policy based around frequently changing passwords, in order to keep our Windows network secure.

    Previously, as you are all no doubt aware, you were required to change your Windows passwords once every 90 seconds, since NT passwords can be cracked in 100 seconds flat.

    Due to recent developments in MS password cracking, we will now be requiring all employees to change their passwords once every 10 seconds, to ensure they remain secure.

    We hope this will not detract from productivity, and apologise for any inconvenience it does cause.

    thanks,
    Management

  22. Re:No salt by Jucius+Maximus · · Score: 5, Informative
    "Many Unix systems are now moving to MD5 encrypted passwords though, which as I understand it are more secure (how? I dunno... I'm not that up to date on it)."

    The String -> MD5 hash is an easy converison, it was designed to work nicely on 32 bit processors

    The MD5 -> String reverse-hash is not an easy conversion. So even if you give out the md5sum of your password, getting the actual password from that hash value is not trivial.

    That is why it is more secure. Now MD5 is not invulnerable. I have read some reports about more mathematical vulnerabilities in it. Some say that SHA-1 crypto hashing is the only way to do things now adays.

  23. UNIX uses 64 bits salt by phkamp · · Score: 5, Interesting
    The MD5 based password scrambler I wrote for FreeBSD in 1994 uses a 64 bit salt, and has subsequently been adopted by NetBSD, OpenBSD, Cisco GLIBC and pressumbably MAC OSX.

    There is no immediate future for a table driven attack on this algorithm (Which can be recognized by the '$1$...' prefix.

    HP-UX, Solaris and AIX, however still use the old 12 bit salted DES derived passwords.

    --
    Poul-Henning Kamp -- FreeBSD since before it was called that...