Presentation is loading. Please wait.

Presentation is loading. Please wait.

Yvan Cartwright, Web Security Introduction Correct encryption use Guide to passwords Dictionary hacking Brute-force hacking.

Published byEmery Blair Modified over 8 years ago

Similar presentations

Presentation on theme: "Yvan Cartwright, Web Security Introduction Correct encryption use Guide to passwords Dictionary hacking Brute-force hacking."— Presentation transcript:

1 Yvan Cartwright, Y.J.F.Cartwright@staffs.ac.uk Web Security Introduction Correct encryption use Guide to passwords Dictionary hacking Brute-force hacking Securing systems

2 Yvan Cartwright, Y.J.F.Cartwright@staffs.ac.uk Web Security Ensuring optimum encryption Depending on how your server is configured you may have several encryption possibilities. Standard routines include: –Standard DES (2 character salt) –Extended DES(9 character salt starting with _) –MD5 (12 character salt starting with $1$) –Blowfish(16 character salt starting with $2$) Think of the salt as an indicator of password randomness. Bigger salt = harder to hack.

3 Yvan Cartwright, Y.J.F.Cartwright@staffs.ac.uk Web Security Using different routines in PHP How can we check using PHP which encryption routines are available? Simple. The server will set one or more of the following variables to 1 if it is available: –CRYPT_STD_DES –CRYPT_EXT_DES –CRYPT_MD5 –CRYPT_BLOWFISH

4 Yvan Cartwright, Y.J.F.Cartwright@staffs.ac.uk Web Security Generating encrypted passwords In order to encrypt a password we can use the crypt() function in PHP. Without specifying a salt, PHP will default to Standard DES. We can easily create our own PHP function that will generate a random salt of any desired length.

5 <?php function makeSalt($salt_length) {$salt = ""; for($char = 0; $char < $salt_length; $char++) {$salt = $salt. chr(rand(40,126)); } return $salt; } ?> By placing the code above on our page, we can simply call it and send it the length of salt we want it to create. The call to rand() gives us characters including numbers, letters and most special characters.

6 $user = $_POST['myusername']; $pass = $_POST['mypassword']; if (CRYPT_STD_DES == 1) { $salt = makeSalt(2); echo(" Standard DES salt: ". $salt); $standard_des_pass = crypt($pass, $salt); } if (CRYPT_EXT_DES == 1) { $salt = "_". makeSalt(8); echo(" Extended DES salt: ". $salt); $extended_des_pass = crypt($pass, $salt); }

7 if (CRYPT_MD5 == 1) { $salt = makeSalt(8); $salt = substr($user, 0, 8). substr($salt, -(8-strlen($user))); $salt = "$1$". $salt. "$"; echo(" MD5 salt: ". $salt); $user_salted_pass = crypt($pass, $salt); } if (CRYPT_BLOWFISH == 1) { $salt = makeSalt(12); $salt = substr($user, 0, 12). substr($salt, -(12- strlen($user))); $salt = "$2$". $salt. "$"; echo(" Blowfish salt: ". $salt); $user_salted_pass = crypt($pass, $salt); }

8 Yvan Cartwright, Y.J.F.Cartwright@staffs.ac.uk Web Security Good passwords A good rule of thumb is that the more characters an encryption routine generates, the harder it is to break. However, this rule is useless if the password –is too short (less than 8 characters) –is a word that can be found in a dictionary –does not contain any numbers or special characters

9 Yvan Cartwright, Y.J.F.Cartwright@staffs.ac.uk Web Security Encryption in action Password = rasmuslerdorf Standard DES: l.3StKT.4T8M Extended DES: _J9..rasmBYk8r9AiWNc MD5: $1$rasmusle$rISCgZzpwk3UhDidwXvin0 Blowfish: $2a$07$rasmuslerd............nIdrcHdxcUxWomQX9j6kvERCFjTg7Ra So, how do we go about cracking these passwords? A good first approach is to do a dictionary hack...

10 Yvan Cartwright, Y.J.F.Cartwright@staffs.ac.uk Web Security Dictionary hacking The process of dictionary hacking is as follows: 1.Get the next word in the dictionary. 2.Encrypt it using the same salt as the next user. 3.Is the encrypted dictionary word the same as the user’s encrypted password? If yes then we’ve hacked their password! 4.If not and we have other users then goto 2. 5.Else if we have other dictionary words goto 1. 6.Else the password wasn’t one of the words in our dictionary. Creating a program that performs this task is easy...

11 Yvan Cartwright, Y.J.F.Cartwright@staffs.ac.uk Web Security Making it difficult for the hackers So, as far as hacking is concerned, provided that we don’t use a dictionary word as our password we’re safe yes? No... A non-dictionary password means that we have to do a brute-force approach. This means that we have to go through every possible combination of possible passwords until we find a match.

12 Yvan Cartwright, Y.J.F.Cartwright@staffs.ac.uk Web Security Brute-force hacking Brute-force hacking can take a long time! If the characters we can use to make a password consist of all letters and numbers (a total of 62 characters in total) then we can easily deduce how many ‘keys’ we have to check. 4 characters = 62 4 = 14776336 keys 6 characters = 62 6 = 56800235584 keys 8 characters = 62 8 = 218340105584896 keys

13 Yvan Cartwright, Y.J.F.Cartwright@staffs.ac.uk Web Security Brute-force hacking With the processing speeds of modern PCs, even this number of keys is crackable. Even if you make the passwords longer then it is possible using clusters of PCs spread across the globe and using the Internet to break the task down into more manageable chunks. However, using the same encryption strength as most modern browsers, it could take hundreds to thousands of years to break a decent password.

14 Yvan Cartwright, Y.J.F.Cartwright@staffs.ac.uk Web Security Uncrackable passwords For speed reasons, most hacking programs only use a subset of characters in their brute-force key generators. The following table contains a list of special characters that are not used. Using any of these characters in your own passwords should render them uncrackable! Note: in order to use these characters you need to press the ALT key followed by the combination given using the numeric keypad.

15

16 Yvan Cartwright, Y.J.F.Cartwright@staffs.ac.uk Web Security Feet of clay A security system is only as good as its weakest component. There are several steps that a systems administrator must go through to make a hackers job harder. Most of these are easy to accomplish although the specific details are not given here as this would be a module in its own right. Briefly, the steps are:

17 Yvan Cartwright, Y.J.F.Cartwright@staffs.ac.uk Web Security Securing systems Ensure that the operating system is up to date and contains the latest security patches before connecting to the network. Do not upgrade to a new operating system until it has been tested over the course of several months. Run a good anti-virus program and keep it up to date. Determine the role of any computer connected to the Internet and ensure that only those services required are permitted to run on it. Administrator passwords should be very strong.

18 Yvan Cartwright, Y.J.F.Cartwright@staffs.ac.uk Web Security Securing systems Only use the administrator account when necessary. Use different passwords for administrator or root and general user accounts. Force new users to change their passwords when they first login. Disable or delete old or unused accounts that belong to people who no longer need access. Disable Telnet and FTP. Use SSH instead. Drop any connection to a server if a login is failed 3 times (takes time to make a connection).

19 Yvan Cartwright, Y.J.F.Cartwright@staffs.ac.uk Web Security Securing systems Make sure to configure all installed software, disable all unused features and be sure to limit the availability of any features that are enabled. Install a software or hardware firewall to protect individual services. Restrict access to services to within the company’s IP addresses. Maintain good physical security. Do not run anonymous FTP on any server with sensitive or “not public” data. Make frequent backups of systems and data.

Download ppt "Yvan Cartwright, Web Security Introduction Correct encryption use Guide to passwords Dictionary hacking Brute-force hacking."

Similar presentations

Windows XP Tutorial Securing Windows. Introduction This presentation will guide you through basic security principles for Windows XP.

Windows XP Tutorial Securing Windows. Introduction This presentation will guide you through basic security principles for Windows XP.
Networks. User access and levels Most network security involves users having different levels of user access to the network. The network manager will.

Networks. User access and levels Most network security involves users having different levels of user access to the network. The network manager will.
Understand Database Security Concepts

Understand Database Security Concepts
1 Web Servers / Deployment Alastair Dawes Original by Bhupinder Reehal.

1 Web Servers / Deployment Alastair Dawes Original by Bhupinder Reehal.
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.

Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
Introduction The concept of “SQL Injection”

Introduction The concept of “SQL Injection”
Presented by: Luke Speed Computer Security. Why is computer security important! Intruders hack into computers to steal personal information that the user.

Presented by: Luke Speed Computer Security. Why is computer security important! Intruders hack into computers to steal personal information that the user.
Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.

Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.
Security Management IACT 918 July 2004 Gene Awyzio SITACS University of Wollongong.

Security Management IACT 918 July 2004 Gene Awyzio SITACS University of Wollongong.
(NHA) The Laboratory of Computer Communication and Networking Network Host Analyzer.

(NHA) The Laboratory of Computer Communication and Networking Network Host Analyzer.
Apr 4, 2003Mårten Trolin1 Previous lecture TLS details –Phases Handshake Securing messages –What the messages contain –Authentication.

Apr 4, 2003Mårten Trolin1 Previous lecture TLS details –Phases Handshake Securing messages –What the messages contain –Authentication.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Internet Security In the 21st Century Presented by Daniel Mills.

Internet Security In the 21st Century Presented by Daniel Mills.
Cyber Patriot Training

Cyber Patriot Training
AIS, 20141 Passwords Should not be shared Should be changed by user Should be changed frequently and upon compromise (suspected unauthorized disclosure)

AIS, Passwords Should not be shared Should be changed by user Should be changed frequently and upon compromise (suspected unauthorized disclosure)
Keeping Information Safe Task 4. Basic security measures Passwords Change password on regular basis Do not use names or words easily linked to yourself.

Keeping Information Safe Task 4. Basic security measures Passwords Change password on regular basis Do not use names or words easily linked to yourself.
CIS 450 – Network Security Chapter 8 – Password Security.

CIS 450 – Network Security Chapter 8 – Password Security.
M1G505190 Introduction to Database Development 6. Building Applications.

M1G Introduction to Database Development 6. Building Applications.
| nectar.org.au NECTAR TRAINING Module 5 The Research Cloud Lifecycle.

| nectar.org.au NECTAR TRAINING Module 5 The Research Cloud Lifecycle.
EMerge Browser Managed Security Platform Module 3: Startup eMerge Certification Course  Physical connection  TCP/IP Characteristics of PC  Initial connection.

EMerge Browser Managed Security Platform Module 3: Startup eMerge Certification Course  Physical connection  TCP/IP Characteristics of PC  Initial connection.

Similar presentations

Ads by Google