search

openwall / john

John the Ripper jumbo - advanced offline password cracker, which supports hundreds of hash and cipher types, and runs on many operating systems, CPUs, GPUs, and even some FPGAs
https://www.openwall.com/john/
Other
10.3k stars 2.1k forks source link

Radius hash not loaded to john #2172

Closed SagiSatish closed 8 years ago

SagiSatish commented 8 years ago

I created the radius server and access point for testing purpose. I captured the packets between radius server and access point. Packet capture includes the Access-Request, Access-Challenge and Access-Accept packets.

I have used radius2john.pl(From this jumbo edition) to get the hash. I am able to get the hash but when I tried to load the hash with john it always reports "No password hashes loaded (see FAQ)".

The below is the output generated by radius2john.pl.

Processing /root/Desktop/ap_radius_auth.pcap Unknown general attribute 77 for unpack() Unknown general attribute 44 for unpack() Unknown general attribute 186 for unpack() Unknown general attribute 187 for unpack() Unknown general attribute 188 for unpack() Unknown general attribute 79 for unpack() Unknown general attribute 80 for unpack() Access-Challenge 127.0.0.1-33 127.0.0.1:$dynamic_1009$3547f24d4e631a255d78269c776df379$HEX$0b2100586eb2a43631e3180bfb30e60809909a024f20011f001e1a011f001910cf677b029a4eb4431fdac0f5e07e9924736e696e5012292b10e8723e16a7cb9c5aef601f0e181812c2033df8c21c27c062d9b40e954e6f6a Access-Challenge 127.0.0.1-34 Access-Challenge 127.0.0.1-35 Access-Challenge 127.0.0.1-36 Access-Challenge 127.0.0.1-37 Access-Challenge 127.0.0.1-38 Access-Challenge 127.0.0.1-39 Access-Challenge 127.0.0.1-40 Access-Challenge 127.0.0.1-41 Access-Challenge 127.0.0.1-42 Unknown vendor attribute 311/17 for unpack() Unknown vendor attribute 311/16 for unpack() Access-Accept 127.0.0.1-43

I redirected the hash from above command to radius.john and tried the following command. $./john --wordlist=/usr/share/wordlists/rockyou.txt --format=dynamic_1009 radius.john Using default input encoding: UTF-8 No password hashes loaded (see FAQ)

Can anybody help me on this ?

jfoug commented 8 years ago

2 things.

  1. change the signature in the input line to this:

    127.0.0.1:$dynamic_2009$3547f24d4e6

Then edit run/dynamic_flat_sse_formats.conf, and edit the script for dynamic_2009, changing

SaltLen=-64

to

SaltLen=-110

Dynamic_1009 can not be used here, the salt is very large here. It was even larger than handled by dynamic_2009 (as coded).

On 7/13/2016 4:47 AM, SagiSatish wrote:

127.0.0.1:$dynamic_1009$3547f24d4e631a255d78269c776df379$HEX$0b2100586eb2a43631e3180bfb30e60809909a024f20011f001e1a011f001910cf677b029a4eb4431fdac0f5e07e9924736e696e5012292b10e8723e16a7cb9c5aef601f0e181812c2033df8c21c27c062d9b40e954e6f6a

jfoug commented 8 years ago

Please provide the input files you are using for radius2john.pl script (offlist)

jfoug at cox dot net

jfoug commented 8 years ago

b8b5d06

Please test after this change.

SagiSatish commented 8 years ago

Thanks for quick reply.

After doing modification john able to load the hash but not able crack. I am sure that shared secret is present in the word-list given to john. I will share the capture file to given the mail address.

jfoug commented 8 years ago

I did not write radius2john.pl and do not know what it is doing, or what data it is breaking apart to do this. What is the password for this test server ?

SagiSatish commented 8 years ago

testing123 is the password. I am trying to brute force the radius server shared secret which is "testing123".

http://www.untruth.org/~josh/security/radius/radius-auth.html had much information on the cracking procedure ( "3.3 User-Password Attribute Based Shared Secret Attack" and "3.1 "Response Authenticator Based Shared Secret Attack") . radius2john Perl script tries to get the hashes from radius Access-Request or Access-Accept/Access-Challenge/Access-Reject.

I don't have any experience with Perl tough, I tried to read it. I don't know why my access-request packet don't have User-Password attribute(Specified in Perl script) but keeping it aside I try to get the hash from other packets( which is 3.1 Response Authenticator Based Shared Secret Attack in the above URL) and the format is dynamic_1009 as specified in the script. I think it seems to be some problem with radius2john Perl script as it producing some errors like "Unknown general attribute 77 for unpack()".

jfoug commented 8 years ago 
$ hexdump in1a
0000000 210b 5800 b26e 36a4 e331 0b18 30fb 08e6
0000010 9009 029a 204f 1f01 1e00 011a 001f 1019
0000020 67cf 027b 4e9a 43b4 da1f f5c0 7ee0 2499
0000030 6e73 6e69 1250 2b29 e810 3e72 a716 9ccb
0000040 ef5a 1f60 180e 1218 03c2 f83d 1cc2 c027
0000050 d962 0eb4 4e95 6a6f 6574 7473 6e69 3167
0000060 3332

$ md5sum in1a
3547f24d4e631a255d78269c776df379 *in1a

$ cat in
127.0.0.1:$dynamic_2009$3547f24d4e631a255d78269c776df379$HEX$0b2100586eb2a43631e3180bfb30e60809909a024f20011f001e1a011f001910cf677b029a4eb4431fdac0f5e07e992473696e5012292b10e8723e16a7cb9c5aef601f0e181812c2033df8c21c27c062d9b40e954e6f6a

So the password is perfectly correct. Now to just find out why dynamic is not cracking it.

jfoug commented 8 years ago

da60896 That fixes the problem. 2009 was not compatible with 1009 (I thought all 200x were the flat SIMD version of the interleaved SIMD version). But 2009 was md5($s.md5($p)) and that is NOT radius

$ ../run/john xx -w=pw
Loaded 1 password hash (dynamic_1017 [md5($s.$p) (long salt) 128/128 XOP 4x2])
Warning: no OpenMP support for this hash type, consider --fork=2
Press 'q' or Ctrl-C to abort, almost any other key for status
testing123       (127.0.0.1)
1g 0:00:00:00 DONE (2016-07-14 08:46) 17.24g/s 17.24p/s 17.24c/s 17.24C/s testing123
Use the "--show" option to display all of the cracked passwords reliably
Session completed