1. Protected Files
1) Hunting for Encoded Files
(1) Hunting for SSH Keys
cry0l1t3@unixclient:~$ grep -rnw "PRIVATE KEY" /* 2>/dev/null | grep ":1"
/home/cry0l1t3/.ssh/internal_db:1:-----BEGIN OPENSSH PRIVATE KEY-----
/home/cry0l1t3/.ssh/SSH.private:1:-----BEGIN OPENSSH PRIVATE KEY-----
/home/cry0l1t3/Mgmt/ceil.key:1:-----BEGIN OPENSSH PRIVATE KEY------ Most SSH keys we will find nowadays are encrypted. We can recognize this by the header of the SSH key because this shows the encryption method in use.
(2) Encrypted SSH Keys
cry0l1t3@unixclient:~$ cat /home/cry0l1t3/.ssh/SSH.private
-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: AES-128-CBC,2109D25CC91F8DBFCEB0F7589066B2CC
8Uboy0afrTahejVGmB7kgvxkqJLOczb1I0/hEzPU1leCqhCKBlxYldM2s65jhflD
4/OH4ENhU7qpJ62KlrnZhFX8UwYBmebNDvG12oE7i21hB/9UqZmmHktjD3+OYTsD
...SNIP...
(3) John Hashing Scripts
yeon0815@htb[/htb]$ locate *2john*
/usr/bin/bitlocker2john
/usr/bin/dmg2john
/usr/bin/gpg2john
/usr/bin/hccap2john
/usr/bin/keepass2john
/usr/bin/putty2john
/usr/bin/racf2john
/usr/bin/rar2john
/usr/bin/uaf2john
/usr/bin/vncpcap2john
/usr/bin/wlanhcx2john
/usr/bin/wpapcap2john
/usr/bin/zip2john
/usr/share/john/1password2john.py
/usr/share/john/7z2john.pl
/usr/share/john/DPAPImk2john.py
/usr/share/john/adxcsouf2john.py
/usr/share/john/aem2john.py
/usr/share/john/aix2john.pl
/usr/share/john/aix2john.py
/usr/share/john/andotp2john.py
/usr/share/john/androidbackup2john.py
...SNIP...
(4) Converting many different formats into single hashes
yeon0815@htb[/htb]$ ssh2john.py SSH.private > ssh.hash
yeon0815@htb[/htb]$ cat ssh.hash
ssh.private:$sshng$0$8$1C258238FD2D6EB0$2352$f7b...SNIP...
(5) Cracking SSH keys
yeon0815@htb[/htb]$ john --wordlist=rockyou.txt ssh.hash
Using default input encoding: UTF-8
Loaded 1 password hash (SSH [RSA/DSA/EC/OPENSSH (SSH private keys) 32/64])
Cost 1 (KDF/cipher [0=MD5/AES 1=MD5/3DES 2=Bcrypt/AES]) is 0 for all loaded hashes
Cost 2 (iteration count) is 1 for all loaded hashes
Will run 2 OpenMP threads
Note: This format may emit false positives, so it will keep trying even after
finding a possible candidate.
Press 'q' or Ctrl-C to abort, almost any other key for status
1234 (SSH.private)
1g 0:00:00:00 DONE (2022-02-08 03:03) 16.66g/s 1747Kp/s 1747Kc/s 1747KC/s Knightsing..Babying
Session completedyeon0815@htb[/htb]$ john ssh.hash --show
SSH.private:1234
1 password hash cracked, 0 left
2) Cracking Documents
- Pretty much all reports, documentation, and information sheets can be found in the form of Office DOCs and PDFs.
(1) Cracking Microsoft Office Documents
yeon0815@htb[/htb]$ office2john.py Protected.docx > protected-docx.hash
yeon0815@htb[/htb]$ cat protected-docx.hash
Protected.docx:$office$*2007*20*128*16*7240...SNIP...8a69cf1*98242f4da37d916305d8e2821360773b7edc481byeon0815@htb[/htb]$ john --wordlist=rockyou.txt protected-docx.hash
Loaded 1 password hash (Office, 2007/2010/2013 [SHA1 256/256 AVX2 8x / SHA512 256/256 AVX2 4x AES])
Cost 1 (MS Office version) is 2007 for all loaded hashes
Cost 2 (iteration count) is 50000 for all loaded hashes
Will run 2 OpenMP threads
Press 'q' or Ctrl-C to abort, almost any other key for status
1234 (Protected.docx)
1g 0:00:00:00 DONE (2022-02-08 01:25) 2.083g/s 2266p/s 2266c/s 2266C/s trisha..heart
Use the "--show" option to display all of the cracked passwords reliably
Session completedyeon0815@htb[/htb]$ john protected-docx.hash --show
Protected.docx:1234
(2) Cracking PDFs
yeon0815@htb[/htb]$ pdf2john.py PDF.pdf > pdf.hash
yeon0815@htb[/htb]$ cat pdf.hash
PDF.pdf:$pdf$2*3*128*-1028*1*16*7e88...SNIP...bd2*32*a72092...SNIP...0000*32*c48f001fdc79a030d718df5dbbdaad81d1f6fedec4a7b5cd980d64139edfcb7eyeon0815@htb[/htb]$ john --wordlist=rockyou.txt pdf.hash
Using default input encoding: UTF-8
Loaded 1 password hash (PDF [MD5 SHA2 RC4/AES 32/64])
Cost 1 (revision) is 3 for all loaded hashes
Will run 2 OpenMP threads
Press 'q' or Ctrl-C to abort, almost any other key for status
1234 (PDF.pdf)
1g 0:00:00:00 DONE (2022-02-08 02:16) 25.00g/s 27200p/s 27200c/s 27200C/s bulldogs..heart
Use the "--show --format=PDF" options to display all of the cracked passwords reliably
Session completedyeon0815@htb[/htb]$ john pdf.hash --show
PDF.pdf:1234
1 password hash cracked, 0 left
2. Protected Archives
1) Download All file extensions
yeon0815@htb[/htb]$ curl -s https://fileinfo.com/filetypes/compressed | html2text | awk '{print tolower($1)}' | grep "\." | tee -a compressed_ext.txt
.mint
.htmi
.tpsr
.mpkg
.arduboy
.ice
.sifz
.fzpz
.rar
.comppkg.hauptwerk.rar
...SNIP...
2) Cracking ZIP
(1) Using zip2john
yeon0815@htb[/htb]$ zip2john ZIP.zip > zip.hash
ver 2.0 efh 5455 efh 7875 ZIP.zip/flag.txt PKZIP Encr: 2b chk, TS_chk, cmplen=42, decmplen=30, crc=490E7510
(2) Viewing the Contents of zip.hash
yeon0815@htb[/htb]$ cat zip.hash
ZIP.zip/customers.csv:$pkzip2$1*2*2*0*2a*1e*490e7510*0*42*0*2a*490e*409b*ef1e7feb7c1cf701a6ada7132e6a5c6c84c032401536faf7493df0294b0d5afc3464f14ec081cc0e18cb*$/pkzip2$:customers.csv:ZIP.zip::ZIP.zip
(3) Cracking the hash with john
yeon0815@htb[/htb]$ john --wordlist=rockyou.txt zip.hash
Using default input encoding: UTF-8
Loaded 1 password hash (PKZIP [32/64])
Will run 2 OpenMP threads
Press 'q' or Ctrl-C to abort, almost any other key for status
1234 (ZIP.zip/customers.csv)
1g 0:00:00:00 DONE (2022-02-09 09:18) 100.0g/s 250600p/s 250600c/s 250600C/s 123456..1478963
Use the "--show" option to display all of the cracked passwords reliably
Session completed
(4) Viewing the Cracked Hash
yeon0815@htb[/htb]$ john zip.hash --show
ZIP.zip/customers.csv:1234:customers.csv:ZIP.zip::ZIP.zip
1 password hash cracked, 0 left
3) Cracking OpenSSL Encrypted Archives
(1) Using file
yeon0815@htb[/htb]$ file GZIP.gzip
GZIP.gzip: openssl enc'd data with salted password
(2) Using a for-loop to display extracted contents
- When cracking OpenSSL encrypted files and archives, we can encounter many different difficulties that will bring many false positives or even fail to guess the correct password.
- Therefore, the safest choice for success is to use the openssl tool in a for-loop that tries to extract the files from the archive directly if the password is guessed correctly.
yeon0815@htb[/htb]$ for i in $(cat rockyou.txt);do openssl enc -aes-256-cbc -d -in GZIP.gzip -k $i 2>/dev/null| tar xz;done
gzip: stdin: not in gzip format
tar: Child returned status 1
tar: Error is not recoverable: exiting now
gzip: stdin: not in gzip format
tar: Child returned status 1
tar: Error is not recoverable: exiting now
<SNIP>
4) Cracking BitLocker Encrypted Drives
- BitLocker is an encryption program for entire partitions and external drives.
- It uses the AES encryption algorithm with 128-bit or 256-bit length.
- If the password or PIN for BitLocker is forgotten, we can use the recovery key to decrypt the partition or drive. The recovery key is a 48-digit string of numbers generated during BitLocker setup that also can be brute-forced.
(1) Using bitlocker2john
yeon0815@htb[/htb]$ bitlocker2john -i Backup.vhd > backup.hashes
yeon0815@htb[/htb]$ grep "bitlocker\$0" backup.hashes > backup.hash
yeon0815@htb[/htb]$ cat backup.hash
$bitlocker$0$16$02b329c0453b9273f2fc1b927443b5fe$1048576$12$00b0a67f961dd80103000000$60$d59f37e...SNIP...70696f7eab6b
(2) Using hashcat to Crack backup.hash
yeon0815@htb[/htb]$ hashcat -m 22100 backup.hash /opt/useful/seclists/Passwords/Leaked-Databases/rockyou.txt -o backup.cracked
hashcat (v6.1.1) starting...
<SNIP>
$bitlocker$0$16$02b329c0453b9273f2fc1b927443b5fe$1048576$12$00b0a67f961dd80103000000$60$d59f37e70696f7eab6b8f95ae93bd53f3f7067d5e33c0394b3d8e2d1fdb885cb86c1b978f6cc12ed26de0889cd2196b0510bbcd2a8c89187ba8ec54f:1234qwer
Session..........: hashcat
Status...........: Cracked
Hash.Name........: BitLocker
Hash.Target......: $bitlocker$0$16$02b329c0453b9273f2fc1b927443b5fe$10...8ec54f
Time.Started.....: Wed Feb 9 11:46:40 2022 (1 min, 42 secs)
Time.Estimated...: Wed Feb 9 11:48:22 2022 (0 secs)
Guess.Base.......: File (/opt/useful/seclists/Passwords/Leaked-Databases/rockyou.txt)
Guess.Queue......: 1/1 (100.00%)
Speed.#1.........: 28 H/s (8.79ms) @ Accel:32 Loops:4096 Thr:1 Vec:8
Recovered........: 1/1 (100.00%) Digests
Progress.........: 2880/6163 (46.73%)
Rejected.........: 0/2880 (0.00%)
Restore.Point....: 2816/6163 (45.69%)
Restore.Sub.#1...: Salt:0 Amplifier:0-1 Iteration:1044480-1048576
Candidates.#1....: chemical -> secrets
Started: Wed Feb 9 11:46:35 2022
Stopped: Wed Feb 9 11:48:23 2022
(3) Viewing the Cracked hash
yeon0815@htb[/htb]$ cat backup.cracked
$bitlocker$0$16$02b329c0453b9273f2fc1b927443b5fe$1048576$12$00b0a67f961dd80103000000$60$d59f37e70696f7eab6b8f95ae93bd53f3f7067d5e33c0394b3d8e2d1fdb885cb86c1b978f6cc12ed26de0889cd2196b0510bbcd2a8c89187ba8ec54f:1234qwer
3. Password Policies
- The scope of password policy is not limited to the password minimum requirements but the whole life cycle of a password (such as manipulation, storage, and transmission).
1) Password Policy Standards
(1) NIST SP800-63B
(2) CIS Password Policy Guide
(3) PCI DSS
4. Password Managers
- Password manager is an application that allows users to store their passwords and secrets in an encrypted database.
The implementation of password managers varies depending on the manufacturer, but most work with a master password to encrypt the database.
1) Online Password Managers
- This allows the user to synchronize its encrypted password database between multiple devices.
- A common implementation for online password managers is deriving keys based on the master password. Its purpose is to provide a Zero Knowledge Encryption, which means that no one, except you (now even the service provider), can access your secured data.
(1) Master key: created by some function to turn the master password into a hash.
(2) Master password hash: created by some function to turn the master password with a combination of the master key into a hash to authenticate to the cloud.
(3) Decryption key: created by some function using the master key to form a Symmetric Key to decrypt vault items.
2) Local Password Managers
- some companies and individuals prefer to manage their security for different reasons and not rely on services provided by third parties.
- Local password managers offer this option by storing the database locally and putting the responsibility on the user to protect their content and the location where it is stored.
- Local password managers encrypt the database file using a master key.
