passwords: you can’t do it right

 programming, security  No Responses »
Sep 272011
 

i was recently asked to do a presentation for a local conference. i like coming up with new things to research and investigate and decided to pursue passwords (and how bad they are). below is my presentation and code for the talk:

title: passwords: you can’t do it right
description: some say you’re doing it wrong. i argue you can’t do it right (but some do it better than others). see how ineffective passwords are at protecting your accounts and ways of decreasing the chance of anyone using your passwords to achieve total domination.

 

passwords: you can’t do it right 0×03 on prezi

#!/usr/bin/python
#
# password_stats_03.py
 
import re
import sys
 
if (len(sys.argv) != 2):
	print """
	password stats 0.03
	usage: password_stats_03.py
	"""
	exit()
 
# assign arguments to variable
file_passwords_all = sys.argv[1] 
 
# create empty vars
passwords_all = 0
passwords_unique = 0
password_numeric = 0
password_alpha_lower = 0
password_alpha_upper = 0
password_alpha_mixed = 0
password_alpha_lower_numeric = 0
password_alpha_upper_numeric = 0
password_alpha_mixed_numeric = 0
password_everything_else = 0
 
# create empty list(s)
list_password_length = []
 
# create empty dictionary(s)
dict_password_count = {}
 
# save all passwords to a list
file_passwords_all = open(file_passwords_all, 'r')
list_passwords_all = []
 
for line in file_passwords_all:
	list_passwords_all.append(line)
	passwords_all += 1
	password_length = len(line)
	list_password_length.append(password_length)
	if re.search("^[0-9]+$", line):
		password_numeric += 1
	elif re.search("^[a-z]+$", line):
		password_alpha_lower += 1
	elif re.search("^[A-Z]+$", line):
		password_alpha_upper += 1
	elif re.search("^[a-zA-Z]+$", line):
		password_alpha_mixed += 1
	elif re.search("^[a-z0-9]+$", line):
		password_alpha_lower_numeric += 1
	elif re.search("^[A-Z0-9]+$", line):
		password_alpha_upper_numeric += 1
	elif re.search("^[a-zA-Z0-9]+$", line):
		password_alpha_mixed_numeric += 1
	else:
		password_everything_else += 1
 
file_passwords_all.close()
 
# save unique passwords to a list
list_passwords_unique = set(list_passwords_all)
 
# put unique passwords and the number of times seen in a dictionary
for item in list_passwords_unique:
	dict_password_count[item] = list_passwords_all.count(item)
	passwords_unique += 1
 
# calculate how many unique passwords there are
passwords_unique_percent = (float(passwords_unique)/float(passwords_all)) * 100
 
# display total and unique passwords
print
print 'all passwords\t\t= ' + str(passwords_all)
print 'unique passwords\t= ' + str(passwords_unique) + "\t\t%% %.02f" % passwords_unique_percent
print
 
# print out password lengths and number of times seen
print 'password length(s): '
for number in range(31):
	password_item = number + 1
	password_length_total = list_password_length.count(password_item)
	length_percentage = (float(password_length_total)/float(passwords_all)) * 100
	print str(number) + " char\t =>\t " + str(password_length_total) + "\t\t%% %.02f" % length_percentage
 
# print out complexity of the passwords and number of times seen with percentages
dict_password_complexity_options = {password_numeric: 'all numeric          ', password_alpha_lower: 'all alpha lower', password_alpha_upper: 'all alpha upper', password_alpha_mixed: 'all alpha mixed', password_alpha_lower_numeric: 'alpha lower & numeric', password_alpha_upper_numeric: 'alpha upper & numeric', password_alpha_mixed_numeric: 'alpha mixed & numeric', password_everything_else: 'everything else'}
 
print
print "password complexity: "
for item, description in dict_password_complexity_options.iteritems():
	print "%s \t\t " % description + str(item) + "\t%% %.02f" % ((float(item)/float(passwords_all)) * 100)
sum = password_numeric + password_alpha_lower + password_alpha_upper + password_alpha_mixed + password_alpha_lower_numeric + password_alpha_upper_numeric + password_alpha_mixed_numeric + password_everything_else
print "sum\t\t\t\t " + str(sum)
print
 
# print out the ten most common passwords with number of times seen
print "most common passwords:"
counter = 9
for key,value in sorted(dict_password_count.iteritems(), key=lambda item: -item[1]):
        if counter > 0:
		if len(key) < 6:
			print "password: " + str(key).strip() + "\t\t\tcount: " + str(value).strip()
		else:
			print "password: " + str(key).strip() + "\t\tcount: " + str(value).strip()
            	counter-=1

learning to code (on the cheap)

 programming  No Responses »
Sep 182011
 

in the time that i have been in IT (almost 6 years) i have become very proficient at hacking together code to do what i need. from vb scripts to do simple network administration to customizing some python to send over an exploit, i have found a way to make it work.

what i miss and don’t know is how to do is code correctly. in my search for learning how to code proper i ran across some great courses from stanford university and thought i would share.

i was looking for entry level classes that started at square one and these classes fit the bill perfectly. whats even better is that not only the video, but the homework assignments, handouts, and files are all available free of charge.

so far i have watched almost 4 of the classes and can say i have already learned some things, looking forward to the next 70+ classes ;)

here are the classes with links:

titleurllanguageitunes link
cs106a - programming methodologyhttp://www.stanford.edu/class/cs106a/javahttp://itunes.apple.com/us/itunes-u/programming-methodology/id384232896
cs106b - programming abstractionshttp://www.stanford.edu/class/cs106b/c++http://itunes.apple.com/us/itunes-u/programming-abstractions/id384232917
cs107 - programming paradigmshttp://www.stanford.edu/class/cs107/c++http://itunes.apple.com/us/itunes-u/programming-paradigms/id384233005

note: for the record, i am not really a fan of itunes (and you can get these classes on youtube as well), but being able to download all the classes to my hard drive with a single mouse click was compelling enough for me to do it through itunes.

learning to reverse

 assembly, programming  No Responses »
May 172011
 

over the past week the topic of learning how to reverse engineer malware/binaries has come up several times in conversation.

i am not a skilled reverser, but i have been working over the last year or so to get better at it and really understand what is going on at the binary level.

earlier this year i discovered a series called “reversing with lena”. lena, the author, touts the series as a way to learn how to reverse for complete beginners, no programming experience required. its 40 lessons long (i am still on lesson 10, so i can only vouch for the first 10 being very good), and the flash videos and .exe’s you need to reverse are included. all reversing takes place  on a 32-bit intel x86 platform.

this series has helped me more than any other to actually understand reversing in the real world and i thought others might enjoy it as well.

before you download:

  • i take no responsibility for what you do with the knowledge you gain (i am using this to get better at reversing malware).
  • some of the programs will most likely be flagged as virus’ by your AV solution, which i don’t believe is accurate (but can’t guarantee either).
  • the password to the 7zip archive is ‘reverse’ (no quotes)
  • download the 7zip archive here (~140 mb)

i found the tutorial on tuts4you.com, a reverse engineering community that has lots of other resources on it (how good or bad, i do not know).

learning assembly

 programming  No Responses »
Jul 022010
 

i will be the first to admit i am not a coder. i have worked, at different points in my career, to learn c, perl, ruby, java, python, and now assembly. so, i have found i am disfunctional at all of them, but i have learned to copy, paste, and hack with the best of them ;)

about two months ago i started taking offensive security’s pentesting with backtrack course. its been a great course, i have learned a lot (i might do a writeup of it when i am finished). what the course also taught me was the importance of, at some level, understanding assembly. so, my quest for the past month has been to become more fluid with reading assembly.

i have sifted through a lot of resources and thought i would pass along the ones i have found valuable.

  1. dr. paul carters free assembly book will give you your footing.
  2. peter van eeckhoutte’s exploit writing tutorial is outstanding. its ten sections long, and very thorough, which i appreciate.
  3. while not as deep as the first two, skull security’s intro to assembly also provided some good insights.
  4. lastly, while much more broad and not strictly focused on assembly, i have found dan guido and crew’s stuff from nyu poly very insightful (its a college grad course for free, hard to beat that)

its great material, the hard part is finding the time to learn/read/watch it all.