Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Weak admin password detection #40

Merged
merged 1 commit into from Mar 17, 2017

Conversation

@pocallaghan
Copy link
Contributor

pocallaghan commented Feb 13, 2017

Create two new commands for attempting to brute force crack admin
passwords and api keys.

@gwillem
Copy link
Contributor

gwillem commented Feb 13, 2017

Nice!! @frosit, would you have a clue about the (possibly unrelated) test error?

@vdloo
Copy link
Member

vdloo commented Feb 14, 2017

perhaps related to this

@frosit
Copy link
Contributor

frosit commented Feb 14, 2017

nice, @gwillem i will take a look at it later today

@pocallaghan
Copy link
Contributor Author

pocallaghan commented Feb 15, 2017

As you merged the bootstrap fix, I'll rebase this later today, fingers crossed everything should pass...

Create two new commands for attempting to brute force crack admin
passwords and api keys.
@pocallaghan pocallaghan force-pushed the pocallaghan:feature/password-hacker branch from a6eb2ca to 098bcd2 Feb 15, 2017
@gwillem
Copy link
Contributor

gwillem commented Feb 22, 2017

Test with:

mkdir -p ~/.n98-magerun/modules
curl -Lks https://github.com/pocallaghan/hypernode-magerun/archive/feature/password-hacker.tar.gz | tar xz -C ~/.n98-magerun/modules
# for hypernode test only:
alias magerun='/usr/local/bin/magerun --skip-root-check --root-dir=/data/web/public'
magerun hypernode:crack:admin-passwords --help
magerun hypernode:crack:admin-passwords --active --force --rulesets=best64 1000 special vendors -v

Which would yield

+-------+-------------------------------------------------------------------+---------+----------+
| User  | Hash                                                              | Cracked | Password |
+-------+-------------------------------------------------------------------+---------+----------+
| admin | 709e94f1c8d64796a801afc06f714335:keQDOhV2YF3mUoaXxfRpR8mWcHt4CkZc | No      |          |
| user  | fd67b8bb20ceb349a77693f999a140f6:VGTq3WnsqCgYx8tRVY5KA7HCQB3UBmmr | Yes     | test123  |
+-------+-------------------------------------------------------------------+---------+----------+
Cracking Completed in 1 second.
@peterjaap
Copy link
Collaborator

peterjaap commented Feb 24, 2017

After adding the rockyou.txt word list, the cracking takes a lot longer, thereby hitting a process timeout within Symfony Console component (which throws Symfony\Component\Process\Exception\ProcessTimedOutException), so you need to update Engine/Hashcat.php on line 50 to;

$process->setTimeout(0)->setIdleTimeout(0)->run();

Or similar.

@peterjaap
Copy link
Collaborator

peterjaap commented Feb 24, 2017

I guess that the 'special' list can never contain too much words. Maybe also parse cms_page and cms_block content to words and append those?
Maybe also;

  • company address
  • sales email addresses (for customer service, general, etc)
  • look up Facebook page based on firstname+lastname and parse all their posts :trollface:
@JeroenBoersma
Copy link
Contributor

JeroenBoersma commented Feb 24, 2017

generation + show command would be nice...
this would make using docker a lot easier, removes dependency hell

@peterjaap
Copy link
Collaborator

peterjaap commented Mar 16, 2017

@pocallaghan @gwillem so.... are we merging this or what? 😄

@gwillem
Copy link
Contributor

gwillem commented Mar 17, 2017

You're right.. let's roll! Will distribute this on our platform shortly. After we fixed the Magereport outage.
Again, kudo's to @pocallaghan for producing this very nice module!

@gwillem gwillem merged commit e88cb52 into Hypernode:master Mar 17, 2017
@gwillem
Copy link
Contributor

gwillem commented Mar 17, 2017

Both php5 & 7:

Starting test 'Hypernode\PasswordCracker\Mutator\ToggleAtTest::testUMutate with data set #2 ('T6', 'abc', 'abc')'.
E
Time: 1.53 seconds, Memory: 30.00MB
There was 1 error:
1) Hypernode\PasswordCracker\Mutator\ToggleAtTest::testUMutate with data set #2 ('T6', 'abc', 'abc')
Uninitialized string offset: 6
/home/travis/build/Hypernode/hypernode-magerun/src/Hypernode/PasswordCracker/Mutator/ToggleAt.php:33
/home/travis/build/Hypernode/hypernode-magerun/tests/Hypernode/PasswordCracker/Mutator/AbstractMutatorTest.php:30
FAILURES!
Tests: 183, Assertions: 203, Errors: 1.
The command "vendor/bin/phpunit --debug --stop-on-error --stop-on-failure" exited with 2.

@pocallaghan what version did you test with?

Travis has:

$ php --version
PHP 7.0.17 (cli) (built: Mar 17 2017 12:37:36) ( ZTS )
Copyright (c) 1997-2017 The PHP Group
Zend Engine v3.0.0, Copyright (c) 1998-2017 Zend Technologies
    with Zend OPcache v7.0.17, Copyright (c) 1999-2017, by Zend Technologies
    with Xdebug v2.5.0, Copyright (c) 2002-2016, by Derick Rethans
$ composer --version
Composer version 1.4.1 2017-03-10 09:29:45
@gwillem gwillem changed the title Add password hacker. Weak admin password detection Mar 23, 2017
@peterjaap
Copy link
Collaborator

peterjaap commented Mar 29, 2017

Since #42 fixes this, we can now merge this?

@gwillem
Copy link
Contributor

gwillem commented Mar 29, 2017

It was already merged! Yesterday deployed on all Hypernodes. We're preparing a release statement and instructions, stay tuned

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Linked issues

Successfully merging this pull request may close these issues.

None yet

6 participants
You can’t perform that action at this time.