Friday, January 13, 2012

Analysis Of The Gawker Leak

I'm going to post an analysis I did some time ago, in the new format I built for this blog. This is the famous Gawker leak that got everyone up from their chairs. There have been several other analyses of the leak, however, to my knowledge, this analysis contains the largest sample of passwords. Garwker was using Unix DES and OpenBSD Blowfish as encryption. As Unix DES hash can be cracked on the GPU, so I started working on DES instead of Blowfish.

The leak contained a total of 748098 Unix DES hashes, 188281 passwords were provided by the attackers, so they where put into a wordlist before cracking. A total of 474229 hashes were cracked, that is 63.39%. Only 9 hours were spend on cracking.

The Cracking
An important aspect of password cracking is to counter the counter-measures of wordlist cracking. Unix DES uses a 12 bit salt and the fact that it performs 25 DES encryptions of the password also makes it a lot harder to crack. However, the Unix DES algorithm fails in that the password is truncated to 8 characters. This means we can optimize our wordlists and brute force attacks to only be a maximum of 8 characters. As for the salts, use your most efficient wordlists first and remove the hashes from the hashlist once they are cracked. This will speed up the cracking process every time a hash has been cracked.

Compared to other algorithms, Unix DES is very resource intensive. In this crack, I split the hashlist into the following partial hashlists:

1. 10%
2. 10%
3. 10%
4. 10%
5. 60%

I then started list 1-4 on the CPU and list 5 on the GPU. This way I used all the resources available to me. Duplicate hashes were removed prior to cracking to ensure that we are working on as small files as possible.

Specialized Hardware
DES has been the subject of password cracking for a very long time as the DES algorithm has been widely implemented. Specialized hardware has been created to crack DES, hardware such as the COPACOBANA or the BEE2 platform. Security researchers have even optimized the cracking of Unix DES on PS3 by minimizing the amount of gates per S-Box.

Today we have much more raw power in clustered environments such as CPU/GPU clouds. One could spend a good amount of money to rent a GPU cloud and break a Unix DES hash within a few weeks. However, in this crack, I utilized a high-end 4 core i7 CPU and a high-end CUDA based GPU.


The Results

Length distribution
 
Average password length: 6.954842

Character distribution
 

Unique character distribution


Contained in common wordlists
 

Top 30 most common passwords


Top 30 longest passwords

No comments:

Post a Comment