These tools are of such significance in security, I will cover many different
types, including those not expressly designed to crack Internet-related
What Is a Password Cracker?
The term password cracker can be misinterpreted, so I want to define
it here. A password cracker
is any program that can decrypt passwords or otherwise disable password
protection. A password
cracker need not decrypt anything. In fact, most of them don't. Real encrypted
passwords, as you
will shortly learn, cannot be reverse-decrypted.
A more precise way to explain this is as follows: encrypted passwords
cannot be decrypted. Most
modern, technical encryption processes are now one-way (that is, there
is no process to be
executed in reverse that will reveal the password in plain text).
Instead, simulation tools are used, utilizing the same algorithm as the
original password program.
Through a comparative analysis, these tools try to match encrypted versions
of the password to the
original (this is explained a bit later in this chapter). Many so-called
password crackers are nothing
but brute-force engines--programs that try word after word, often at high
speeds. These rely on the
theory that eventually, you will encounter the right word or phrase. This
theory has been proven to
be sound, primarily due to the factor of human laziness. Humans simply
do not take care to create
strong passwords. However, this is not always the user's fault:
Users are rarely, if ever, educated as to what
are wise choices for passwords. If a password
is in the dictionary, it is extremely vulnerable
to being cracked, and users are simply not
coached as to "safe" choices for passwords. Of
those users who are so educated, many think
that simply because their password is not in
/usr/dict/words, it is safe from detection.
Many users also say that because they do not
have private files online, they are not concerned
with the security of their account, little realizing
that by providing an entry point to the system
they allow damage to be wrought on their entire
system by a malicious cracker.1
1Daniel V. Klein, A Survey of, and Improvements
to, Password Security. Software
Engineering Institute, Carnegie Mellon University,
Pennsylvania. (PostScript creation
date reported: February 22, 1991.)
The problem is a persistent one, despite the fact that password security
education demands minimal
resources. It is puzzling how such a critical security issue (which can
easily be addressed) is often
overlooked. The issue goes to the very core of security:
...exploiting ill-chosen and poorly-protected
passwords is one of the most common attacks on
system security used by crackers. Almost every
multi-user system uses passwords to protect
against unauthorized logons, but comparatively
few installations use them properly. The
problem is universal in nature, not system-specific;
and the solutions are simple, inexpensive,
and applicable to any computer, regardless of
operating system or hardware. They can be
understood by anyone, and it doesn't take an
administrator or a systems programmer to
2K. Coady. Understanding Password Security For
Users on & offline. New
England Telecommuting Newsletter, 1991.
In any event, I want to define even further the range of this chapter.
For our purposes, people who
provide registration passwords or CD keys are not password crackers, nor
are they particularly
relevant here. Individuals who copy common registration numbers and provide
them over the
Internet are pirates. I discuss these individuals (and yes, I point to
some sites) at the end of this
chapter. Nevertheless, these people (and the files they distribute, which
often contain thousands of
registration numbers) do not qualify as password crackers.
NOTE: These registration numbers and programs
that circumvent password protection
are often called cracks. A Usenet newsgroup has
actually been devoted to providing
such passwords and registration numbers. Not
surprisingly, within this newsgroup,
many registration numbers are routinely trafficked,
and the software to which they
apply is also often posted there. That newsgroup
is appropriately called alt.cracks.
The only exception to this rule is a program designed to subvert early
implementations of the
Microsoft CD key validation scheme (although the author of the source
code did not intend that the
program be used as a piracy tool). Some explanation is in order.
As part of its anti-piracy effort, Microsoft developed a method of consumer
makes use of the CD key. When installing a Microsoft product for the first
time, users are
confronted by a dialog box that requests the CD key. This is a challenge
to you; if you have a valid
key, the software continues to install and all is well. If, however, you
provide an invalid key, the
installation routine exits on error, explaining that the CD key is invalid.
Several individuals examined the key validation scheme and concluded
that it was poorly designed.
One programmer, Donald Moore, determined that through the following procedure,
a fictional key
could be tested for authenticity. His formula is sound and basically involves
1. Take all numbers that are trivial and irrelevant
to the key and discard them.ò
2. Add the remaining numbers together.
3. Divide the result by 7.
The number that you derive from this process is examined in decimal mode.
If the number has no
fractional part (there are no numeric values to the right of the decimal
point), the key is valid. If the
number contains a fractional part (there are numbers to the right of the
decimal), the key is invalid.
Moore then designed a small program that would automate this process.
Cross Reference: Moore's complete explanation
and analysis of the CD key
validation routine is located at http://www.apexsc.com/vb/lib/lib3.html.
The programmer also posted source code to the Internet, written in garden-variety
C. I have
compiled this code on several platforms and it works equally well on all.
(The platforms I have
compiled it on include DOS, NT, Linux, and AIX.) The utility is quite
valuable, I have found, for I
often lose my CD keys.
Cross Reference: The source code is located
This type of utility, I feel, qualifies in this chapter as a form of
password cracker. I suspect that some
of you will use this utility to subvert the CD key validation. However,
in order to do so, you must
first know a bit of C (and have a compiler available). My feeling is,
if you have these tools, your level
of expertise is high indeed, and you are probably beyond stealing software
from Microsoft. (I hope.)
NOTE: Microsoft's method of protecting upgrade
packages is also easily bypassed.
Upgrades install as long as you have the first
disk of a previous version of the specified
software. Therefore, a user who obtains the first
disk of Microsoft Visual Basic
Professional 3.0, for example, can install the
4.0 upgrade. For this reason, some pirate
groups distribute images of that first disk,
which are then written to floppies. (In rare
instances when the exact image must appear on
the floppy, some people use
rawrite.exe or dd.exe, two popular utilities
that write an image directly to a floppy.
This technique differs from copying it to a floppy.)
In addition, it is curious to note that
certain upgrade versions of VB will successfully
install even without the floppy
providing that Microsoft Office has been installed
I should make it clear that I do not condone piracy (even though I feel
that many commercial
software products are criminally overpriced). I use Linux and GNU. In
that respect, I owe much to
Linus Torvalds and Richard Stallman. I have no fear of violating the law
because most of the
software I use is free to be redistributed to anyone. (Also, I have found
Linux to be more stable than
many other operating systems that cost hundreds of dollars more.)
Linux is an entirely copy-free operating system, and the GNU suite of
programs is under the general
public license. That is, you are free to redistribute these products to
anyone at any time. Doing so
does not violate any agreement with the software authors. Many of these
utilities are free versions of
popular commercial packages, including C and C++ compilers, Web-development
tools, or just
about anything you can dream of. These programs are free to anyone who
can download them. They
are, quite frankly, a godsend to anyone studying development.
In any event, the password crackers I will be examining here are exactly
that: they crack, destroy, or
otherwise subvert passwords. I provide information about registration
cracks at the end of the
chapter. That established, let's move forward.
How Do Password Crackers Work?
To understand how password crackers work, you need only understand how
work. Most password generators use some form of cryptography. Cryptography
is the practice of
writing in some form of code.
This definition is wide, and I want to narrow it. The etymological root
of the word cryptography can
help in this regard. Crypto stems from the Greek word kryptos. Kryptos
was used to describe
anything that was hidden, obscured, veiled, secret, or mysterious. Graph
is derived from graphia,
which means writing. Thus, cryptography is the art of secret writing.
An excellent and concise
description of cryptography is given by Yaman Akdeniz in his paper Cryptography
Cryptography defined as "the science and study
of secret writing," concerns the ways in which
communications and data can be encoded to prevent
disclosure of their contents through
eavesdropping or message interception, using
codes, ciphers, and other methods, so that only
certain people can see the real message.3
3Yaman Akdeniz, Cryptography & Encryption
August 1996, Cyber-Rights &
Cyber-Liberties (UK) at
Studies of the Law Faculty of University of Leeds,
Leeds LS2 9JT.)
Most passwords are subjected to some form of cryptography. That is, passwords
To illustrate this process, let me reduce it to its most fundamental.
Imagine that you created your own
code, where each letter of the alphabet corresponded to a number (see
A primitive example of a code.
In Figure 10.1, there is a table, or legend, to the left. Below each
letter is a corresponding number.
Thus, A = 7, B = 2, and so forth. This is a code of sorts, similar to
the kind seen in secret-decoder
kits found by children in their cereal boxes. You probably remember them:
They came with decoder
rings and sometimes even included a tiny code book for breaking the code
Unfortunately, such a code can be easily broken. For example, if each
letter has a fixed numeric
counterpart (that is, that counterpart never changes), it means that you
will only be using 26 different
numbers (presumably 1 through 26, although you could choose numbers arbitrarily).
Assume that the
message you are seeking to hide contains letters but no numbers. Lexical
analysis would reveal your
code within a few seconds. There are software programs that perform such
analysis at high speed,
searching for patterns common to your language.
Another method (slightly more complex) is where each letter becomes another
letter, based on a
standard, incremental (or decremental) operation. To demonstrate this
technique, I will defer to
ROT-13 encoding. ROT-13 is a method whereby each letter is replaced by
a substitute letter. The
substitute letter is derived by moving 13 letters ahead (see Figure 10.2).
The ROT-13 principle of letter substitution.
This, too, is an ineffective method of encoding or encrypting a message
(although it reportedly
worked in Roman times for Caesar, who used a shift-by-three formula).
There are programs that
quickly identify this pattern. However, this does not mean that techniques
like ROT-13 are useless. I
want to illustrate why and, in the process, I can demonstrate the first
important point about
passwords and encryption generally:
Any form of encryption may be useful, given
particular circumstances. These circumstances
may depend upon time, the sensitivity of the
information, and from whom you want to hide
In other words, techniques like the ROT-13 implementation may be quite
useful under certain
circumstances. Here is an example: Suppose a user wants to post a cracking
technique to a Usenet
group. He or she has found a hole and wants to publicize it while it is
still exploitable. Fine. To
prevent bona-fide security specialists from discovering that hole as quickly
as crackers, ROT-13 can
Remember how I pointed out that groups like NCSA routinely download Usenet
traffic on a
wholesale basis? Many groups also use popular search engines to ferret
out cracker techniques.
These search engines primarily employ regex (regular expression) searches
(that is, they search by
word or phrase). For example, the searching party (perhaps NCSA, perhaps
any interested party)
may enter a combination of words such as
When this combination of words is entered correctly, a wealth of information
might mean many things; each engine works slightly differently. For example,
some render incisive
results if the words are enclosed in quotation marks. This sometimes forces
a search that is case
sensitive. Equally, many engines provide for the use of different Boolean
expressions. Some even
provide fuzzy-logic searches or the capability to mark whether a word
appears adjacent, before, or
after another word or expression.
When the cracker applies the ROT-13 algorithm to a message, such search
engines will miss the
post. For example, the message
Guvf zrffntr jnf rapbqrq va EBG-13 pbqvat. Obl,
qvq vg ybbx fperjl hagvy jr haeniryrq vg!
is clearly beyond the reach of the average search engine. What it really
looks like is this:
This message was encoded in ROT-13 coding. Boy,
did it look screwy until we unraveled it!
Most modern mail and newsreaders support ROT-13 encoding and decoding
(Free Agent by Forte
is one; Netscape Navigator's Mail package is another). Again, this is
a very simple form of encoding
something, but it demonstrates the concept. Now, let's get a bit more
DES and Crypt
Many different operating systems are on the Internet. The majority of
servers, however, run some
form of UNIX. On the UNIX platform, all user login IDs and passwords are
stored in a central
location. That location, for many years, was in the directory /etc within
a file passwd
(/etc/passwd). The format of this file contains various fields. Of those,
we are concerned with two:
the login ID and the password.
The login ID is stored plain text, or in perfectly readable English.
(This is used as a key for
encryption.) The password is stored in an encrypted form. The encryption
process is performed
using Crypt(3), a program based on the data encryption standard (DES).
IBM developed the
earliest version of DES; today, it is used on all UNIX platforms for password
encryption. DES is
endorsed jointly by the National Bureau of Standards and the National
Security Agency. In fact,
since 1977, DES has been the generally accepted method for safeguarding
sensitive data. Figure
10.3 contains a brief timeline of DES development.
Brief timeline of the development of DES.
DES was developed primarily for the protection of certain nonclassified
information that might exist
in federal offices. As set forth in Federal Information Processing Standards
Guidelines for Implementing and Using the NBS Data Encryption Standard:
Because of the unavailability of general cryptographic
technology outside the national security
arena, and because security provisions, including
encryption, were needed in unclassified
applications involving Federal Government computer
systems, NBS initiated a computer
security program in 1973 which included the development
of a standard for computer data
encryption. Since Federal standards impact on
the private sector, NBS solicited the interest
and cooperation of industry and user communities
in this work.
Information about the original mechanical development of DES is scarce.
Reportedly, at the request
of the National Security Agency, IBM caused certain documents to be classified.
(They will likely
remain so for some years to come.) However, the source code for Crypt(3)
implementation of DES in UNIX) is widely available. This is significant,
because in all the years that
source has been available for Crypt, no one has yet found a way to easily
information encrypted with it.
TIP: Want to try your luck at cracking Crypt?
Get the source! It comes with the
standard GNU distribution of C libraries, which
can be found at
(Please note that if you are
not on U.S. soil or within U.S. jurisdiction,
you must download the source for Crypt
from a site outside the United States. The site
usually given for this is
Certain implementations of Crypt work differently. In general, however,
the process is as follows:
1. Your password is taken in plain text (or,
in cryptographic jargon, clear text).
2. Your password is then utilized as a key to
encrypt a series of zeros (64 in all). The resulting
encoded text is thereafter referred to as cipher
text, the unreadable material that results after
plain text has been encrypted.
Certain versions of Crypt, notably Crypt(3), take additional steps. For
example, after going through
this process, it encrypts the already encrypted text, again using your
password as a key. This a fairly
strong method of encryption; it is extremely difficult to break.
In brief, DES takes submitted data and encodes it using a one-way operation
sometimes referred to
as a hash. This operation is special from a mathematical point of view
for one reason: While it is
relatively simple to encode data this way, decoding it is computationally
complex and resource
intensive. It is estimated, for example, that the same password can be
encoded in 4,096 different
ways. The average user, without any knowledge of the system, could probably
spend his or her
entire life attempting to crack DES and never be successful. To get that
in proper perspective,
examine an estimate from the National Institute of Standards and Technology:
The cryptographic algorithm [DES] transforms
a 64-bit binary value into a unique 64-bit
binary value based on a 56-bit variable. If the
complete 64-bit input is used (i.e., none of the
input bits should be predetermined from block
to block) and if the 56-bit variable is randomly
chosen, no technique other than trying all possible
keys using known input and output for the
DES will guarantee finding the chosen key. As
there are over 70,000,000,000,000,000
(seventy quadrillion) possible keys of 56 bits,
the feasibility of deriving a particular key in this
way is extremely unlikely in typical threat environments.4
4NIST, December 30, 1993. "Data Encryption Standard
Information Processing Standards Publication
One would think that DES is entirely infallible. It isn't. Although the
information cannot be
reverse-encoded, passwords encrypted via DES can be revealed through a
The process works as follows:
1. You obtain a dictionary file, which is really
no more than a flat file (plain text) list of words
(these are commonly referred to as wordlists).
2. These words are fed through any number of
programs that encrypt each word. Such
encryption conforms to the DES standard.
3. Each resulting encrypted word is compared
with the target password. If a match occurs,
there is better than a 90 percent chance that
the password was cracked.
This in itself is amazing; nevertheless, password-cracking programs made
for this purpose are even
more amazing than they initially appear. For example, such cracking programs
often subject each
word to a list of rules. A rule could be anything, any manner in which
a word might appear. Typical
rules might include
Alternate upper- and lowercase
Spell the word forward and
then backward, and then fuse the two results (for example: cannac).
Add the number 1 to the beginning
and/or end of each word.
Naturally, the more rules one applies to the words, the longer the cracking
process takes. However,
more rules also guarantee a higher likelihood of success. This is so for
a number of reasons:
The UNIX file system is case
sensitive (WORKSTATION is interpreted differently than Workstation or
workstation). That alone makes a UNIX password infinitely more complex
to crack than a password generated on a DOS/Windows
Alternating letters and numbers
in passwords is a common practice by those aware of security issues. When
cracking passwords from such a source, many rules should be applied.
The emergence of such programs has greatly altered the security of the
Internet. The reasons can be
easily understood by anyone. One reason is because such tools are effective:
Crypt uses the resistance of DES to known plain
text attack and make it computationally
unfeasible to determine the original password
that produced a given encrypted password by
exhaustive search. The only publicly known technique
that may reveal certain passwords is
password guessing: passing large wordlists through
the crypt function to see if any match the
encrypted password entries in an /etc/passwd
file. Our experience is that this type of attack
is successful unless explicit steps are taken
to thwart it. Generally we find 30 percent of the
passwords on previously unsecured systems.5
5David Feldmeier and Philip R. Karn. UNIX Password
Security--Ten Years Later.
Another reason is that the passwords on many systems remain available.
In other words, for many
years, the task of the cracker was nearly over if he or she could obtain
that /etc/passwd file.
When in possession of the encrypted passwords, a suitably powerful machine,
and a cracking
program, the cracker was ready to crack (provided, of course, that he
or she had good wordlists).
Wordlists are generally constructed with one word per line, in plain
text, and using no carriage
returns. They average at about 1MB each (although one could feasibly create
a wordlist some
20MB in size). As you may have guessed, many wordlists are available on
the Internet; these come
in a wide variety of languages (thus, an American cracker can crack an
Italian machine and vice
Cross Reference: There are a few popular depositories
for wordlists. These
collections contain every imaginable type of
wordlist. Some are simply dictionaries and
others contain hyphenated words, upper and lower
case, and so on. One exceptionally
good source is at http://sdg.ncsa.uiuc.edu/~mag/Misc/Wordlists.html.
However, perhaps the most definitive collection
is available at the COAST project at
Purdue. Its page is located at http://www.cs.purdue.edu/coast/.
The Password-Cracking Process
Before I get even more specific, I want to graphically illustrate the
password-cracking process (see
The graphical representation in Figure 10.4 will serve you well. I want
to explain a bit about each
portion of the process. First, I should briefly cover the hardware issues.
As noted in Figure 10.4, a 66MHz machine or higher is typical. Indeed,
it is a basic requirement.
Without delving deep into an argument for this or that processor (or this
or that platform), I should at
least state this: In actual practice, cracking a large password file is
a CPU- and memory-intensive
task. It can often take days. Whether you are a hobbyist, cracker, or
system administrator, you
would be well advised to take note of this point. Before actually cracking
a large password file, you
might want to inventory your equipment and resources.
I have found that to perform a successful (and comfortable) crack of
a large password file, one
should have 66MHz of processing power and 32MB of RAM (or better). It
can be done with less,
even a 25MHz processor and 8MB of RAM. However, if you use a machine so
cannot expect to use it for any other tasks. (At least, this is true of
any IBM AT compatible. I have
seen this done on a Sun SPARCstation 1 and the user was still able to
run other processes, even in
The process of cracking, graphically illustrated.
Equally, there are techniques for overcoming this problem. One is the
parlor trick of distributed
cracking. Distributed cracking is where the cracker runs the cracking
program in parallel, on
separate processors. There are a few ways to do this. One is to break
the password file into pieces
and crack those pieces on separate machines. In this way, the job is distributed
among a series of
workstations, thus cutting resource drain and the time it takes to crack
the entire file.
The problem with distributed cracking is that it makes a lot of noise.
Remember the Randal Schwartz
case? Mr. Schwartz probably would never have been discovered if he were
not distributing the CPU
load. Another system administrator noticed the heavy processor power being
eaten. (He also noted
that one process had been running for more than a day.) Thus, distributed
cracking really isn't viable
for crackers unless they are the administrator of a site or they have
a network at home (which is not
so unusual these days; I have a network at home that consists of Windows
95, Windows NT, Linux,
Sun, and Novell boxes).
The Mechanics of Password Cracking
In any event, as Figure 10.4 shows, the wordlist is sent through the
encryption process, generally
one word at a time. Rules are applied to the word and, after each such
application, the word is again
compared to the target password (which is also encrypted). If no match
occurs, the next word is
sent through the process.
Some password crackers perform this task differently. Some take the entire
list of words, apply a
rule, and from this derive their next list. This list is then encrypted
and matched against the target
password. The difference is not academic. The second technique is probably
In the final stage, if a match occurs, the password is then deemed cracked.
The plain-text word is
then piped to a file (recorded in a plain-text file for later examination).
It is of some significance that the majority of password cracking utilities
are not user friendly. In fact,
when executed, some of them forward nothing more than a cryptic message,
Most also do not have extensive documentation with them. There are a
few reasons for this
There is very little left to say. The program
cracks passwords and does nothing more.
The majority are authored by crackers from the
underground. Thus, the programs were
developed on the fly, and these individuals have
little time to generate complex help files and
tutorials. It is assumed that when you unpack
such a tool, you know what you are doing. (The
exceptions to this rule are, of course, those
cracking utilities that are written by bona fide
security professionals. These usually include
release notes, explaining pitfalls, bugs, and
possible solutions. Some even come with a few
sample wordlists. These generally consist of
several hundred words and proper names.)
The Password Crackers
The remainder of this chapter is devoted to individual password crackers.
Some are made for
cracking UNIX passwd files, and some are not. Some of the tools here are
not even password
crackers; instead, they are auxiliary utilities that can be used in conjunction
with (or for the
improvement of) existing password crackers.
Crack by Alec Muffett
Crack is probably the most celebrated tool for cracking encrypted UNIX
passwords. It is now the
industry standard for checking networks for characteristically weak passwords.
It was written by
Alec D. E. Muffet, a UNIX software engineer in Wales. In the docs provided
with the distribution,
Mr. Muffett concisely articulates the program's purpose:
Crack is a freely available program designed
to find standard UNIX eight-character DES
encrypted passwords by standard guessing techniques...It
is written to be flexible,
configurable and fast, and to be able to make
use of several networked hosts via the Berkeley
rsh program (or similar), where possible.
Crack is for use on UNIX platforms only. It comes as a tarred, g'zipped
file and is available at so
many sites, I will refrain from listing them here (use the search string
crack-4.1.tar.Z). After downloaded to the local disk, it is unzipped and
untarred into a suitable
directory (I prefer putting it into the /root/ directory tree). After
you finish that process, your
directory (Crack-4.1) will look similar to the one shown in Figure 10.5.
The Crack directory structure.
To get up and running, you need only set the root directory for Crack
(this is the directory beneath
which all the Crack resources can be found). This value is assigned to
a variable (Crack_Home) in
the configuration files. This is merely an environment variable that,
when set, tells the Crack program
where the remaining resources reside. To set this variable, edit the file
Crack, which is a /bin/sh
script that starts up the Crack engine. After editing this file, you can
begin. This file, which consists of
plain-text commands, code, and variables, can be edited in any text editor
or word processor.
However, it must be saved to plain text.
NOTE: You may or may not need to quickly acquire
a wordlist. As it happens, many
distributions of Crack are accompanied by sample
wordlist (or dictionary) files. Your
mileage may vary in this respect. I would suggest
getting your copy of Crack from
established (as opposed to underground) sites.
This will make it more likely that you
will get a sample wordlist (although to do any
serious password cracking, you will need
to acquire bigger and more suitable wordlists).
You initiate a Crack session by calling the program and providing the
name of a password file and
any command-line arguments, including specifications for using multiple
workstations and such. If
you refer to the Xterm snapshot in Figure 10.5, you will see a file there
This is a sample passwd file that I cracked to generate an example. To
crack that file, I issued the
Crack started the process and wrote the progress of the operation to
files with an out prefix. In this
case, the file was called outSamsHack300. Following is an excerpt from
that file; examine it closely.
pwc: Jan 30 19:26:49 Crack v4.1f: The Password Cracker, (c) Alec D.E.
pwc: Jan 30 19:26:49 Loading Data, host=SamsHack pid=300
pwc: Jan 30 19:26:49 Loaded 2 password entries with 2 different (salts:
pwc: Jan 30 19:26:49 Loaded 240 rules from `Scripts/dicts.rules'.
pwc: Jan 30 19:26:49 Loaded 74 rules from `Scripts/gecos.rules'.
pwc: Jan 30 19:26:49 Starting pass 1 - password information
pwc: Jan 30 19:26:49 FeedBack: 0 users done, 2 users left to crack.
pwc: Jan 30 19:26:49 Starting pass 2 - dictionary words
pwc: Jan 30 19:26:49 Applying rule `!?Al' to file `Dicts/bigdict'
pwc: Jan 30 19:26:50 Rejected 12492 words on loading, 89160 words (left
pwc: Jan 30 19:26:51 Sort discarded 947 words; FINAL DICTIONARY (SIZE:
pwc: Jan 30 19:27:41 Guessed ROOT PASSWORD root (/bin/bash (in my_password_file)
pwc: Jan 30 19:27:41 Closing feedback file.
As you can see, Crack guessed the correct password for root. This process
took just under a
minute. Line 1 reveals the time at which the process was initiated (Jan
30 19:26:49); line 12 reveals
that the password--Laura--was cracked at 19:27:41. This was done using
a 133MHz processor
and 32MB of RAM.
Because the password file I used was so small, neither time nor resources
was an issue. In practice,
however, if you are cracking a file with hundreds of entries, Crack will
eat resources voraciously.
This is especially so if you are using multiple wordlists that are in
compressed form. (Crack will
actually identify these as compressed files and will uncompress them.)
As mentioned earlier, Crack can distribute the work to different workstations
on a UNIX network.
Even more extraordinary than this, the machines can be of different architectures.
Thus, you might
have an IBM-compatible running Linux, a RS/6000 running AIX, and a Macintosh
Crack is extremely lightweight and is probably the most reliable password
TIP: To perform a networked cracking session,
you must build a network.conf file.
This is used by the program to identify which
hosts to network, their architecture, and
other key variables. One can also specify command-line
options that are invoked as
Crack is unleashed on each machine. In other
words, each machine may be running
Crack and using different command-line options.
This can be conveniently managed
from one machine.
Cross Reference: Macintosh users can also enjoy
the speed and efficiency of Crack
by using the most recent port of it, called MacKrack
v2.01b1. It is available at
CrackerJack by Jackal
CrackerJack is a renowned UNIX password cracker designed expressly for
the DOS platform.
Contrary to popular notions, CrackerJack is not a straight port of Crack
(not even close).
Nevertheless, CrackerJack is an extremely fast and easy-to-use cracking
utility. For several years,
CrackerJack has been the choice for DOS users; although many other cracker
utilities have cropped
up, CrackerJack remains quite popular (it's a cult thing). Later versions
were reportedly compiled
using GNU C and C++. CrackerJack's author reports that through this recompiling
program gained noticeable speed.
TIP: CrackerJack also now works on the OS/2
The are some noticeable drawbacks to CrackerJack, including
Users can only specify one dictionary file at
Memory-allocation conventions prevent CrackerJack
from running in Windows 95.
Despite these snags, CrackerJack is reliable and, for moderate tasks,
requires only limited
resources. It takes sparse processor power, doesn't require a windowed
environment, and can run
from a floppy.
Cross Reference: CrackerJack is widely available,
although not as widely as one
would expect. Here are a few reliable sites:
PaceCrack95 is designed to work on the Windows 95 platform in console
mode, in a shell window.
Its author reports that PaceCrack95 was prompted by deficiencies in other
Well you might be wondering why I have written
a program like this when there already is
[sic] many out there that do the same thing.
There are many reasons, I wanted to challenge
myself and this was a useful way to do it. Also
there was this guy (Borris) that kept bugging
me to make this for him because Cracker Jack
(By Jackal) doesn't run in Win95/NT because
of the weird way it uses the memory. What was
needed was a program that runs in Win95
and the speed of the cracking was up there with
To the author's credit, he created a program that does just that. It
is fast, compact, and efficient.
Unfortunately, however, PaceCrack95 is a new development not yet widely
available (I believe it
was distributed in July 1996).
Cross Reference: There is a shortage of reliable
sites from which to retrieve
PaceCrack95, but it can be found at
Qcrack by the Crypt Keeper
Qcrack was originally designed for use on the Linux platform. It has
recently been ported to the
MS-DOS/Windows platform (reportedly sometime in July 1996). Qcrack is
therefore among the
newest wave of password crackers that have cropped up in the last year
or so. This has increased
the number of choices in the void. This utility is extremely fast, but
there are some major drawbacks.
One relates to storage. As the author, the Crypt Keeper, explains:
QInit [one of several binaries in the distribution]
generates a hash table where each entry
corresponds to a salt value and contains the
first two bytes of the hash. Each password
becomes about 4KB worth of data, so this file
gets large quickly. A file with 5000 words can
be expected to be 20MB of disk. This makes it
important to have both a lot of disk space,
and a very select dictionary. Included, a file
called cpw is a list containing what I consider to
be "good" words for the typical account. I have
had zero hits with this file on some password
files, and I have also had almost a 30 percent
hit rate on others.
NOTE: Note that Qcrack is a bit slower than
some other utilities of this nature, but is
probably worth it. Parallelizing is possible,
but not in the true sense. Basically, one can
use different machines and use different dictionaries
(as Qcrack's author suggests).
However, this is not the same form of parallelizing
that can be implemented with
Muffett's Crack. (Not to split hairs, but using
Qcrack in this fashion will greatly speed
up the process of the crack.)
Just one more interesting tidbit: The author of Qcrack, in a stroke of
vision, suggested that someone
create a CD-ROM of nothing but wordlist dictionaries (granted, this would
probably be of less use
to those with slow CD-ROMs; repeated access across drives could slow the
system a bit).
Cross Reference: Qcrack can be found in the
John the Ripper by Solar Designer
John the Ripper is a relatively new UNIX password cracker that runs on
the DOS/Windows 95
platform. The binary distribution suggests that the coding was finished
in December 1996. Early
distributions of this program were buggy. Those of you working with less
than 4MB of RAM might
want to avoid this utility. Its author suggests that the program can run
with less than 4MB, but a lot of
disk access will be going on.
Cross Reference: John the Ripper runs on Linux
as well. The Linux version is
currently in beta and is being distributed as
an ELF binary. It can be found by searching
for the string john-linux.tar.zip.
Undoubtedly, these early efforts were flawed because the author attempted
to include so many
functions. Although John the Ripper may not yet be perfect, it is sizing
up as quite a program. It runs
in DOS (or in Windows 95 via a shell window) and has extensive options.
Rather than list those
here, I have provided a screenshot of the opening screen that appears
if you start John without any
arguments (see Figure 10.6).
The John the Ripper opening screen.
In this respect, John incorporates many of the amenities and necessities
of other, more established
programs. I fully expect that within six months of this writing, John
the Ripper will be among the most
popular cracking utilities.
Cross Reference: The DOS version of John the
Ripper, which is relatively large in
terms of password crackers, can be found at
Pcrack (PerlCrack; Current Version Is 0.3) by Offspring and Naïve
Pcrack is a Perl script for use on the UNIX platform (this does not mean
that Pcrack couldn't be
implemented on the NT platform; it simply means that some heavy-duty porting
would be in order).
This utility has its advantages because it is quite compact and, when
loaded onto the interpreter, fast.
Nonetheless, one must obviously have not only some form of UNIX, but also
access to Perl. As I
have already pointed out, such utilities are best employed by someone
with root access to a UNIX
box. Many system administrators have undertaken the practice of restricting
Perl access these days.
Cross Reference: Pcrack is not widely available,
to be a reliable source.
Hades by Remote and Zabkar (?)
Hades is yet another cracking utility that reveals UNIX /etc/passwd passwords.
Or is it? Hades is
very fast, faster than Muffett's Crack and far faster than CrackerJack
(at least in tests I have
The distribution comes with some source code and manual pages, as well
as an advisory, which I
We created the Hades Password Cracker to show
that world-readable encrypted passwords
in /etc/passwd are a major vulnerability of the
UNIX operating system and its derivatives.
This program can be used by system operators
to discover weak passwords and disable
them, in order to make the system more secure.
With the exception of Muffett's Crack, Hades is the most well-documented
available. The authors have taken exceptional care to provide you with
every possible amenity. The
Hades distribution consists of a series of small utilities that, when
employed together, formulate a
powerful cracking suite. For each such utility, a man (manual) page exists.
The individual utilities
included with the distribution perform the following functions:
The Merge utility merges two dictionaries (wordlists)
into a third, the name of which is
specified by you.
The Optimize utility cleans dictionary (wordlists)
files by formatting them; all duplicate entries
can be conveniently deleted and long words are
The Hits utility archives all passwords cracked
in a previous section, outputting the data to a
user-specified file. From this file, Hades can
derive another dictionary.
Cross Reference: Hades is so widely available
that I will refrain from giving a list of
sites here. Users who wish to try out this well-crafted
utility should search for one or
both of the following search terms:
Star Cracker by the Sorcerer
Star Cracker was designed to work under the DOS4GW environment. Okay...this
is a bit of a curiosity. The author was extremely thorough, and although
the features he or she added
are of great value and interest, one wonders when the author takes out
time to have fun. In any
event, here are some of the more curious features:
Fail-safe power outage provision--If there is
a blackout in your city and your computer goes
down, your work is not lost. (Is that a kicker
or what?) Upon reboot, Star Cracker recovers
all the work previously done (up until the point
of the power outage) and keeps right on going.
Time-release operation--You can establish time
windows when the program is to do its work.
That means you could specify, "Crack this file
for 11 hours. When the 11 hours are up, wait 3
hours more. After the 3 hours more, start again."
To UNIX users, this second amenity doesn't mean much. UNIX users have
always had the ability to
time jobs. However, on the DOS platform, this capability has been varied
and scarce (although there
are utilities, such as tm, that can schedule jobs).
Moreover, this cracking utility has a menu of options: functions that
make the cracking process a lot
easier. You've really got to see this one to believe it. A nicely done
Cross Reference: Star Cracker is available at
Killer Cracker by Doctor Dissector
Killer Cracker is another fairly famous cracking engine. It is distributed
almost always as source
code. The package compiles without event on a number of different operating
systems, although I
would argue that it works best under UNIX.
NOTE: Unless you obtain a binary release, you
will need a C compiler.
Killer Cracker has so many command-line options, it is difficult to know
which ones to mention here.
Nonetheless, here are a few highlights of this highly portable and efficient
Manipulation of some rules at the command prompt,
including case sensitivity.
Command-line specification for method of operation,
including in what order the words are
tested (for example, test each word completely
before moving on to the next).
Under BSD, Killer Crack can be instructed to
monopolize the processor altogether, forcing
the maximum amount of CPU power available for
The program can check for nonprintable and control
characters as possible keystrokes within
the current target password file.
In all, this program is quite complete. Perhaps that is why it remains
so popular. It has been ported
to the Macintosh operating system, it works on a DOS system, and it was
designed under UNIX. It
is portable and easily compiled.
Cross Reference: Killer Cracker can be obtained
at these locations:
(DOS 16 bit)
(DOS 32 bit)
Hellfire Cracker by the Racketeer and the Presence
Another grass-roots work, Hellfire Cracker is a utility for cracking
UNIX password files using the
DOS platform. It was developed using the GNU compiler. This utility is
quite fast, although not by
virtue of the encryption engine. Its major drawback is that user-friendly
functions are practically
nonexistent. Nevertheless, it makes up for this in speed and efficiency.
One amenity of Hellfire is that it is now distributed almost exclusively
in binary form, which obviates
the need for a C compiler.
Cross Reference: This utility can be found on
many sites, but I have encountered
problems finding reliable ones. This one, however
XIT by Roche'Crypt
XIT is yet another UNIX /etc/passwd file cracker, but it is a good one.
The capability to recover from power failure
or sudden reboot
Full C source code available for analysis
The capability to provide up-to-the-second status
Full support for (get this!) 286 machines
The capability to exploit the existence of a
disk cache for speed and increased performance
The Claymore utility has been around for several years. However, it is
not as widely available as one
would expect. It also comes in different compressed formats, although
the greater number are
Cross Reference: One reliable place to find
Claymore by the Grenadier
The Claymore utility is slightly different from its counterparts. It
runs on any Windows platform,
including 95 and NT.
NOTE: Claymore does not work in DOS or even
a DOS shell window.
Figure 10.7 shows Claymore's opening window.
The Claymore opening screen.
There is not a lot to this utility, but some amenities are worth mentioning.
First, Claymore can be
used as a brute force cracker for many systems. It can be used to crack
UNIX /etc/passwd files,
but it can also be used to crack other types of programs (including those
requiring a login/password
pair to get in).
One rather comical aspect of this brute force cracker is its overzealousness.
According to the author:
Keep an eye on the computer. Claymore will keep
entering passwords even after it has
broken through. Also remember that many times
a wrong password will make the computer
beep so you may want to silence the speaker.
Sometimes Claymore will throw out key
strokes faster than the other program can except
them. In these cases tell Claymore to repeat
a certain key stroke, that has no other function
in the target program, over and over again so
that Claymore is slowed down and the attacked
program has time to catch up.
This is what I would classify as a true, brute-force cracking utility!
One interesting aspect is this: You
can specify that the program send control and other nonprintable characters
during the crack. The
structure of the syntax to do so suggests that Claymore was written in
Microsoft Visual Basic.
Moreover, one almost immediately draws the conclusion that the VB function
SendKeys plays a big
part of this application. In any event, it works extremely well.
Cross Reference: Claymore is available at many
locations on the Internet, but
almost guaranteed to be
Guess by Christian Beaumont
Guess is a compact, simple application designed to attack UNIX /etc/passwd
files. It is presented
with style but not much pomp. The interface is designed for DOS, but will
successfully run through a
DOS windowed shell. Of main interest is the source, which is included
with the binary distribution.
Guess was created sometime in 1991, it seems. For some reason, it has
not yet gained the notoriety
of its counterparts; this is strange, for it works well.
Cross Reference: Guess is available widely,
so I will refrain from listing locations
here. It is easy enough to find; use the search
PC UNIX Password Cracker by Doctor Dissector
I have included the PC UNIX Password Cracker utility (which runs on the
DOS platform) primarily
for historical reasons. First, it was released sometime in 1990. As such,
it includes support not only
for 386 and 286 machines, but for 8086 machines. (That's right. Got an
old XT lying around the
house? Put it to good use and crack some passwords!) I won't dwell on
this utility, but I will say this:
The program is extremely well designed and has innumerable command-line
options. Naturally, you
will probably want something a bit more up to date (perhaps other work
of the good Doctor's) but if
you really do have an old XT, this is for you.
Cross Reference: PC UNIX Cracker can be found
Merlin by Computer Incident Advisory Capability (CIAC) DOE
Merlin is not a password cracker. Rather, it is a tool for managing password
crackers as well as
scanners, audit tools, and other security-related utilities. In short,
it is a fairly sophisticated tool for
holistic management of the security process. Figure 10.8 shows Merlin's
Merlin is for UNIX platforms only. It has reportedly been tested (with
positive results) on a number
of flavors, including but not limited to IRIX, Linux, SunOS, Solaris,
One of the main attractions of Merlin is this: Although it has been specifically
designed to support
only five common security tools, it is highly extensible (it is written
in Perl almost exclusively). Thus,
one could conceivably incorporate any number of tools into the scheme
of the program.
Merlin is a wonderful tool for integrating a handful of command-line
tools into a single, easily
managed package. It addresses the fact that the majority of UNIX-based
security programs are
based in the command-line interface (CLI). The five applications supported
SPI (government contractors and agencies only)
Merlin's opening screen.
Note that Merlin does not supply any of these utilities in the distribution.
Rather, you must acquire
these programs and then configure Merlin to work with them (similar to
the way one configures
external viewers and helpers in Netscape's Navigator). The concept may
seem lame, but the tool
provides an easy, centralized point from which to perform some fairly
common (and grueling)
security tasks. In other words, Merlin is more than a bogus front-end.
In my opinion, it is a good
contribution to the security trade.
TIP: Those who are new to the UNIX platform
may have to do a little hacking to get
Merlin working. For example, Merlin relies on
you to have correctly configured your
browser to properly handle *.pl files (it goes
without saying that Perl is one requisite).
Also, Merlin apparently runs an internal HTTP
server and looks for connections from
the local host. This means you must have your
system properly configured for
Merlin (and programs like it) are an important and increasing trend (a
trend kicked off by Farmer
and Venema). Because such programs are designed primarily in an HTML/Perl
base, they are highly
portable to various platforms in the UNIX community. They also tend to
take slim network
resources and, after the code has been loaded into the interpreter, they
move pretty fast. Finally,
these tools are easier to use, making security less of an insurmountable
task. The data is right there
and easily manipulated. This can only help strengthen security and provide
newbies with an
Other Types of Password Crackers
Now you'll venture into more exotic areas. Here you will find a wide
variety of password crackers
for almost any type of system or application.
ZipCrack by Michael A. Quinlan
ZipCrack does just what you would think it would: It is designed to brute-force
passwords that have
been applied to files with a *.zip extension (in other words, it cracks
the password on files
generated with PKZIP).
No docs are included in the distribution (at least, not the few files
that I have examined), but I am not
sure there is any need. The program is straightforward. You simply provide
the target file, and the
program does the rest.
The program was written in Turbo Pascal, and the source code is included
with the distribution.
ZipCrack will work on any IBM-compatible that is a 286 or higher. The
file description reports that
ZipCrack will crack all those passwords generated by PKZIP 2.0. The author
also warns that
although short passwords can be obtained within a reasonable length of
time, long passwords can
take "centuries." Nevertheless, I sincerely doubt that many individuals
provide passwords longer than
five characters. ZipCrack is a useful utility for the average toolbox;
it's one of those utilities that you
think you will never need and later, at 3:00 in the morning, you swear
bitterly because you don't have
Cross Reference: ZipCrack is widely available;
use the search string
Fast Zip 2.0 (Author Unknown)
Fast Zip 2.0 is, essentially, identical to ZipCrack. It cracks zipped
Cross Reference: To find Fast Zip 2.0, use the
search string fzc101.zip.
Decrypt by Gabriel Fineman
An obscure but nonetheless interesting utility, Decrypt breaks WordPerfect
passwords. It is written
in BASIC and works well. The program is not perfect, but it is successful
a good deal of the time.
The author reports that Decrypt checks for passwords with keys from 1
through 23. The program
was released in 1993 and is widely available.
Cross Reference: To find Decrypt, use the search
Glide (Author Unknown)
There is not a lot of documentation with the Glide utility. This program
is used exclusively to crack
PWL files, which are password files generated in Microsoft Windows for
Workgroups and later
versions of Windows. The lack of documentation, I think, is forgivable.
The C source is included
with the distribution. For anyone who hacks or cracks Microsoft Windows
boxes, this utility is a
Cross Reference: Glide is available at these
AMI Decode (Author Unknown)
The AMI Decode utility is designed expressly to grab the CMOS password
from any machine using
an American Megatrends BIOS. Before you go searching for this utility,
you might try the
factory-default CMOS password. It is, oddly enough, AMI. In any event,
the program works, and
that is what counts.
Cross Reference: To find AMI Decode, use the
search string amidecod.zip.
NetCrack by James O'Kane
NetCrack is an interesting utility for use on the Novell NetWare platform.
It applies a brute-force
attack against the bindery. It's slow, but still quite reliable.
Cross Reference: To find NetCrack, use the search
PGPCrack by Mark Miller
Before readers who use PGP get worked up, a bit of background is in order.
Pretty Good Privacy
(PGP) is probably the strongest and most reliable encryption utility available
to the public sector. Its
author, Phil Zimmermann, sums it up as follows:
PGPTM uses public-key encryption to protect
e-mail and data files. Communicate securely
with people you've never met, with no secure
channels needed for prior exchange of keys.
PGP is well featured and fast, with sophisticated
key management, digital signatures, data
compression, and good ergonomic design.
PGP can apply a series of encryption techniques. One of these, which
is discussed in Chapter 13,
"Techniques to Hide One's Identity," is IDEA. To give you an idea of how
difficult IDEA is to crack,
here is an excerpt from the PGP Attack FAQ, authored by Route (an authority
on encryption and a
member of "The Guild," a hacker group):
If you had 1,000,000,000 machines that could
try 1,000,000,000 keys/sec, it would still take
all these machines longer than the universe as
we know it has existed and then some, to find
the key. IDEA, as far as present technology is
concerned, is not vulnerable to brute-force
attack, pure and simple.
In essence, a message encrypted using a 1024-bit key generated with a
healthy and long passphrase
is, for all purposes, unbreakable. So, why did Mr. Miller author this
interesting tool? Because
passphrases can be poorly chosen and, if a PGP-encrypted message is to
be cracked, the
passphrase is a good place to start. Miller reports:
On a 486/66DX, I found that it takes about 7
seconds to read in a 1.2 megabyte passphrase
file and try to decrypt the file using every
passphrase. Considering the fact that the NSA,
other government agencies, and large corporations
have an incredible amount of computing
power, the benefit of using a large, random passphrase
is quite obvious.
Is this utility of any use? It is quite promising. Miller includes the
source with the distribution as well
as a file of possible passphrases (I have found at least one of those
passphrases to be one I have
used). The program is written in C and runs in the DOS, UNIX, and OS/2
Cross Reference: PGPCrack is available at several,
reliable locations, including
The ICS Toolkit by Richard Spillman
The ICS Toolkit utility is an all-purpose utility for studying Cryptanalysis.
It runs well in Microsoft
Windows 3.11 but is more difficult to use in Windows 95 or Windows NT.
It uses an older version
of VBRUN300.DLL and therefore, users with later versions would be wise
to move the newer copy to
a temporary directory. (The ICS application will not install unless it
can place its version of
VBRUN300.DLL into the c:\windows\system directory.) This utility will
help you learn how ciphers
are created and how to break them. It is really quite comprehensive, although
it takes some ingenuity
to set up. It was programmed for older versions of Microsoft Windows.
The interface is more
utilitarian than attractive.
EXCrack by John E. Kuslich
The EXCrack utility recovers passwords applied in the Microsoft Excel
environment. Mr. Kuslich is
very clear that this software is not free but licensable (and copyrighted);
therefore, I have neglected
to provide screenshots or quoted information. It's safe to say the utility
Cross Reference: To find EXCrack, use the search
CP.EXE by Lyal Collins
CP.EXE recovers or cracks passwords for CompuServe that are generated
in CISNAV and
WINCIM. It reportedly works on DOSCIM passwords as well. It a fast and
reliable way to test
whether your password is vulnerable to attack.
Cross Reference: This utility has been widely
distributed and can be found by issuing
the search string cis_pw.zip.
Password NT by Midwestern Commerce, Inc.
The Password NT utility recovers, or cracks, administrator password files
on the Microsoft
Windows NT 3.51 platform. In this respect, it is the NT equivalent of
any program that cracks the
root account in UNIX. Note that some hacking is required to use this utility;
if the original drive on
which the target password is located is NTFS (and therefore access-control
options are enabled),
you will need to move the password to a drive that is not access-control
protected. To do this, you
must move the password to a drive also running 3.51 workstation or server.
Therefore, this isn't
really an instant solution. Nevertheless, after everything is properly
set, it will take no time at all.
Cross Reference: A nicely done utility, Password
NT is always available at the
company's home page (http://www.omna.com/yes/AndyBaron/recovery.htm).
There are well over 100 other utilities of a similar character. I will
refrain from listing them here. I
think that the previous list is sufficient to get you started studying
password security. At least you can
use these utilities to test the relative strength of your passwords.
At this stage, I would like to address some concepts in password security,
as well as give you
sources for further education.
I hope that you will go to the Net and retrieve each of the papers I
am about to cite. If you are
serious about learning security, you will follow this pattern throughout
this book. By following these
references in the order they are presented, you will gain an instant education
in password security.
However, if your time is sparse, the following paragraphs will at least
provide you with some insight
into password security.
About UNIX Password Security
UNIX password security, when implemented correctly, is fairly reliable.
The problem is that people
pick weak passwords. Unfortunately, because UNIX is a multi-user system,
every user with a weak
password represents a risk to the remaining users. This is a problem that
must be addressed:
It is of utmost importance that all users on
a system choose a password that is not easy to
guess. The security of each individual user is
important to the security of the whole system.
Users often have no idea how a multi-user system
works and don't realize that they, by
choosing an easy-to-remember password, indirectly
make it possible for an outsider to
manipulate the entire system.6
6Walter Belgers, UNIX Password Security. December
TIP: The above-mentioned paper, UNIX Password
Security, gives an excellent
overview of exactly how DES works into the UNIX
password scheme. This includes a
schematic that shows the actual process of encryption
using DES. For users new to
security, this is an excellent starting point.
Cross Reference: Locate UNIX Password Security
by entering the search string
What are weak passwords? Characteristically, they are anything that might
occur in a dictionary.
Moreover, proper names are poor choices for passwords. However, there
is no need to theorize on
what passwords are easily cracked. Safe to say, if the password appears
in a password cracking
wordlist available on the Internet, the password is no good. So, instead
of wondering, get yourself a
Cross Reference: Start your search for wordlists
By regularly checking the strength of the passwords on your network,
you can ensure that crackers
cannot penetrate it (at least not through exploiting bad password choices).
Such a regimen can
greatly improve your system security. In fact, many ISPs and other sites
are now employing tools
that check a user's password when it is first created. This basically
implements the philosophy that
...the best solution to the problem of having
easily guessed passwords on a system is to
prevent them from getting on the system in the
first place. If a program such as a password
cracker reacts by guessing detectable passwords
already in place, then although the security
hole is found, the hole existed for as long as
the program took to detect it...If however, the
program which changes users' passwords...checks
for the safety and guessability before that
password is associated with the user's account,
then the security hole is never put in place.7
7Matthew Bishop, UC Davis, California, and Daniel
Klein, LoneWolf Systems Inc.
"Improving System Security via Proactive Password
Checking." (Appeared in
Computers and Security [14, pp. 233-249], 1995.)
TIP: This paper is probably one of the best
case studies and treatments of
easily-guessable passwords. It treats the subject
in depth, illustrating real-life examples
of various passwords that one would think are
secure but actually are not.
Cross Reference: Locate Improving System Security
via Proactive Password
Checking by entering the search string bk95.ps.
NOTE: As you go along, you will see many of
these files have a *.ps extension. This
signifies a PostScript file. PostScript is a
language and method of preparing
documents. It was created by Adobe, the makers
of Acrobat and Photoshop.
To read a PostScript file, you need a viewer.
One very good one is Ghostscript, which
is shareware and can be found at http://www.cs.wisc.edu/~ghost/.
Another good package (and a little more lightweight)
is a utility called Rops. Rops is
available for Windows and is located here:
(the ZDNet software library)
(the Oak software repository)
Other papers of importance include the following:
"Observing Reusable Password Choices"
Purdue Technical Report CSD-TR 92-049
Eugene H. Spafford
Department of Computer Sciences, Purdue University
Date: July 3, 1992
Search String: Observe.ps
"Password Security: A Case History"
Robert Morris and Ken Thompson
Search String: pwstudy.ps
"Opus: Preventing Weak Password Choices"
Purdue Technical Report CSD-TR 92-028
Eugene H. Spafford
Department of Computer Sciences, Purdue University
Date: June 1991
Search String: opus.PS.gz
"Federal Information Processing Standards Publication 181"
Announcing the Standard for Automated Password
Date: October 5, 1993
"Augmented Encrypted Key Exchange: A Password-Based Protocol Secure Against
Dictionary Attacks and Password File Compromise"
Steven M. Bellovin and Michael Merrit
AT&T Bell Laboratories
Search String: aeke.ps
"A High-Speed Software Implementation of DES"
David C. Feldmeier
Computer Communication Research Group
Date: June 1989
Search String: des.ps
"Using Content Addressable Search Engines to Encrypt and Break DES"
Peter C. Wayner
Computer Science Department
Search String: desbreak.ps
"Encrypted Key Exchange: Password-Based Protocols Secure Against Dictionary
Steven M. Bellovin and Michael Merrit
AT&T Bell Laboratories
Search String: neke.ps
"Computer Break-ins: A Case Study"
Leendert Van Doorn
Vrije Universiteit, The Netherlands
Date: Thursday, January 21, 1993
Search String: holland_case.ps
"Security Breaches: Five Recent Incidents at Columbia University"
Fuat Baran, Howard
Kaye, and Margarita Suarez
Center for Computing Activities
Date: June 27, 1990
Search String: columbia_incidents.ps
Other Sources and Documents
Following is a list of other resources. Some are not available on the
Internet. However, there are
articles that can be obtained through various online services (perhaps
Uncover) or at your local
library through interlibrary loan or through microfiche. You may have
to search more aggressively for
some of these, perhaps using the Library of Congress (locis.loc.gov) or
perhaps an even more
effective tool, like WorldCat (www.oclc.org).
"Undetectable Online Password Guessing Attacks"
Yun Ding and Patrick Horster,
OSR, 29(4), pp. 77-86
Date: October 1995
"Optimal Authentication Protocols Resistant to Password Guessing Attacks"
Stanford Research Institute
Computer Science Laboratory
Men Park, CA
Search String: optimal-pass.dvi or optimal-pass.ps
"A Password Authentication Scheme Based on Discrete Logarithms"
Tzong Chen Wu and Chin Chen Chang
International Journal of Computational Mathematics;
Vol. 41, Number 1-2, pp. 31-37
"Differential Cryptanalysis of DES-like Cryptosystems"
Eli Biham and Adi Shamir
Journal of Cryptology, 4(1), pp. 3-72
"A Proposed Mode for Triple-DES Encryption"
Don Coppersmith, Don B. Johnson, and Stephen
IBM Journal of Research and Development, 40(2),
"An Experiment on DES Statistical Cryptanalysis"
Conference on Computer and Communications Security,
"Department of Defense Password Management Guideline"
If you want to gain a more historical perspective regarding password
security, start with the
Department of Defense Password Management Guideline. This document was
produced by the
Department of Defense Computer Security Center at Fort Meade, Maryland.
Cross Reference: You can find the Department
of Defense Password Management
You have reached the end of this chapter, and I have only a few things
left to say in closing. One
point I want to make is this: password crackers are growing in number.
Because these tools often
take significant processing power, it is not unusual for crackers to crack
a large and powerful site
just so they can use the processor power available there. For example,
if you can crack a network
with, say, 800 workstations, you can use at least some of those machines
to perform high-speed
cracking. By distributing the workload to several of these machines, you
can ensure a much quicker
Many people argue that there is no legitimate reason persuasive enough
to warrant the creation of
such tools. That view is untenable. Password crackers provide a valuable
service to system
administrators by alerting them of weak passwords on the network. The
problem is not that
password crackers exist; the problem is that they aren't used frequently
enough by the good guys. I
hope that this book heightens awareness of that fact.
E-Mail any questions, comments or deaththreats to:
Copyright © AcidMeister...
Visit him at:
This is for Educational purposes only it should not be used as a guide
cause havoc or to hack. He He He, good luck!!! And don't get caught.
would hate to see you in a cell with your 300 pound Bruno The Gay Ax
murderer. He He He.