Penetration Testing mailing list archives
Re: Cisco LEAP
From: Anders Thulin <Anders.Thulin () kiconsulting se>
Date: Mon, 10 Nov 2003 10:11:16 +0100
No Man wrote:
Take for example a 6 character password made of lowercase letters and numbers. 36^6 works out to about 2.2 billion possibilities. Your dictionary or 2.2B rc4 hashes would take up roughly 40GB.
If space is at a premium, don't forget the Oechslin rainbow chain cracking improvement that was published recently (with sample code for LM-hashes). It can easily be adapted to this task, and it takes very little space for storage. Cracking time, though, gets fairly high.
1) what would it take time-wise to create the dictionary?
No idea, since I don't know what a single RC4 + 3 DES steps would take. DES can be bitsliced (se DESCHALL and others) which speeds up things quite a bit. I have no idea about RC4 time requirements.
2) how long would it take to cycle through 40 gigs of hashes to find the matches?
No time at all, if you store the full 21 byte hash->password mapping. Then it's just one database lookup, and you've got it. If you have a fast dictionary cracker (takes a single hash, a list of words, and outputs any of those words that match the hash), you can decide how much time it should take. Just put all passwords with the same 2/3/4 bytes of the hash into the same file. The files could be stored in a standard directory: ...path to database/byte 1/byte 2/byte 3/byte4.txt if you decide to index on four bytes from the hash. If the cracker does 1 million passwords per second, and your time target is 10 seconds, select the number of hash bits for indexing that produces less than 10 mill. collsions. Then feed the list of all those collisions as dictionary file to the cracker. Wait ten seconds.
3) how many matches on the last two bytes of the hash are there likely to be?
If the encryption method is any good, you won't find any major statistical anomalies anywhere in the hash. In which case you just divide the total password space with 2^16 -- that's how many collisions you can expect. With the assumption you made above (36^6), less than 35000 collisions. -- Anders Thulin anders.thulin () kiconsulting se 040-661 50 63 Ki Consulting AB, Box 85, SE-201 20 Malmö, Sweden --------------------------------------------------------------------------- Network with over 10,000 of the brightest minds in information security at the largest, most highly-anticipated industry event of the year. Don't miss RSA Conference 2004! Choose from over 200 class sessions and see demos from more than 250 industry vendors. If your job touches security, you need to be here. Learn more or register at http://www.securityfocus.com/sponsor/RSA_pen-test_031023 and use priority code SF4. ----------------------------------------------------------------------------
Current thread:
- RE: Cisco LEAP Rob Shein (Nov 03)
- Re: Cisco LEAP johnadams (Nov 03)
- RE: Cisco LEAP Rob Shein (Nov 04)
- Re: Cisco LEAP johnadams (Nov 04)
- RE: Cisco LEAP Rob Shein (Nov 04)
- RE: Cisco LEAP Rob Shein (Nov 04)
- Re: Cisco LEAP johnadams (Nov 03)
- <Possible follow-ups>
- RE: Cisco LEAP SILES,RAUL (HP-Spain,ex1) (Nov 03)
- Re: Cisco LEAP Anders Thulin (Nov 12)