Here in Shamattawa we are having a science fair. The idea is to have students learn about science by doing it and adding some excitement by publicizing the result. There could be much fun and motivation from the exercise. If students do well here they may be able to go to regional science fairs.I have a background in science but here I am the “computer” teacher. I thought about some projects we could do with the Grade 9 students who will be with me for this semester. They are energetic and smart. I expect those characteristics spill over into use of computers, too. I need ideas they can develop in a few weeks that could make a difference in their lives.As always, when making plans, I surveyed the tools available: Debian Etch in a local repository, some bandwidth to the Internet (variable), 24 lab PCs, a local copy of Wikipedia from 2005, and a web server and a terminal server. The terminal server normally runs all the apps for the lab and the web/file server supplies the root filesystems for the clients by NFS. We tossed around the idea of using OpenMosix to share processes around but came up with a project that is naturally divisible (cracking passwords) and used a script instead:
program cracker;
uses math,md5,strings;
(* Robert Pogson 2008 *)
var unknown:string;solution:string; tests:string;
var i,u1,u2,limit,code,processor,processors:integer;
const universe=’!@#$%^&*()_+|1234567890=\~`QWERTYUIOP{}qwertyuiop[]ASDFGHJKL:”asdfghjkl;”ZXCVBNM<>?zxcvbnm,./’;
const debug=false;
(*Recursive procedure to test current version of guess and try all the universe of printable characters next *)
procedure r( s:string);
var i,j:integer;
begin
tests:=MD5Print(MD5String(s));(*calculate MD5 hash of current string*)
if tests=unknown then begin writeln(‘cracked! ‘,s);halt( 0)
end (*exit with cracked! message if cracked*)
else
begin j:=length(s)+1;s[0]:=chr(j);if j<=limit then
(*calculate new length and loop through next character and test*)
for i:=1 to length(universe) do
begin
s[j]:=universe[i];
r(s)
end
end
end;
begin (*main programme that reads from the command line*)
solution:='';
if paramcount < 4 then
begin writeln('usage: cracker md5sum limit processor processors');
if paramcount = 1 then writeln('md5 of parameter 1 is ',MD5Print(md5string(paramstr(1)))) end
(*dump MD5sum of input if only 1*)
else
begin
val(paramstr(2),limit,code); (*convert the input to a number for the maximum length to test*)
val(paramstr(3),processor,code);
val(paramstr(4),processors,code);
u1:=length(universe) mod processors;
if u1=0 then u2:= (processor) * (length(universe) div processors)
else u2:=(processor) * ((length(universe) div processors )+1);
if u2>length(universe) then u2:=length(universe);
if u1=0 then u1:=u2-(length(universe) div processors) else u1:=u2+1 – ((length(universe) div processors )+1);
if u1<1 then u1:=1;writeln(u1,’ ‘,u2,’ ‘,length(universe));unknown:=paramstr(1);
for i:=u1 to u2 do
begin solution:=’a';solution[1]:=universe[i];r(solution) (*start the recursion*)
end;end;end.
The programme is invoked by pointing the operating system to the programme “cracker” followed by parameters, the hash, the maximum length of password to try, the number of the processor and the number of processors involved in the calculation.
pogson@beryl:~$ time ./cracker d077f244def8a70e5ea758bd8352fcd8 3 1 1
cracked! cat
real 0m25.935s
user 0m25.794s
sys 0m0.004s
pogson@beryl:~$ time ./cracker 0832c1202da8d382318e329a7c133ea0 4 1 1 cracked! cats
real 0m25.951s
user 0m25.818s
sys 0m0.012s
pogson@beryl:~$ time ./cracker 938c2cc0dcc05f2b68c4287040cfcf71 4 1 1cracked! frog
real 0m17.735s
user 0m17.629s
sys 0m0.008s
pogson@beryl:~$ time ./cracker c8a104e88d5ebf08d6edde8efc3c953c 6 1 1 cracked! fairyt
real 645m56.217s
user 636m18.978s
sys 0m10.669s
Of course, these tests presume we know the length of the password to save time. In general we do not so a real test would use a larger number for the maximum length. In practice, we can assume a user will use a shorter password and repeatedly raise the length as we do trials.The script to run this programme on the computers in the lab is simple:
for ((f=23;f=f-1;)) ;do ssh lab$f cracker c8a104e88d5ebf08d6edde8efc3c953c 6 $f 24;done
SSH is a neat client server system that permits a command generated on one computer to be executed on another. We simply put cracker in the command path in each computer in the lab (from a file server) and run the command above to crack the password. Since there are 22 PCs working, they each have 5 first characters to try and the solution will be 5 times longer than the examples given above at most.
CONCLUSION- A password less than 7 characters long may be cracked in a day or two by an attacker of modest means, if the attacker has access to the hashed password, and there is no timeout or denial of access on failure of a password attempt. Any modern system will deny access to the hashed passwords by file permission access control, so the first point is not serious. On the other hand, when we download malware on a system, and run our systems many hours every day, often with network access always on, the intruder has all the time in the world to patiently chip away at our security.
We can prevent password crackers from working by choosing an operating system that does not permit malware to run by default (GNU/Linux, UNIX, since inception). Microsoft Windows, while improving in security provides many unnecessary services to malware permitting it to keep trying, or in many cases to skip password cracking and taking control of the system by privilege escalation. Since Microsoft has had a monopoly on PC operating systems (middle 1990s) they have had little commercial pressure to pay attention to security. Their operating system was designed from the beginning as a single-user system with no concerns for security whatsoever. The UNIX family of operating systems (AIX, HP-UX, GNU/Linux, Mac OS X) have always been multi-user systems and had mechanisms from the beginning to protect one user from another.
BIBLIOGRAPHY-
CyberInsecurity: The Cost of Monopoly How the Dominance of Microsoft’s Products Poses a Risk to Security – “Computing is crucial to the infrastructure of advanced countries. Yet, as fast as the world’s computing infrastructure is growing, security vulnerabilities within it are growing faster still. The security situation is deteriorating, and that deterioration compounds when nearly all computers in the hands of end users rely on a single operating system subject to the same vulnerabilities the world over. Most of the world’s computers run Microsoft’s operating systems, thus most of the world’s computers are vulnerable to the same viruses and worms at the same time. The only way to stop this is to avoid monoculture in computer operating systems, and for reasons just as reasonable and obvious as avoiding monoculture in farming. Microsoft exacerbates this problem via a wide range of practices that lock users to its platform. The impact on security of this lock-in is real and endangers society. Because Microsoft’s near-monopoly status itself magnifies security risk, it is essential that society become less dependent on a single operating system from a single vendor if our critical infrastructure is not to be disrupted in a single blow. The goal must be to break the monoculture. Efforts by Microsoft to improve security will fail if their side effect is to increase user-level lock-in. Microsoft must not be allowed to impose new restrictions on its customers – imposed in the way only a monopoly can do – and then claim that such exercise of monopoly power is somehow a solution to the security problems inherent in its products. The prevalence of security flaw in Microsoft’s products is an effect of monopoly power; it must not be allowed to become a reinforcer. Governments must set an example with their own internal policies and with the regulations they impose on industries critical to their societies. They must confront the security effects of monopoly and acknowledge that competition policy is entangled with security policy from this point forward.”
see http://cryptome.org/cyberinsecurity.htm
Easy things users can do to improve security: Recommendations of “best practices” for securing individual user’s accounts.“Use an 8 character password;Using the maximum number of characters greatly increases the complexity of guessing or cracking passwords. Beware that only the first eight characters of a password are “significant” on most UNIX systems, although the system allows you to type longer ones.”
see http://security.fnal.gov/UserGuide/password.htm“Your password will be checked for complexity”
see http://www.securitystats.com/tools/password.php
9459
8751
97
2
0
12806 
5759 
5723 
3889 
1628 
1549 
192 
0 
0 
0 
0 
0 