This article is a collaborative work between 3 authors. This is our look back on the most famous public password leaks of 2012.

Authors: m3g9tr0n, Thireus, CrackTheHash | Copy Editor: Thireus.

Nowadays, different black hat hacking communities around the World are publishing their leaks on various online paste Web Services like Pastebin, Paste2.org, and others. The most common dumps of credentials are performed using SQL Injection exploitation. These leaks often contain elements such as usernames, passwords, addresses, zip codes, telephone numbers and even paypal accounts or credit card numbers. In a small amount of them, passwords are in plain text which makes hackers' job very easy.

In this article, we gathered a big amount of public published leaks with main purpose to check the strength of users' passwords and password policy which is applied for each service. Some well known leaks, included in our article, are LinkedIN, Stratfor, Gamigo, NVidia, Adobe and eHarmony. We are going to present our cracking techniques and tools which we used to crack passwords from these leaks. And as a gift gave to our readers, you will find attached to the end of this article a wordlist containing all cracked passwords from these leaks.

CRACKING METHODOLOGIES AND TOOLS… (m3g9tr0n)

The tools we used to accomplish our cracking process are John the Ripper and Hashcat-suite. In other words, we took advantage of both CPU and GPU powers.

When dealing with password cracking the most important thing is to know as many elements as possible about your target. For the case of Stratfor we had all the appropriate elements needed for effective password cracking. These are usernames, first name, last name and e-mails. Many users use their e-mail or username (or part of) as password or keyword. Knowing these information really speeds up the cracking process as it is more effective to create a wordlist based on these information for our first cracking step. On the other side,  LinkedIN and other well known leaks contained only hashes… that makes the cracking process more difficult and time consuming. But, with good rules and techniques some interesting results can be achieved. For better documentation, we are going to analyze each case separately by showing the techniques and custom rules.

Stratfor Case

Regarding Stratfor, we had all the appropriate elements needed for effective password cracking. The first action was to separate names, usernames, e-mails and encrypted passwords to different files. In a first attempt we used John the Ripper's --single attack which is a cracking attack purely based on usernames associated to hashes (the Hashcat-suite does not provide such an attack). The hashfile must have this kind of format for the attack to be effective:

John@yahoo.com:90560000032a57c389f686bd4eeccd4a
Kate@hotmail.com:d4c202003a0a66496df5c043ec1eaaac

• John the Ripper command for --single attack against MD5:

    m3g9tr0n@linux:~/JohnTheRipper-OMP/run/$ ./john --format=raw-md5 --single --pot=stratfor.pot Stratfor-hashes.txt
  

This kind of attack was able to crack many passwords. When I (m3g9tr0n) am trying to crack passwords, my first reaction is to apply effective rules against effective wordlists. As far as John the Ripper is concerned, I always try Single, Extra, Jumbo and rules presented in my first article in addition to some rules generated by Bartavelle. Regarding Hashcat-suite our favourite rules are best64.rule, best80.rule, passwordpro.rule, T0XlC.rule and d3ad0ne.rule.

• A typical example of a wordlist attack with John the Ripper is:

    m3g9tr0n@linux:~/JohnTheRipper-OMP/run/$ ./john --format=raw-md5 --wordlist=list.txt --pot=stratfor.pot --rules:Single Stratfor-hashes.txt
  

• A typical example of a wordlist attack with oclHashcat-plus (GPU based) is:

    m3g9tr0n@linux:~/oclHashcat-plus0.09/$ ./oclHashcat-plus64.bin -m 0 hashfile.txt list.txt -r rules/best80.rule -o hashfile-crack.txt --remove
  

During our cracking processes against Stratfor, we observed that many passwords contained the word "stratfor". Based on this observation, we considered to generate our own rule that appends or prepends this keyword at the beginning and at the end of each word of a given wordlist. The following code is an example of rule created for John the Ripper in the john.conf file:

[List.Rules:stratfor]
A0"[Ss][tT+][rR][aA@][tT+][fF][oO0][rR]"
Az"[Ss][tT+][rR][aA@][tT+][fF][oO0][rR]"

After cracking a big amount of passwords, we generated a custom charset with John the Ripper.

• A typical example to generate your own charset file with John the Ripper:

    m3g9tr0n@linux:~/JohnTheRipper-OMP/run/$ ./john --make-charset=stratfor.chr --pot=stratfor.pot
  

• And the associated incremental rule in john.conf file:

    [Incremental:stratfor]
    File = $JOHN/stratfor.chr
    MinLen = 10
    MaxLen = 31
    CharCount = 95
  

The charset file can be used to conduct Brute Force attack with John the Ripper based on Markov model.

• A typical example of Brute Force attack with Markov model in John the Ripper is:

    m3g9tr0n@linux:~/JohnTheRipper-OMP/run/$ ./john --format=raw-md5 --incremental=stratfor --pot=stratfor.pot hashfile.txt
  

We left John the Ripper to run for a large amount of time. Many passwords were cracked, but the most important was that a large amount of these recovered passwords using this method were 8 characters mixed upper, lower and numbers. Thus, we understood that Stratfor had a policy of generating either default or recovered passwords with this policy for their users. Our first thought was to use the pwgen utility in order to produce random passwords based on this policy.

• A typical example of pwgen to generate 8 characters mixed upper, lower and numbers:

    m3g9tr0n@linux:~/JohnTheRipper-OMP/run/$ pwgen -c -n -s -1 8 5
    Ch1NiIzz
    YrN5SSXL
    8CdcCJGG
    5YBIxBTt
    rmIW8ipN
  

Of course in our case we should generate more passwords and pipe pwgen’s output to John the Ripper or Hashcat-Suite. But this kind of attack is too slow. For that reason we should take advantage of the GPU. We applied Brute Force attacks via oclHashcat-plus.

• A typical example of Brute Force attack with oclHashcat-plus:

    m3g9tr0n@linux:~/oclHashcat-plus0.09/$ ./oclHashcat-plus64.bin -a 3 -1 ?l?d?u hashfile.txt ?1?1?1?1?1?1?1?1 -o hashfile-crack.txt --remove
  

This kind of attack took 2 days and 17 hours to complete with an ATI 5770 but it was only able to crack 48% of passwords.

• Some examples of cracked passwords generated from the Stratfor’s policy are:

    dd39ebf25b0892803c0edfdedfcf137a:4QnvJQKQ
    0adff76e3b3c2130fcb8d9cf476f947a:4Kjduu8J
    61b4f425867841330cec762d96df157b:4sFqqEnY
    ffee030ed8d97ad550e50b011d95b47b:2xdjVx7G
    728d78a787d7279cb0a007f5f68d817c:2DJsL9jE
    00ca874d657b3fcdddbb96121667ca7c:33g3UWcA
    73b87959e3d1ba6c97037f6ddb5be87c:3TSfVw9M
    9a4f0f28125c03323951283409c8187d:37nfZS6p
    01dfda585ff13b24ab1d276bfd58227d:2K2HHfKC
    7a4f94112cd50422740035dd80f52a7d:2s6KkegZ
    99ee4023fc71693006af30dbb25f477d:4f9ySQxR
    e46c4ccb9323566dbeb1a33967c94a7d:2SfXBWb7
    99aba8d7e69649332ac64e813a664b7d:4pZ7ZmjJ
    e5f706829a937c3fa5e430c81e926f7d:3YnxoEfy
    ffff9c930660fae4c9e9ace85a96a27d:2JTSA88Y
    0d7103e46a1c0f44df5c096b6e2ae17d:2ATb8ApH
  

eHarmony Case

Regarding eHarmony it seems that the website had a policy to covert all users' passwords to UpperCase. For example, if you had inserted, as a registered user, the password "p@$$w0rd", eHarmony’s system would have converted it to "P@$$W0RD".

The first thought that came up to my mind was to write a simple rule for John the Ripper to convert all my wordlists to uppercase characters:

[List.Rules:eharmony]
u

Then, I applied this Rule to John the Ripper and a large amount of passwords were cracked very fast:

m3g9tr0n@linux:~/JohnTheRipper-OMP/run/$ cat ../Wordlists/* | ./john --format=raw-md5 --pipe --pot=eharmony.pot --rules:eharmony hashfile.txt

Due to the fact that my wordlists do not contain only uppercase letters, numbers and symbols it was a waste of time to apply other rules against eHarmony hashes. So I decided to convert the most effective wordlists to uppercase characters, using the above mentioned rule, and apply some specific rules:

• Convert a wordlist to uppercase with John the Ripper:

    m3g9tr0n@linux:~/JohnTheRipper-OMP/run/$ cat ../Wordlists/* | ./john --pipe --rules:eharmony --stdout > ../Wordlists/UpperList.txt
  

Then, I used the --wordlist attack with John the Ripper using the following rules (it is just a sample to which you can add more rules):

$[1]$[2]$[3]
^[S]
$[T]$[E]$[R]
^[P]
$[M]$[A]$[N]
^[M]
^[B]
^[C]
^[A]
^[A]^[P]
^[T]
$[I]$[N]$[G]
^[A]^[M]
^[S]^[A]^[P]
$[P]$[B]$[B]
$[R]$[T]$[Y]
^[D]
$[E]$[R]$[S]
^[H]
$[P]$[E]$[R]
^[F]
$[G]$[E]$[R]
^[G]
$[K]$[E]$[R]
^[K]
$[S]$[O]$[N]
^[R]
^[L]
$[I]$[N]$[E]
^[P]^[H]^[P]
$[I]$[O]$[N]
^[J]
$[V]$[E]$[R]
^[W]
$[E]$[S]$[T]
^[H]^[P]
$[D]$[E]$[R]
^[N]
$[K]$[E]$[Y]
^[H]^[C]
$[O]$[N]$[E]
^[E]
$[A]$[S]$[S]
^[E]^[W]^[Q]
^[A]^[S]
$[T]$[O]$[N]
^[E]^[D]
$[D]$[O]$[G]
^[W]^[Q]

Of course, you can always generate your own rules or modify existing custom rules contained in the john.conf file. In addition to this, Hashcat Suite's rules can be used. One simple rule is to use the keyword "EHARMONY" at the beginning or at the end of each word:

[List.Rules:eharmony]
A0"[E][H][A][R][M][O][N][Y]"
Az"[E][H][A][R][M][O][N][Y]"

For people who do not own strong hardware and adequate disk space, Hashcat-suite contains a powerfull parameter which has to do with combination. In other words, you can combine each word of your first wordlist with the other.

• Thus, I generated some wordlists via crunch, such as the following one of 4 ualpha-numeric characters:

    m3g9tr0n@linux:~/crunch3.1/$ ./crunch 4 4 -f charset.lst ualpha-numeric -o 4-list.txt
  

• And used combination attacks with oclHashcat-plus:

    m3g9tr0n@linux:~/oclHashcat-plus0.09/$ ./oclHashcat-plus64.bin -a 1 hashlist.txt ../crunch3.1/4-list.txt ../crunch3.1/4-list.txt -o hashfile-crack.txt --remove
  

Methodology for Other Leaks

Regarding other leaks such as Nvidia, Gamigo, Adobe, Project Whitefox, LinkedIN and various unknown leaks collected from Pastebin, the tools and methodology are the same. The only difference is that in each situation we have to create custom rules that refer to the name of the platform/website or by guessing some keywords.

• John the Ripper Rules for Nvidia:

    [List.Rules:nvidia]
    A0"[Nn][Vv][iI1][Dd][iI1][aA@]"
    Az"[Nn][Vv][iI1][Dd][iI1][aA@]"
  

• John the Ripper Rules for Adobe:

    [List.Rules:adobe]
    A0"[Aa@][Dd][oO0][bB][eE]"
    Az"[Aa@][Dd][oO0][bB][eE]"
  

You can also create similar rules for Hashact-Suite.

Another effective technique is the fingerprint attack. This is an attack that is focused on using cracked passwords against the remaining hashes.

• To isolate cracked passwords from .pot files (John the Ripper or Hashcat-suite) use:

    cut -d: -f2- john.pot | sort | uniq > list.txt
  

• In Hashcat-suite to isolate MD5 cracked passwords (from output with the -o option), use:

    cut -b34- crack-file.txt | sort | uniq > list.txt
  

Then you can try all the rules mentioned above. From my own experience this technique has always great results.

ADVANCED PASSWORD CRACKING FOR HUNGRY PASSWORD CRACKERS… (Thireus)

During your cracking sessions you may certainly have noticed that most of the passwords used by users are always made of "keywords". This can easily be noticed when dealing with big leaks such as LinkedIn, Gamigo or Stratfor. These keywords are interesting for us, as they are used by users consciously or unconsciously in their passwords. Fortunately for us, lot of users use the same keywords and if you want to go further in your cracking process the main idea will be to use these keywords as roots for generating new passwords. In this article section I (Thireus) will introduce you a new cracking technique based on this idea. But first of all let me explain what those keywords are exactly and why they can be so useful…

About "Keywords"…

Basically keywords can be described as passwords or part of passwords that appear as intelligible or used by multiple users. Let's focus on the following example:

Il0v3soph
il0v3sam
k4r3nl0v3sk4t3
l0v3s3at
l0v3s3x
Myl0v3s

These passwords have the keyword "l0v3s" in common, which can be found at the beginning, at the end or in the middle of the password. A common mistake would be to think that re-using these passwords with various rules will make more "l0v3s" based passwords appear, which is false because most of the rules you use will never extract the "l0v3s" pattern only, but combine or transform each of these passwords… And yet, you keep thinking that there should be more words containing this keyword… and you are right!

As explained in this section’s introduction, keywords are not just words, they are part of passwords that are intelligible or repeated among multiple users' passwords. Here are some example of keywords:

inked
_123
assword
!)!

Keywords can be anything intelligible or not. The most important think about keywords is that they are not random, ideally generated by humans AND have a high probability to appear in other passwords. Of course keywords can be part of other keywords, for example:

inked –> Linked, linked, winked, inkedIN, etc.

Another nice property of keywords is that they are independent of the password size. And a weak password (understand easily crackable with BruteForce/Rules/Wordlists) can contain a specific keyword, that you can reuse to crack other strong passwords. Let's see for example how the following passwords have been cracked:

a6fee417cdc11a71ac5da0ebb9cd20acb93d2959:M00linkedin13
ebf1570c045011b27706a28eb4c857a5b994cf47:0linkedin1-us2

M00linkedin13 –> Was cracked because it contains the keyword "linkedin13" which is part of more than 40 other linkedin passwords and is also a weak linkedin password. M00linkedin13 = 3chars + keyword

0linkedin1-us2 –> Was cracked because it contains the keyword "0linkedin1" which is part of “M00linkedin13” and 1 other linkedin password. 0linkedin1-us2 = keyword + 4chars

The padding technique – CTH_WordExtractor

So the main idea that can cross your mind would be to manually analyse your cracked passwords and look for good keywords, to finally write rules based on these few keywords… But what if there are so many keywords that you can't even complete all this work manually? The answer is to have a keyword extractor based on your results, and CTH_WordExtractor.sh (from my “Crack That Hash” project) is the script I have created for this purpose!

You can get the script here: CTH_WordExtractor.sh

This script helps you to extract all potential keywords directly from your current pot file. Basically what this script does is:

1. Read all passwords and use a padded window which padding and size vary from X to Y as defined by the user.
2. Sort extracted words by size and for each word count its redundancy in all passwords.
3. Ask the user to select a range of redundancy to select only good words. In other words to select real "keywords".
4. Generate keyword wordlists from X chars to Y chars to be used by the user.

In the case of LinkedIN passwords, a 4-6chars keyword wordlist would contain the following keywords (this is just a sample):

inke
inked
link
Link
linke
Linke
linked
Linked

This wordlist will be used to append and prepend characters using BruteForce and Mask attack (which is the most effective). As you can see, most of these keywords are part of other keywords… and you can think this is actually very bad in term of performances… but it is not… let’s see why.

Let’s take the example of the "inke" keyword…

BruteForce + Mask attack with ?l will generate 26 possibilities per keyword:

inke –> ?l + inke = 26 combinations

But ONLY 1 will cause a repeated password which is "linke".

The next step of the process will be to use BruteForce + Mask attack with ?l?l which will generate 26^2=676 combinations per keyword:

inke –> ?l?l + inke = 676 combinations

But ONLY 26 will cause repeated passwords which are those that have been generated by ?l + "linke".

etc.

And for sure, we have been able to recover all passwords containing the keyword inke, including unexpected passwords such as:

$dynamic_26$00000cd9fb6fe9d200144077861d4dc70c7d4798:reinke
$dynamic_26$00000efc970e5f2edc1bf34fea284e930b677c19:twinke
etc.

The Proper Way to Use Generated Keyword Wordlists

First of all, this technique becomes more effective and useful when you reach your limits with other classic cracking techniques. Meaning that if you want to have a very good keyword wordlist you need a very big pot file.

Then, this technique must be used with GPU BruteForcing + Mask attack or using combination attacks. Applying classic John the Ripper or Hashcat rules on the keyword wordlist will not be effective at all and will be very slow. In this article I will only take as example the GPU BruteForcing + Mask attack.

• First of all, we need to generate our keyword wordlists from 4 to 14 chars. Let's do this for the john.pot of our LinkedIN cracked passwords:

    $ ./CTH_WordExtractor.sh 4 14
  

Other settings can be found in the CTH_WordExtractor.sh script such as padding limits.

• This is the list of wordlists generated:

    $ ls CTH/
    CTH_WORDLIST_FINAL_10-10.dic CTH_WORDLIST_FINAL_4-6.dic CTH_WORDLIST_FINAL_6-9.dic
    CTH_WORDLIST_FINAL_10-11.dic CTH_WORDLIST_FINAL_4-7.dic CTH_WORDLIST_FINAL_7-10.dic
    CTH_WORDLIST_FINAL_10-12.dic CTH_WORDLIST_FINAL_4-8.dic CTH_WORDLIST_FINAL_7-11.dic
    CTH_WORDLIST_FINAL_10-13.dic CTH_WORDLIST_FINAL_4-9.dic CTH_WORDLIST_FINAL_7-12.dic
    CTH_WORDLIST_FINAL_10-14.dic CTH_WORDLIST_FINAL_5-10.dic CTH_WORDLIST_FINAL_7-13.dic
    CTH_WORDLIST_FINAL_11-11.dic CTH_WORDLIST_FINAL_5-11.dic CTH_WORDLIST_FINAL_7-14.dic
    CTH_WORDLIST_FINAL_11-12.dic CTH_WORDLIST_FINAL_5-12.dic CTH_WORDLIST_FINAL_7-7.dic
    CTH_WORDLIST_FINAL_11-13.dic CTH_WORDLIST_FINAL_5-13.dic CTH_WORDLIST_FINAL_7-8.dic
    CTH_WORDLIST_FINAL_11-14.dic CTH_WORDLIST_FINAL_5-14.dic CTH_WORDLIST_FINAL_7-9.dic
    CTH_WORDLIST_FINAL_12-12.dic CTH_WORDLIST_FINAL_5-5.dic CTH_WORDLIST_FINAL_8-10.dic
    CTH_WORDLIST_FINAL_12-13.dic CTH_WORDLIST_FINAL_5-6.dic CTH_WORDLIST_FINAL_8-11.dic
    CTH_WORDLIST_FINAL_12-14.dic CTH_WORDLIST_FINAL_5-7.dic CTH_WORDLIST_FINAL_8-12.dic
    CTH_WORDLIST_FINAL_13-13.dic CTH_WORDLIST_FINAL_5-8.dic CTH_WORDLIST_FINAL_8-13.dic
    CTH_WORDLIST_FINAL_13-14.dic CTH_WORDLIST_FINAL_5-9.dic CTH_WORDLIST_FINAL_8-14.dic
    CTH_WORDLIST_FINAL_14-14.dic CTH_WORDLIST_FINAL_6-10.dic CTH_WORDLIST_FINAL_8-8.dic
    CTH_WORDLIST_FINAL_4-10.dic CTH_WORDLIST_FINAL_6-11.dic CTH_WORDLIST_FINAL_8-9.dic
    CTH_WORDLIST_FINAL_4-11.dic CTH_WORDLIST_FINAL_6-12.dic CTH_WORDLIST_FINAL_9-10.dic
    CTH_WORDLIST_FINAL_4-12.dic CTH_WORDLIST_FINAL_6-13.dic CTH_WORDLIST_FINAL_9-11.dic
    CTH_WORDLIST_FINAL_4-13.dic CTH_WORDLIST_FINAL_6-14.dic CTH_WORDLIST_FINAL_9-12.dic
    CTH_WORDLIST_FINAL_4-14.dic CTH_WORDLIST_FINAL_6-6.dic CTH_WORDLIST_FINAL_9-13.dic
    CTH_WORDLIST_FINAL_4-4.dic CTH_WORDLIST_FINAL_6-7.dic CTH_WORDLIST_FINAL_9-14.dic
    CTH_WORDLIST_FINAL_4-5.dic CTH_WORDLIST_FINAL_6-8.dic CTH_WORDLIST_FINAL_9-9.dic
  

CTH_WORDLIST_FINAL_4-14.dic for example means WORDLIST from 4 to 14 chars.

• Then we can select a specific wordlist to be used by cudaHashcat-plus or oclHashcat-plus:

    $ ./cudaHashcat-plus64.bin -m 100 -a 6 -1 ?a ../LEFT_LINKEDIN_CLEANED.txt ../CTH/CTH_WORDLIST_FINAL_4-11.dic ?1?1?1?1 --remove --gpu-temp-abort=110
  

In this example, CTH_WORDLIST_FINAL_4-11.dic has been chosen because oclHashcat-plus/cudaHashcat-plus has a limit of 15 chars for hash computation. Which means you will never be able to crack passwords that are more than 15 chars long… And that's why if you use a mask attack of 4 chars to be bruteforced you must use a wordlist containing words limited to a size of 11 chars.

• This is an output sample:

    499896a0a104c0be6d7e578f9257e56e2dd97b31:rottweiler3:!^
    556cdfaabedd4a90c23627782ab7eb7a4d709565:LinkedInMakes$
    e5386e1f0de44840a987c4d0840accbe2573511f:NetworkingLuv!
    08e7c2d275a68e1519c8b0842c68601b7ba6274a:19linkedin_68!
    359e2430b1e4352f1577575b7ca1ae6866131820:linkedinmym99!
    8e6139a4503dd34297e32df7ea4cedc4275d3a85:linkedin15c00!
    df0fdf12590705e9c3ef6edb6f59323e3de6a70b:linkedinl1ng0!
    79984358590405280bca6e43d331465bdb586746:linkedin81*&1$
    49cd314ab02e393171bcf1bf13099f55495b2c2e:Linkedin12kay#
    7813dc98e26938e83f4475c32bbd07a3fb81b473:linkedin69TJK]
    cc307a7d9e40b00c0100bc049c397b817aa0a274:linkedin12914??
    33f13bb3b861c0e5fc82b10fba7857107e079884:steelwindows@77
    3dd28c9d9cc4f646c254d6b4570e8bc6268b020b:artdirector@nsa
    44bdcefe2a698925c57d80712763245d07326704:yaslinkedin@yas
    8aa482c9989df0def8756e545457ebf206da9895:Linkedin151$cdu
    56267a448f53e5d6095844152310d12e52b710aa:thundercats@83a
    a5949feca9f34d7042aaffe537db0e2d298c572f:linkedin13713@@
    fab9ae4accf0b5766489c7760f4ee52582940d3c:missinglink=wwd
    1d92639e0279840b8d00a2d7793c291838664c6c:my-linkedin-pwd
    a1bac77b4fe610ec13300d246ad882a68f0fedda:Interactive@ln1
    90ba89bfa42002d8e6fb4fe3728bcbcd6605b49c:Inspiration.SSN
    [s]tatus [p]ause [r]esume [b]ypass [q]uit => s
    Status.......: Running
    Input.Base...: File (../CTH/CTH_WORDLIST_FINAL_4-11.dic)
    Input.Mod....: Mask (?1?1?1?1)
    Hash.Target..: File (../LEFT_LINKEDIN_CLEANED.txt)
    Hash.Type....: SHA1
    Time.Running.: 1 day, 7 hours
    Time.Left....: 3 hours, 59 mins
    Time.Util....: 112529717.4ms/0.0ms Real/CPU, 0.0% idle
    Speed........: 35724.6k c/s Real, 36175.5k c/s GPU
    Recovered....: 292/1086109 Digests, 0/1 Salts
    Progress.....: 4020080601574/4533053083750 (88.68%)
    Rejected.....: 0/4020080601574 (0.00%)
    HWMon.GPU.#1.: -1% Util, 82c Temp, -1% Fan
  

And as we can see some interesting keywords have been selected, such as "rottweiler", "Networking", "Interactive", "artdirector", "Inspiration", and of course keywords containing the word "linkedin".
You can also notice that I'm not using a very powerful GPU, but a laptop with a "NVIDIA NVS 3100m" chip. So you can imagine how powerful this method can be with a better GPU!

To conclude on my new technique, I would say that it was very successful. I've been able to recover more than 1 million passwords after having exhausted all the classic techniques I normally use, and that in just 13 days with a NVidia GTX 480 and an AMD HD6870. This 1 million result was mainly against Gamigo, eHarmony and Stratfor and after an initial achievement of about 80% recovered passwords. And one thing to consider is that to go further in the cracking process and have an optimized cracking methodology, I preferred merging multiple MD5 leaks into one big MD5 leak and use this technique against the merged pot file to generate my keywords. As explained before, you will find this technique more useful in the case of very big leaks and very big pot files.

Please consider my CTH_WordExtractor.sh script as a Xmas gift. I would love to receive feedbacks about your results with it. Of course, if you have ideas to ameliorate this script or this technique do not hesitate to contact me.

METHODOLOGY TO GENERATE EFFECTIVE WORDLISTS… (CrackTheHash)

The main purpose of most of the classic cracking techniques are to guess the most common patterns in users' passwords. Those techniques are either dealing with rules or wordlists, but in any case for them to be the most effective possible they need good candidate passwords as root of the technique process. But how can you find those good candidate passwords? The purpose of this part will be to explain a technique to find fresh new candidates from various sources such as Pastebin or Twitter.

First of all, to understand what brought me (CrackTheHash) on this methodology field, you need to know something about my hardware resources. They are very limited! I just own a dual-opteron with 2GB RAM. And for this reason, I do not want to exhaust my CPU for cracking hashes that everyone can easily recover. So I decided to focus my research on finding sources of good candidate passwords to be used for cracking techniques.

In order to know what we are looking for, let's write some principles that will rule our research. Those principles are based on the password characteristics for them to match at best the requirements of good candidates. And they are the following:

1. Password candidates must be up to date.
2. Password candidates must be representative of what people may use.
3. Password candidates must be multilingual (passwords in Russian, Chinese, Greek, Farsi, etc.).
4. Password candidates must be available in large quantity.

There are multiple sources on the Internet where you can find a large amount of data containing password candidates, but only a few will fill those requirements. For the needs of this article we will focus only on two platforms and sources of good password candidates, Pastebin and Twitter.

Pastebin

Pastebin is probably the first Web location where you can find lot of fresh leaks and various user data. What is very interesting in most of the leaks we can find on Pastebin is that they often include real passwords in plaintext. So, monitoring Pastebin is quite interesting and useful to get fresh new candidate passwords. On top of that, there are several resources on the Internet, that will help you to monitor and download the latest Pastebin leaks. Portals like Leakedin, @Pastebindorks or @PastebinLeaks or projects like pastemon and pasteminer are good examples of sources and tools you can use.

Unfortunately, in order to generate effective wordlists you have to create some further scripting because the data does not come very well parsed. The first step and ordinary solution to parse the Pastebin data is to generate a wordlist using the space or tab character as separator and replace it with a line break. This way may lead to miss some interesting candidates as in some leaks or cracking results. Most of the time you will find lines containing "username:password", "username | password" or even worse, direct sqlmap output, etc. So you have to be clever and find the best way to parse those leaks to create useful wordlists.

In any case, Pastebin can help us to build useful wordlists, because everyday new leaks are uploaded. The produced wordlists are not that amazing in term of quantity, but usually their content is valuable.

Twitter

Nowadays people tend to use sentences or combination of words for their passwords. They have been advised to do this as it is considered to be a strong and easy to remember way to create passwords. So I decided to use one of the the best sentence generator ever… Twitter! Indeed, everyday people generate tweets with fresh content and in this case our password candidates are just what people are saying.

The most important thing about Twitter is that this social platform generates a lot of public and fresh data, is international and tweets are short enough to be parsed individually! On top of that, wordlists generated via Twitter can continuously feed John the Ripper.

So the first step is to grab live Twitter' content. In order to achieve this, Twitter provides a live-feed query that gives you a full json of tweets with all the data you need. The only elements that are required to perform this query are a valid Twitter username and password:

curl --user <username>:<password> https://stream.twitter.com/1.1/statuses/sample.json

To get only the tweet content you have to parse it a bit. First we may need the -m argument of curl to timeout just in case of network trouble and then grep the data received with the keyword "text".

curl -m 10 --user <username>:<password> https://stream.twitter.com/1.1/statuses/sample.json | grep \"text\"

Once received, the result must be parsed because it comes with Unicode escaped characters. Something like the following script will do the trick:

import json, sys
for data in sys.stdin:
  jj=json.loads(data)
  twit=jj["text"]
   print twit.encode('utf-8')
print "done"

The above few lines of Python code can be directly used to generate candidate passwords, which means keeping the whole sentence of the tweet. Another approach is to use each word of the tweet as a candidate password. Furthermore, an interesting idea is to combine tweet words with others.

What we can do is generate combinations of 4 words. Best results are by combining with or without space separators.

Here is a small Python script I wrote to perform this task, the input file is "tweets.txt":

    import sys
    def combinations(words, length):
        if length == 0:
            return []
        result = [[word] for word in words]
        while length > 1:
            new_result = []
            for combo in result:
                new_result.extend(combo + [word] for word in words)
            result = new_result[:]
            length -= 1
        return result
    filein=open("tweets.txt","r")
    linesin=filein.readlines()
    for i in linesin:
      thisline=i.rstrip("\n").split(" ")
      for j in combinations(thisline,4):
        print '%s' % ''.join(map(str,j))
        print '%s' % ' '.join(map(str,j))
      for j in combinations(thisline,3):
        print '%s' % ''.join(map(str,j))
        print '%s' % ' '.join(map(str,j))
      for j in combinations(thisline,2):
        print '%s' % ''.join(map(str,j))
        print '%s' % ' '.join(map(str,j))
      for j in thisline[:]:
        print j

As far as size is concerned, 10 seconds of live Twitter feed will give you about 1.5 MB and about 600 tweets. This size can be reduced down to 50 KB when keeping only the parsed tweet contents. This combination script will give you around 50 Million candidate passwords to test.

Those two approaches, are not the most effective for cracking million passwords. But for sure, they will give you interesting results such as passwords considered as very strong that have even resisted to lots of GPUs' on fire.

CONCLUSION

As you might expect, we are not professional password crackers. Password cracking is a hobby for us. Actually, our hardware resources are limited. And bruteforcing passwords is not the most time friendly way, unless you own many GPUs and strong hardware. For this reason, we are trying to discover new and effective techniques to crack complex passwords.

But always keep in mind that any platforms, websites and online services are never entirely protected against hacking and data leaks. So we would like to give some advices in order to protect your passwords in case critical scenarios such as the LinkedIN leak happen:

• Never share passwords
• Never use the same password
• Always use strong passwords
• Do not use common words
• Change your passwords on a regular basis

We hope you enjoyed reading this article. Find attached at the end of this article our new wordlist as a late Xmas gift. And of course…

HAPPY NEW YEAR 2013!!!

ABOUT THE WORDLIST

75.8 MB - M3G_THI_CTH_WORDLIST_CLEANED.zip

Leaks

LinkedIN
Gamigo
Adobe
Blizzard
eHarmony
Geissens
NVidia
Stratfor
Project Whitefox
Various leaks collected from Pastebin

Some Results

LinkedIN*:
        Loaded 6458020 password hashes SHA-1 LinkedIn
        Remaining 1078419 password hashes
LinkedIN**: (CLEANED NO DUPS)
        Loaded 5787239 password hashes SHA-1 LinkedIn
        Remaining 880786 password hashes
Gamigo:
        Loaded 7004341 password hashes MD5
        Remaining 1019934 password hashes
Adobe:
        Loaded 630 password hashes MD5
        Remaining 95 password hashes
Blizzard:
        Loaded 15932 password hashes MD5
        Remaining 4967 password hashes
eHarmony:
        Loaded 1513805 password hashes MD5
        Remaining 134345 password hashes
Geissens:
        Loaded 32502 password hashes MD5
        Remaining 4180 password hashes
NVidia:
        Loaded 791 password hashes MD5
        Remaining 354 password hashes
Stratfor:
        Loaded 822666 password hashes MD5
        Remaining 58694 password hashes

*, ** The initial LinkedIN hashlist contains 00000ed and non-00000ed SHA1 hashes. A lot of 00000ed hashes still have their duplicate non-00000ed hash in the list. For instance, if you crack the initial LinkedIN hashes with our wordlist you will find 473148 duplicates between 00000ed and non-00000ed, and if you are using John the Ripper with --format:raw-sha1-linkedin you will need to run the process twice to write duplicates (either the 00000ed or non-00000ed version) in your POT file. If you have already considered duplicates as non-useful, then the right results to consider are the ones from the CLEANED version.

Some Pipal Analysis

• LinkedIN:

9 KB - m3g_thi_cth_wordlist_linkedin_pipal.txt

• Gamigo:

9 KB - m3g_thi_cth_wordlist_gamigo_pipal.txt

• eHarmony:

9 KB - m3g_thi_cth_wordlist_eharmony_pipal.txt

• Stratfor:

9 KB - m3g_thi_cth_wordlist_stratfor_pipal.txt

FINAL NOTICE

The wordlist provided in this article has been created using all the presented cracking techniques against public leaks only. Do not expect to find new passwords using the same leaks and techniques presented here.

As always it is up to the reader to use this wordlist to do password recovery. We do not take any responsibility if some of your passwords can be found in this wordlist or be recovered using our techniques. Be aware that the best way to protect you is always to change your passwords as often as possible.

Related terms:

• rockyou yahoo wordlist
• john the ripper rules
• famous passwords
• wordlist
• john the ripper mask
• korelogic rules best80
• john the ripper dynamic conf
• leakedin paypal accounts
• leakedin paypal
• cudahashcat 1 31

Android and iOS devices are today a prime target for hackers, and for a good reason, two of the main factors of the perfect attack are combined while exceeding any of the attacker's expectations.

This article is about the ironha1l Tool Suite I have created. This article is intended to provide an understandable explanation about the problematic I faced during my research to develop ironha1l. You will also find in this article a lot of relevant information if you are a jailbreak beginner. Most of the information here are part of my own research but also comes from external sources. I tried to remain as reliable as possible. Feel free to comment my work!

Updates: (subscribe to my twitter to get notified)

• 10/10/2012 – ironha1l sources available!

Why attacking smartphones with smartphones?

The primary factor is the quality and relevance of the information available on iOS and Android devices. Smartphones like the iPhone and the Galaxy SIII to name but a few, have been created to assist a large majority of our daily activities. Consequently, they contain a huge amount of data about our life and habits such as address book, pictures, emails, text messages, GPS location data history and much more. We can also find web browser history and all cache, credentials and data of third party applications such as online banking applications.

The second factor is accessibility, and even more so, the huge amount of attack vectors. These operating systems are mainly used in mobile phone devices and provide many access points for potential attacks. First of all, the mobile aspect of these devices can be used for data injections via the baseband, meaning injections via 3G/Edge/GSM protocols with text messages and voice calls. And even further, some attacks can be made on SIM cards, for example spoofing adapters are mainly used today for unlocking. More wireless access points such as WiFi, Bluetooth, IrDa, NFC constitute a large part of the vector attack panel and can be used to remote access the targeted device. Finally, some last attack vectors such as USB, serial port, SD card reader, audio port, touchscreen and camera provide to the attacker some physical and potentially vulnerable access points.

https://www.youtube.com/watch?v=JTOsiGXnILU

About the PoC scenario and its limitations

The main idea I had about a smartphone security related scenario was to show the two aspects described in this foreword. The revolutionary aspect of these mobile operating systems in term of functionality versus their incredible weakness in term of security. Therefore, the attacker is equipped with an Android 4.0 (Ice Cream Sandwich) smartphone in the aim to access sensitive data of an iOS unjailbroken device such as iPhone 3GS/4, iPod Touch 3G/4G or iPad according to the limera1n exploit limitations. The iOS version does not matter here, as the limera1n exploit does not depend of the operating system version running on the device. The attacker has only one constraint, which is to use the USB port of both devices to inject data and proceed to the data theft from Android. The aim of the attacker is to get the maximum amount of sensitive data available on the iOS device, such as pictures, emails, contacts, etc. The attack must be fast and discreet (a few minutes), and must be cancellable at any time. The use of an Android smartphone as been preferred for these reasons, due to its discretion, offensive functionalities and performances.

In this article, the term iDevice is used to refer to any iOS devices vulnerable to the limera1n exploit.

Bypassing iOS security

Before going further it is important to enumerate some of the main security features available on iOS. The same goes for the architecture security features, particularly the boot process and partitioning system.

iOS partitioning system and its biggest security feature

All iDevices have the particularity to contains a 8GB to 64GB flash memory split in two distinct partitions. The first one in read only contains the operating system iOS while the other one is dedicated to user data and have read and write permissions. The data partition contains user documents, applications, pictures, and other various user files. This flash memory is hardware encrypted using an AES-256 crypto-processor soldered on the iDevice motherboard right on the path between flash memory and RAM. Meaning that anything that comes from the flash memory to go in RAM is decrypted and anything that comes from RAM to go in the flash memory is encrypted. Nothing can transit without being encrypted/decrypted by the crypto-processor, thus you cannot manually extract the flash memory and read data from it, because everything is encrypted with AES-256.

UID (Unique ID) and GID (Group ID) are two keys soldered inside the crypto-processor and used to encrypt or decrypt. These keys are only accessible by the crypto-processor itself, they cannot be software requested or dumped (hypothetically a covert channel attack could do the trick). The UID key is unique for any iDevice and is not registered in Apple Databases (but we do not have proof for that), the GID key is the same for iDevices of the same class, meaning for example that any iPhone 3GS will have  the same GID key but each one will have a unique UID key. On top of that, these keys can be combined in addition to the passcode key (derived from the user passcode to unlock the iDevice) or any other external key, which creates various protection classes.

These protection classes are then used to encrypt some user data on top of the already hardware encrypted flash memory. Thus, if you successfully access the data partition, some files will remain encrypted with either the passcode key or other external keys combined to the UID key, which is the case for emails for example. So once the iDevice is locked, files are completely secured due to the missing passcode key. And brute-forcing the passcode key can only be achieved on the iDevice, because the decrypt function is called inside the crypto-processor which combine the given key with the UID key.

According to iOS Hacker’s Handbook it takes about 18 minutes in the worst case scenario to bruteforce a 4 digits passcode (iOS default scheme), which is even worse if the user changes his passcode for a alphanumerical passcode (in that case it can take years to bruteforce). There are no time limitations in case you bruteforce the passcode directly by calling the decrypt function of the crypto-processor. But in the case you attempt to manually bruteforce the passcode directly from the iOS unlock screen you will face these limitations that exponentially increase when a wrong passcode is entered.

Fortunately for attackers, only a few amount of data files are encrypted using the passcode key. Most of the files remain unencrypted, and some protections I talked about here were implemented during the iOS development. Meaning that old iOS versions are less protected that the newest ones, unfortunately the ones I presented here are all integrated to iOS 5.

Various exploits but only one goal

There are three categories of exploits on iOS, each one refers to a particular boot module of iOS.

• Bootrom (also called SecureROM by Apple) Exploits
• iBoot Exploits
• Userland Exploits

Bootrom exploits are the most powerful, because the bootrom is the first piece of code executed on the iDevice boot process. This bootrom is read only and cannot be updated nor modified, it is soldered on the iDevice. Thus a bootrom vulnerability cannot be fixed by Apple on existing and already sold devices. Actually there are only one bootrom exploit, which is called limera1n and created by George Hotz. This bootrom vulnerability has not been patched by Apple until the next hardware revision with Apple A5 processors and upper (meaning iPhone 4S, iPad 2, etc.) only  iPhone 3GS/4, iPod Touch 3G/4G and iPad are vulnerable. The limera1n exploit breaks the signature check for any elements of the boot process, meaning you can boot with an alternated or custom boot chain. In addition to that a bootrom exploit can be used to decrypt Apple GID encrypted files contained in IPSW archives (used to restore or upgrade iDevices). IPSW contains iOS and various GID encrypted data, that can be decrypted using with such an exploit by calling the crypto-processor function that uses the GID key. Attackers can then patch and alter these decrypted files for their own purpose, inject and boot with these files by the use of limera1n.

iBoot is the boot process part that launches the iOS kernel. These kind of vulnerabilities can lead to an untethered Jailbreak. Finding a vulnerability at this level is as powerful as a bootrom vulnerability in term of functionalities. Unfortunately such a vulnerability can be quickly patched by Apple in a next iOS update. iBoot vulnerabilities are not used in ironha1l, but it is important to have in mind the entire boot process for the next part of this article.

Finally, userland vulnerabilities are at the top level of iOS at the same level of running iOS applications. Exploiting such a vulnerability is very hard, and only allows the attacker to access mobile (or root) privileges. But yet, the attacker needs first to get out of the sandboxed application where the vulnerability was exploited. I will not talk more about this kind of exploit here.

DFU mode

The DFU mode (Device Firmware Update) is a special mode in which the device loads a specific code from the bootrom. This mode is also available in the Nintendo DS for example, and is not Apple property. This executed code allows the device to accept boot elements from the sync port of the iDevice (I prefer calling it the USB port). This DFU mode is mainly used when the device is software bricked, and even if the classic restore mode of the iDevice is broken. The DFU mode once detected by iTunes will receive boot elements from it. Those elements are from the IPSW archive, and are composed of iBSS, iBEC, DeviceTree, KernelCache and Ramdisk. The ramdisk file is a container which contains a very basic version of iOS only used to flash the device with a new iOS version sent by iTunes. This ramdisk is a very good basis for an attacker to access the iDevice partitions.

To put your iDevice in DFU mode, you first need to connect it to a USB host device, to boot the iDevice while maintaining the HOME and POWER button pressed during 8 seconds, then release the POWER button only while maintaining the HOME button still pressed. After some seconds, the iDevice should be in DFU mode. This mode is visually indistinguishable, only the host device knows if the connected iDevice is in DFU mode as it receives a DFU notification.

In 2012, George Hotz publish his limera1n exploit which allows the use of unsigned boot elements on vulnerable iDevices. This vulnerability is a memory overflow in the bootrom. With such an exploit, jailbreakers are able to modify the iOS ramdisk used in DFU mode, for example by editing the /sbin/launchd binary which is used to launch other binaries and scripts at boot, such as mounting partitions in read and write mode. This launchd binary will be used for example to execute sshd on our ramdisk.

Tumbling down the rabbit hole

* This part is dedicated to the development and creation of the ironha1l and DFOwn tools. Those tools were created to inject and execute a custom ramdisk containing a SSH server on a targeted iDevice using an Android device.*

USB reverse

As previously described, what is interesting for us is to exploit the bootrom vulnerability with limera1n in order to inject a custom boot chain on the targeted iDevice. Actually, jailbreak software such as Redsn0w can do that, but our aim here is quite different as we intend to do it with an Android phone, and there are no such existing tools for this operating system.

We have two choices. The first one is to modify existing and open source jailbreak tools and port them for Android platform. The second choice is to create a totally new tool optimized for Android. Given the aim to have a mastered full tool suite, and because I had time to learn and I love challenges, I decided to give a try to the second alternative. Consequently, USB reverse engineering in DFU mode was required to establish how data is sent to the iDevice and what are the USB transfer modes, headers and commands used for all the steps of the boot chain.

It is first necessary to create an USB debug environment or as I like to call it, a Man In The Middle USB. There are several ways to do this, either you can directly reverse each element of the boot chain to understand how the following elements must be injected, or you can modify the Mac OS or Windows USB driver to activate the USB debug mode, you can also use a sniffer device between attached to your USB cable, or you can even directly use a Windows Virtual Machine on your Linux system. In this last case the use of Wireshark running on Linux will do the trick, as it can sniff USB communications, especially in our case the USB communications between iTunes running in the Windows VM with our attached USB iDevice. This last method is quite buggy, but allows us to see the USB communication protocol quite easily.

[

The full description of the DFU mode is in the meantime available in the Universal Serial Bus Device Class Specification for Device Firmware Upgrade publication. With the help of this documentation and various USB headers and requests sniffed with Wireshark, the exact iTunes behavior for data transfer in DFU mode has been established. It is important to note that all communications are in clear text, same apply for commands sent to the iDevice which are associated to each part of the boot process. Another observation, is that header values are specific to Apple and not documented.

Development of libironha1l and ironha1l

The biggest step in this project was to create the ironha1l tool and its library libironha1l. This library provides functions to inject data to the iDevice in DFU mode and is strictly based on libusb. The principal advantage of this last point is the portability of libusb, and its compatibility with Android. ironha1l is the application that coordinates all the various injections of our custom boot chain, based on the DFU protocol reverse established previously. Meaning the injection of iBSS, iBEC, DeviceTree, KernelCache and Ramdisk modified files. These custom files can be extracted and automatically created using the iPhone-dataprotection tool suite of Sogeti.

The development of ironha1l and libironha1l lasted 3 months and contains more than 1000 lines of code. ironha1l and libironha1l are written in C. The ironha1l tool also comes with the limera1n exploit and payload (sources available on the Jailbreak community Wiki).

During the development, a number of difficulties came to light. The first one and the most difficult was the ramdisk size. During the first attempts to inject a custom ramdisk it has been established that a ramdisk size higher than ~10 MB could not be executed on the iDevice, unfortunately a ramdisk containing a SSH server cannot handle such a limited size. The solution was in fact, to alter a bit in the control transfer header specific to the ramdisk. This solution was established after many days by testing ramdom and various header values. Unfortunately it is still unknown why does this bit value bypass the size limitation.

Two more issues, this time related to limera1n, came to light during the libironha1l development. The first one is that limera1n consists of two elements, the source code and the payload. The limera1n payload is unfortunately not documented and is not open source, but it is easily extractable from Jailbreak tools such as RedSn0w. To extract this payload you need to apply the same reverse process as describer in the USB reverse part of this article. Meaning using Redsn0w in a Windows Virtual Machine on your Linux platform and dump all USB transmissions with Wireshark in Man In The Middle. Once the payload dumped, it has been tested and once again came another problem.

The limera1n exploit is based on the principal buffer overflow vulnerability of the bootrom, but unfortunately a USB control command must be sent to the iDevice during the injection process of the payload, so that the payload can be executed. If the control command reaches the iDevice too late, the payload is not executed. Le biggest problem is that generally the USB commands cannot overlap with one another with libusb, and this it is not possible to send the specific USB control command without interrupting the previous injection. The trick and the solution is to play with reception timeouts (acknowledgment replies), the payload is sent to the iDevice with a big timeout and due to its big size the iDevice will take a certain amount of time to deal with it. During this short amount of time (1 to 10 milliseconds), the control command that executes the payload must be sent, this time with a timeout lower than 10 milliseconds to match the iDevice process timing (ideally 1 millisecond).

Here is the prototype of ironha1l:

usage: ./ironha1l -h (help)
    [-v verbose_level{0,1,2,3}] [-d libusb_debug_level{0,1,2,3}]
    [-l limera1n_file] [-i iBSS_file] [-b iBEC_file]
    [-t DeviceTree_file] [-r Ramdisk_file] [-k KernelCache_file]
    [-c iBSS_command]
    [-z idBus]

Once our tool working and injecting correctly all elements of our customized boot chain, the iDevice boots on our ramdisk containing a SSH server. Meanwhile, on the client side we need to find a way to connect to this SSH server via USB. Fortunately this task is not a real big deal. The MobileDevice framework of Apple (included in iTunes for Windows) contains a daemon called usbmuxd. This daemon is typically what we need as it creates a TCP tunnel over USB to communicate with the iDevice services (in our case the ssh server). Of course, the usbmuxd used by Apple is not open source, but a bunch of great developers have created a usbmuxd version open source that comes with iproxy which is used for port forwarding. So combining usbmuxd with iproxy creates a local port that communicate through USB directly with the SSH socket in listening mode on the iDevice. It was not a big deal to port usbmuxd and iproxy for Android, as these tools are working under Linux. It should also be noted that this open source project is not maintained by Apple, thus each time a new device comes out usbmuxd must be updated by developers and apparently this is not an easy task. In our case our targeted iDevices are all working and supported by the latest version of usbmuxd.

The application portability is a very important aspect, it has been decided to directly integrate libusb and usbmuxd in ironha1l. Before compiling, a script downloads, patches and configures the latest libusb and usbmuxd version. The ironha1l tool suite is compatible with Linux, UNIX, BSD, Mac OS and Android.

Android port and GUI application DFOwn

Since the ICS version, Android supports USB host, which allows to connect to the USB port a USB device such as USB storage, mouse, etc. using a micro USB to USB host adaptor.

[ [

The first thing to do with Android was to root the OS, which is the easiest hacking task ever. The second step was to make sure DFU mode is well detected by Android. For this task either we can use lsusb ported on Android using Android SDK, or we can also use the devices tool contained in the ironha1l tool suite. The USB enumeration has been made on two devices, a SAMSUNG Galaxy SII and a SAMSUNG Galaxy Nexus, both under Android 4.0.3. It appeared that the Galaxy SII could not detect any iDevice in DFU mode (other modes were successfully detected). Even after multiple testings using different USB devices, even with a self-powered USB HUB the problem was still there and was not identified. Fortunately the Galaxy Nexus was working perfectly well under Android 4.0.3. Thus for the next part of the development this smartphone was used.

Android is a Linux based operating system, the compilation of ironha1l tool suite with Android SDK was almost instantaneous. There was only some very basic problems such as the creation of specific Makefiles for Android. The ironha1l binaries were thus sent to the Galaxy Nexus device to be used later with the JAVA GUI application DFOwn. The tools ironha1l, usbmuxd and iproxy have been manually tested and were working perfectly well. The custom boot chain was injected and the Android device can communicate with the SSH server of the Android loaded ramdisk. The iDevice partitions were accessible after mounting in read and/or write, it is thus possible to alter or download files from them directly from our Android smartphone. As described previously, some files such as email database are encrypted and cannot be decrypted without knowing the iDevice passcode, which is not the case for pictures and movies for example, or text message database and contact database.

[ [ [ [

The DFOwn JAVA application was created to provide a easy and fast way to use ironha1l and pwn (understand limera1n exploit + custom boot chain injection) the attached iDevice in DFU mode. DFOwn does not currently integrate a SFTP client which thus require the user to use its own SFTP client such as AndFTP to access the iDevice data.

Conclusion

DFOwn and ironha1l are Proof of Concept applications, their goal is to prove an attacker can gain access to your iDevice smartphone files easily with minimal hardware such as an Android smartphone. DFOwn takes about 1 minute to complete the ironha1l boot process on an iDevice. The application is fast, quiet and easy to use. Transfers can go up to 1.5 Mo/s depending of the iDevice and Android device used, which allows the attacker to get a large amount of files very quickly.

Sources Available HERE!

References

• http://images.apple.com/ipad/business/docs/iOS_Security_May12.pdf – iOS Security, Apple
• https://code.google.com/p/iphone-dataprotection – iPhone-dataprotection Sogeti ESEC
• http://theiphonewiki.com/wiki/index.php?title=Grabbing_IMG3_Keys – Jailbreak Community Wiki, Grabbing IMG3 Keys
• http://theiphonewiki.com/wiki/index.php?title=Let%27s_Get_Them_IMG3_Keys_/_IVs – Jailbreak Community Wiki, Let’s Get Them IMG3 Keys / IVs
• https://github.com/planetbeing/iphonelinux – iphonelinux, open source project of planetbeing (Yiduo David Wang)
• http://theiphonewiki.com/wiki/index.php?title=Baker_8B117_(iPhone_4) – iPhone 4 AES keys, Baker 8B117 (iPhone 4)
• http://theiphonewiki.com/wiki/index.php?title=GID-key – Jailbreak Community Wiki, GID-key
• http://www.usb.org/developers/devclass_docs/usbdfu10.pdf – Universal Serial Bus Device Class Specification for Device Firmware Upgrade
• http://theiphonewiki.com/wiki/index.php?title=Limera1n_Exploit – limera1n exploit source code by George Hotz
• http://cgit.sukimashita.com/usbmuxd.git – usbmuxd Linux source code
• http://android.serverbox.ch/?p=151 – Porting Libusb for Android on the Beagleboard in 5 steps
• http://news.softpedia.com/newsImage/Clean-iPhones-Also-Vulnerable-to-Attacks-Developer-Shows-2.jpg – SpyPhone application by Nicolas SERIOT
• http://www.lysesoft.com/products/andftp – AndFTP, a FTP, SFTP, SCP, FTPS client for Android devices
• Book – iOS Hacker’s Handbook by Charlie Miller, Dion Blazakis, Dino Dai Zovi, Stefan Esser, Vincenzo Iozzo, Ralf-Phillip Weinmann
• https://media.blackhat.com/bh-us-11/Esser/BH_US_11_Esser_Exploiting_The_iOS_Kernel_Slides.pdf – iOS Kernel Exploitation, by Stefan Esser
• http://antid0te.com/CSW2012_StefanEsser_iOS5_An_Exploitation_Nightmare_FINAL.pdf – iOS 5 An Exploitation Nightmare?, by Stefan Esser

Related terms:

• limera1n
• usbmuxd windows
• custom inject
• openiBoot
• android libusb
• ironha1l

This is the story about how I cracked 122 million* password hashes with John the Ripper and oclHashcat-plus.

Author: m3g9tr0n, Copy Editor: Thireus.

It was several months ago, when I (m3g9tr0n) saw a tweet from KoreLogic about a torrent file containing various hash lists of passwords for a total of 146 million passwords. This very big amount of password hashes at first discouraged me, as I only own a classic computer configuration with an AMD Phenom II 4 cores at 3,2 Mhz in addition to an ATI/AMD 5770 graphics card. But I really wanted to give it a try because the field of password cracking fascinates me.

The password cracking tools I used during this long trip were John the Ripper and oclHashcat-plus. This article is about cracking the provided MD5 hashes of KoreLogic only, but the same strategy was also applied to the SHA1 hashes.

Updates:

• 08/29/2012 – New example in the John the Ripper section: "Crack double MD5 hashes with the help of dict2hash.pl script"
• 08/29/2012 – New download! All in one sorted and cleaned version.

Dealing with hashes...

First of all the KoreLogic torrent file file must be decompressed, it contains a folder named "hashes". Let's check the content of this folder...

root@m3g9tr0n:~/hashes$ ls
longer_salts  raw-md5.hashes.txt  salted_with_md5  SHA1  vBulletin-v3.8.4

We will concentrate from now on the raw-md5.hashes.txt list. This file is 4.3 GB and includes 139444502 lines according to the wc utility.

root@m3g9tr0n:~/hashes$ wc -l raw-md5.hashes.txt 
139444502 raw-md5.hashes.txt

As you can assume, both John the Ripper and oclHashcat-plus are not able to load this file because it is too big. For that reason, we need to split this file. Under Linux we have a nice utility called split that does this job very well:

root@m3g9tr0n:~$ split --help
Usage: split [OPTION]... [INPUT [PREFIX]]
Output fixed-size pieces of INPUT to PREFIXaa, PREFIXab, ...; default
size is 1000 lines, and default PREFIX is `x'.  With no INPUT, or when INPUT
is -, read standard input.
 
Mandatory arguments to long options are mandatory for short options too.
  -a, --suffix-length=N   use suffixes of length N (default 2)
  -b, --bytes=SIZE        put SIZE bytes per output file
  -C, --line-bytes=SIZE   put at most SIZE bytes of lines per output file
  -d, --numeric-suffixes  use numeric suffixes instead of alphabetic
  -l, --lines=NUMBER      put NUMBER lines per output file
      --verbose           print a diagnostic just before each
                            output file is opened
      --help     display this help and exit
      --version  output version information and exit
 
SIZE may be (or may be an integer optionally followed by) one of following:
KB 1000, K 1024, MB 1000*1000, M 1024*1024, and so on for G, T, P, E, Z, Y.

We can use the --lines=NUMBER parameter to split our raw-md5.hashes.txt file.

root@m3g9tr0n:~/hashes$ split -l 3000000 raw-md5.hashes.txt part

Note that we can also split the file based on the amount of MBs by taking into consideration that each MD5 hash is 32 bytes long.

Cracking Passwords with oclHashcat-plus

I started playing with oclHashcat-plus because it contains the -remove option, which removes the hashes from the hashfile once it is cracked and it is really convenient. The only limitation oclHashcat-plus has, is the constraint on password length. In other words, it is only able to crack passwords up to 15 characters. The rules that I used for oclHashcat-plus are base64.rule, passwordspro.rule, T0XlC.rule and in some cases d3ad0ne.rule. There rules can be found directly from the oclHashcat-plus suite.

Bruteforce techniques were not my first choice. I used wordlists which I downloaded from the g0tm1lk's blogspot. You will find on g0tmi1k's article other external links for more wordlists. The biggest part of cracking process was done by using these wordlists with the rules mentioned above. Let's see some examples...

Using a single rule:

./oclHashcat-plus64.bin -m 0 ~/hashes/md5_1 ~/Wordlists/d3ad0ne.dic -r rules/best64.rule -o Ultimate_Crack/eNtr0pY_1 --remove

Using Rules' combination:

./oclHashcat-plus64.bin -m 0 ~/hashes/md5_1 ~/Wordlists/d3ad0ne.dic -r rules/best64.rule r rules/passwordspro.rule -o Ultimate_Crack/eNtr0pY_1 --remove

Bruteforce attack with mask (you can specify whichever charset you want):

./oclHashcat-plus64.bin -a 3 -1 ?l?d?u?s -m 0 ~/hashes/md5_1 ?1?1?1?1?1?1?1?1 -o Ultimate_Crack/eNtr0pY_1 --remove

Combination attack:

./oclHashcat-plus64.bin -a 1 -m 0 ~/hashes/md5_1 ~/Wordlists/d3ad0ne.dic ~/Wordlists/list -o Ultimate_Crack/eNtr0pY_1 --remove

Combination attack with rules:

./oclHashcat-plus64.bin -a 1 -m 0 ~/hashes/md5_1 ~/Wordlists/d3ad0ne.dic ~/Wordlists/list -r rules/passwordspro.rule -o Ultimate_Crack/eNtr0pY_1 --remove

Permutation attack:

./oclHashcat-plus64.bin -a 4 -m 0 ~/hashes/md5_1 ~/Wordlists/d3ad0ne.dic -o Ultimate_Crack/eNtr0pY_1 --remove

Permutation attack with rules:

./oclHashcat-plus64.bin -a 4 -m 0 ~/hashes/md5_1 ~/Wordlists/d3ad0ne.dic -r rules/best64.rule -o Ultimate_Crack/eNtr0pY_1 --remove

In some cases, I used the hybrid + mask attack technique:

./oclHashcat-plus64.bin -a 6 -1 ?l?d -m 0 ~/hashes/md5_1 ~/Wordlists/d3ad0ne.dic ?1?1 -o Ultimate_Crack/eNtr0pY_1 --remove

Hybrid + mask attack with rules:

./oclHashcat-plus64.bin -a 6 -1 ?l?d -m 0 ~/hashes/md5_1 ~/Wordlists/d3ad0ne.dic ?1?1 -r rules/best64.rule -o Ultimate_Crack/eNtr0pY_1 --remove

At this point, I did not use these last two methods as they were very time consuming. I rather found a better one using KoreLogic's Rules for John the Ripper by piping the output of John the Ripper to oclHashcat-plus. As I mentioned, oclHashcat-plus is able to crack passwords up to 15 characters. For that reason, I had to define every time, via the --stdout option, the length of the produced word. If you own a very fast GPU you can skip the following example.

./john --wordlist=~/Wordlists/all.lst -rules:KoreLogicRulesPrependYears --stdout=10 | ./oclHashcat-plus64.bin -m 0 ~/hashes/md5_1 -o Ultimate_Crack/eNtr0pY_1 --remove

Of course you can use other prepend rules created from Korelogic, like KoreLogicRulesPrependNumNum, or even better create your own rules!

It was time to produce a wordlist from the cracked passwords and use it to crack the remaining hashes. From eNtr0pY_1, I removed the MD5 hashes with the following command.

cut -b34- eNtr0pY_1 > eNtr0pY_1.dic

By using the above produced wordlist, a big amount of MD5 hashes were cracked using the fingerprint attack. You can read more about this attack from Martin Bos @purehate and I guarantee you that this technique is very successful!

Of course you can also use the binaries included into hashcat-utils and pipe the output of each util to oclHashcat-plus.

root@m3g9tr0n:~/oclHashcat-plus-0.08/hashcat-utils$ ls
combinator.bin  expander.bin  gate.bin  len.bin  mp32.bin  permute.bin  prepare.bin  req.bin  splitlen.bin

Cracking Passwords with John the Ripper

After testing all my wordlist collection and after several days, it was time to move to John the Ripper for cracking the rest of password hashes...

I used magnum-ripper compiled with OpenCL for ATI/AMD graphics card because I wanted to use the --format=raw-md5-opencl parameter. Compared to --format=raw-md5, it is way faster as it uses your CPU and GPU!

The Rules that were used with John the Ripper are:

• wordlist
• Single
• NT
• Extra
• KoreLogicRulesAppendNumbers_and_Specials_Simple
• KoreLogicRulesAppend6Num
• KoreLogicRulesPrependAndAppendSpecial
• KoreLogicRulesAppendNumNum_AddSpecialEverywhere
• KoreLogicRulesAppendNumNumNum_AddSpecialEverywhere
• KoreLogicRulesL33t.

You can download these rules and add them to your john.conf file:

• http://paste2.org/p/2048517
• http://paste2.org/p/2048512

Let’s see now some examples with John the Ripper...

Using --rules=Single:

./john --format=raw-md5-opencl --wordlist=../../Wordlists/all.lst --rules:Single ~/hashes/md5_1

The results of cracked hashes are stored in the john.pot file by default. You can examine its contents with cat, more, head and tail.

root@m3g9tr0n:~/Tools/Password_Cracking/magnum-jumbo-OpenCL/run$ tail -n 9 john.pot 
$MD5$0fad81e7a61b47d387dde893fcf8e88a:anacarolinagu
$MD5$0f82fc9a81f5db07eb9289767390fd2b:fabulousfoodsu
$MD5$0e22933267b2e7df062703c4e5842029:fabuloustravelu
$MD5$0d40086a54fefe993c9816d1441672ac:modularhomeu
$MD5$0ed8181fc4d18e260dd8e36633124bfd:greenshoppingu
$MD5$0d6e8da4017ec5c384ac5536087da44d:lawofattractionu
$MD5$0eb916d3c6a66a32cedd4acc6edb1dbb:hotreportu
$MD5$0e241f99b5c13d56686ec618ab54d5fa:flightsandholidaysu
$MD5$0f3c99478362aae389d2cbf716394269:stthomasmoresu

To generate a wordlist from the john.pot file, you can use the following command.

cut -d: -f 2- john.pot | sort -u > cracked.dic

The generated wordlist can be used to crack more hashes when combined with the abovementioned rules.

When I was cracking MD5 hashes with oclHashcat-plus, I observed that some produced passwords were rejected. This is because oclHashcat-plus has a limitation about characters' length. For that reason, I piped hashcat's output to John the Ripper with the additional advantage of using hashcat rules with John the Ripper.

./hashcat-cli64.bin --stdout ~/Wordlists/d3ad0ne.dic -r rules/best64.rule | ./john --format=raw-md5-opencl --stdin ~/hashes/md5_1

After trying all the wordlists combined with the rules mentioned above, it was time to move to bruteforce attacks with John the Ripper. Unfortunately, John the Ripper does not use the mask attacks to produce passwords when implementing bruteforce attacks. We have to create our own charset based on cracked passwords contained in john.pot.

./john --make-charset=eNtr0pY.chr
Loaded 7948325 plaintexts
Generating charsets... 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 DONE
Generating cracking order... DONE
Successfully written charset file: eNtr0pY.chr (95 characters)

Many of you will wonder about "31 DONE"... This is just because I compiled John the Ripper with 31 characters length. By default, John the Ripper is compiled with support for up to 8 characters length, so it is best to change it by modifying the following lines of the header file params.h located in the scr folder of John the Ripper.

#define CHARSET_MIN                     ' '
#define CHARSET_MAX                     0x7E
#define CHARSET_SIZE                    (CHARSET_MAX - CHARSET_MIN + 1)
#define CHARSET_LENGTH                  8 //Change that to 31 or whatever you wish

At last you have to include your created charset to john.conf as provided in this example:

# Incremental modes
[Incremental:eNtr0pY]
File = $JOHN/eNtr0pY.chr
MinLen = 0
MaxLen = 31
CharCount = 95

Now it is time to use bruteforce attacks with our own charstet!

./john --format=raw-md5-opencl --incremental=eNtr0pY ~/hashes/md5_1

If you look into john.conf you will see some bruteforce attack modes categorized as externals. These are Double, Strip, Keyboard (which uses neighbor combinations produced from keyboard characters), KnownForce, DateTime, Repeats, Sequence, Subsets and DumbForce for crazy password formats.

./john --format=raw-md5-opencl --external=DumbForce ~/hashes/md5_1

We would also like to crack double MD5 hashes with the help of the dict2hash.pl script provided here.

perl dict2hash.pl < rockyou.txt | ./john --format=raw-md5-opencl --stdin ~/md5_1

Here you can see some samples of cracked MD5s with John the Ripper:

• http://pastebin.com/uaGFXkBA
• http://pastebin.com/LT5Gda9L

Personally, I believe a password like "$MD5$0b26a0faf1344d6e772bf55628e10e29:n34=mn { .clipboard $me }" is impossible to crack with bruteforce attacks.

Note: All the abovementioned techniques can be used with oclHashcat-plus by defining -m 100 and with John the Ripper by defining --format=raw-sha1-opencl for SHA1 cracking with OpenCL!

Password Analysis

Finally, it worths to see an analysis using pipal (a password analyser) of a collected sample generated from cracking results.

root@m3g9tr0n:~/pipal$ ruby1.9.1 pipal.rb \
-o eNtr0pY_1 ~/Wordlists/Ultimate/Part1/eNtr0pY_5.dic
Total entries = 759103
Total unique entries = 758299
 
Top 10 passwords
niezgadniesz123 = 3 (0.0%)
ubqu = 3 (0.0%)
amonys = 3 (0.0%)
centralitie = 3 (0.0%)
bobydu = 3 (0.0%)
hanghuynh = 3 (0.0%)
hmadyousi = 3 (0.0%)
matthewperman = 3 (0.0%)
shadowninja2 = 3 (0.0%)
lhz4 = 3 (0.0%)
 
Top 10 base words
august = 219 (0.03%)
july = 205 (0.03%)
april = 199 (0.03%)
june = 195 (0.03%)
march = 165 (0.02%)
alex = 161 (0.02%)
love = 132 (0.02%)
chris = 130 (0.02%)
daniel = 128 (0.02%)
dragon = 122 (0.02%)
 
Password length (length ordered)
1 = 13 (0.0%)
2 = 103 (0.01%)
3 = 1332 (0.18%)
4 = 16781 (2.21%)
5 = 19831 (2.61%)
6 = 95800 (12.62%)
7 = 202414 (26.66%)
8 = 158562 (20.89%)
9 = 103855 (13.68%)
10 = 75652 (9.97%)
11 = 46023 (6.06%)
12 = 24997 (3.29%)
13 = 8423 (1.11%)
14 = 3772 (0.5%)
15 = 1560 (0.21%)
 
Password length (count ordered)
7 = 202414 (26.66%)
8 = 158562 (20.89%)
9 = 103855 (13.68%)
6 = 95800 (12.62%)
10 = 75652 (9.97%)
11 = 46023 (6.06%)
12 = 24997 (3.29%)
5 = 19831 (2.61%)
4 = 16781 (2.21%)
13 = 8423 (1.11%)
14 = 3772 (0.5%)
15 = 1560 (0.21%)
3 = 1332 (0.18%)
2 = 103 (0.01%)
1 = 13 (0.0%)
 
       |                                                                
       |                                                                
       |                                                                
       ||                                                               
       ||                                                               
       ||                                                               
       ||                                                               
       |||                                                              
      ||||                                                              
      ||||                                                              
      |||||                                                             
      |||||                                                             
      ||||||                                                            
      ||||||                                                            
    |||||||||                                                           
|||||||||||||||||                                                       
00000000001111111
01234567890123456
 
One to six characters = 133854 (17.63%)
One to eight characters = 494828 (65.19%)
More than eight characters = 264275 (34.81%)
 
Only lowercase alpha = 154996 (20.42%)
Only uppercase alpha = 14072 (1.85%)
Only alpha = 169068 (22.27%)
Only numeric = 119581 (15.75%)
 
First capital last symbol = 6088 (0.8%)
First capital last number = 73611 (9.7%)
 
Months
january = 109 (0.01%)
february = 45 (0.01%)
march = 247 (0.03%)
april = 251 (0.03%)
may = 850 (0.11%)
june = 246 (0.03%)
july = 223 (0.03%)
august = 300 (0.04%)
september = 80 (0.01%)
october = 134 (0.02%)
november = 113 (0.01%)
december = 115 (0.02%)
 
Days
monday = 59 (0.01%)
tuesday = 20 (0.0%)
wednesday = 7 (0.0%)
thursday = 38 (0.01%)
friday = 46 (0.01%)
saturday = 7 (0.0%)
sunday = 70 (0.01%)
 
Months (Abreviated)
jan = 1482 (0.2%)
feb = 249 (0.03%)
mar = 8397 (1.11%)
apr = 692 (0.09%)
may = 850 (0.11%)
jun = 889 (0.12%)
jul = 1051 (0.14%)
aug = 785 (0.1%)
sept = 215 (0.03%)
oct = 512 (0.07%)
nov = 821 (0.11%)
dec = 874 (0.12%)
 
Days (Abreviated)
mon = 4319 (0.57%)
tues = 28 (0.0%)
wed = 217 (0.03%)
thurs = 44 (0.01%)
fri = 758 (0.1%)
sat = 769 (0.1%)
sun = 1018 (0.13%)
 
Includes years
1975 = 411 (0.05%)
1976 = 388 (0.05%)
1977 = 446 (0.06%)
1978 = 432 (0.06%)
1979 = 441 (0.06%)
1980 = 541 (0.07%)
1981 = 453 (0.06%)
1982 = 519 (0.07%)
1983 = 533 (0.07%)
1984 = 603 (0.08%)
1985 = 585 (0.08%)
1986 = 616 (0.08%)
1987 = 710 (0.09%)
1988 = 641 (0.08%)
1989 = 941 (0.12%)
1990 = 931 (0.12%)
1991 = 995 (0.13%)
1992 = 935 (0.12%)
1993 = 905 (0.12%)
1994 = 907 (0.12%)
1995 = 4021 (0.53%)
1996 = 858 (0.11%)
1997 = 486 (0.06%)
1998 = 443 (0.06%)
1999 = 416 (0.05%)
2000 = 1024 (0.13%)
2001 = 643 (0.08%)
2002 = 586 (0.08%)
2003 = 1132 (0.15%)
2004 = 1254 (0.17%)
2005 = 796 (0.1%)
2006 = 818 (0.11%)
2007 = 1442 (0.19%)
2008 = 1019 (0.13%)
2009 = 742 (0.1%)
2010 = 767 (0.1%)
2011 = 516 (0.07%)
2012 = 925 (0.12%)
2013 = 165 (0.02%)
2014 = 142 (0.02%)
2015 = 146 (0.02%)
2016 = 118 (0.02%)
2017 = 139 (0.02%)
2018 = 131 (0.02%)
2019 = 172 (0.02%)
2020 = 179 (0.02%)

Years (Top 10)
1995 = 4021 (0.53%)
2007 = 1442 (0.19%)
2004 = 1254 (0.17%)
2003 = 1132 (0.15%)
2000 = 1024 (0.13%)
2008 = 1019 (0.13%)
1991 = 995 (0.13%)
1989 = 941 (0.12%)
1992 = 935 (0.12%)
1990 = 931 (0.12%)
 
Colours
black = 485 (0.06%)
blue = 549 (0.07%)
brown = 184 (0.02%)
gray = 89 (0.01%)
green = 348 (0.05%)
orange = 125 (0.02%)
pink = 262 (0.03%)
purple = 73 (0.01%)
red = 2974 (0.39%)
white = 179 (0.02%)
yellow = 85 (0.01%)
violet = 63 (0.01%)
indigo = 22 (0.0%)
 
Single digit on the end = 92080 (12.13%)
Two digits on the end = 87587 (11.54%)
Three digits on the end = 103715 (13.66%)
 
Last number
0 = 45407 (5.98%)
1 = 64764 (8.53%)
2 = 52570 (6.93%)
3 = 52890 (6.97%)
4 = 43719 (5.76%)
5 = 55185 (7.27%)
6 = 42826 (5.64%)
7 = 46169 (6.08%)
8 = 42475 (5.6%)
9 = 44930 (5.92%)
 
 |                                                                      
 |                                                                      
 | | |                                                                  
 ||| |                                                                  
|||| | | |                                                              
||||||||||                                                              
||||||||||                                                              
||||||||||                                                              
||||||||||                                                              
||||||||||                                                              
||||||||||                                                              
||||||||||                                                              
||||||||||                                                              
||||||||||                                                              
||||||||||                                                              
||||||||||                                                              
0123456789
 
Last digit
1 = 64764 (8.53%)
5 = 55185 (7.27%)
3 = 52890 (6.97%)
2 = 52570 (6.93%)
7 = 46169 (6.08%)
0 = 45407 (5.98%)
9 = 44930 (5.92%)
4 = 43719 (5.76%)
6 = 42826 (5.64%)
8 = 42475 (5.6%)
 
Last 2 digits (Top 10)
95 = 14675 (1.93%)
23 = 12192 (1.61%)
12 = 9230 (1.22%)
11 = 8214 (1.08%)
01 = 7606 (1.0%)
00 = 7131 (0.94%)
07 = 6295 (0.83%)
10 = 6182 (0.81%)
21 = 5881 (0.77%)
99 = 5868 (0.77%)
 
Last 3 digits (Top 10)
123 = 6857 (0.9%)
995 = 4122 (0.54%)
971 = 2916 (0.38%)
972 = 2850 (0.38%)
007 = 2514 (0.33%)
000 = 1868 (0.25%)
234 = 1725 (0.23%)
666 = 1465 (0.19%)
777 = 1389 (0.18%)
004 = 1347 (0.18%)
 
Last 4 digits (Top 10)
1995 = 3886 (0.51%)
1234 = 1379 (0.18%)
2007 = 1325 (0.17%)
2004 = 1121 (0.15%)
2003 = 1016 (0.13%)
2008 = 869 (0.11%)
2000 = 846 (0.11%)
1991 = 819 (0.11%)
2012 = 809 (0.11%)
1990 = 789 (0.1%)
 
Last 5 digits (Top 10)
12345 = 743 (0.1%)
23456 = 652 (0.09%)
54321 = 189 (0.02%)
23123 = 140 (0.02%)
56789 = 127 (0.02%)
34567 = 102 (0.01%)
11111 = 99 (0.01%)
45678 = 75 (0.01%)
00000 = 73 (0.01%)
88888 = 68 (0.01%)
 
US Area Codes
971 = Oregon:  Metropolitan Portland,
               Salem/Keizer area,
               incl Cricket Wireless (OR)
972 = Texas: Dallas Metro (TX)
234 = NE Ohio: Canton, Akron (OH)
 
Character sets
loweralphanum: 330937 (43.6%)
loweralpha: 154996 (20.42%)
numeric: 119581 (15.75%)
mixedalphanum: 41121 (5.42%)
upperalphanum: 41078 (5.41%)
mixedalpha: 28464 (3.75%)
upperalpha: 14072 (1.85%)
loweralphaspecial: 10222 (1.35%)
loweralphaspecialnum: 5735 (0.76%)
mixedalphaspecial: 4724 (0.62%)
upperalphaspecial: 2939 (0.39%)
mixedalphaspecialnum: 2247 (0.3%)
specialnum: 648 (0.09%)
upperalphaspecialnum: 374 (0.05%)
special: 47 (0.01%)
 
Character set ordering
stringdigit: 349534 (46.05%)
allstring: 197532 (26.02%)
alldigit: 119581 (15.75%)
digitstring: 28873 (3.8%)
othermask: 18649 (2.46%)
stringdigitstring: 14577 (1.92%)
stringspecial: 10441 (1.38%)
digitstringdigit: 9981 (1.31%)
stringspecialstring: 5469 (0.72%)
stringspecialdigit: 3075 (0.41%)
specialstring: 834 (0.11%)
specialstringspecial: 510 (0.07%)
allspecial: 47 (0.01%)
 
Hashcat masks (Top 10)
?d?d?d?d?d?d?d: 85053 (11.2%)
?l?l?l?l?l?l: 38400 (5.06%)
?l?l?l?l?l?l?l?l: 36217 (4.77%)
?l?l?l?l?l?l?l: 35468 (4.67%)
?l?l?l?l?l?l?d?d?d: 24051 (3.17%)
?l?l?l?l?l?l?d?d: 18591 (2.45%)
?l?l?l?l?l?d?d?d: 18047 (2.38%)
?d?d?d?d?d?d: 16048 (2.11%)
?l?l?l?l?l?l?l?l?l: 14236 (1.88%)
?l?l?l?l?d?d?d: 13802 (1.82%)

Conclusion

This was a very time consuming and a hard job because I do not own the fastest graphics card. The whole cracking process took about 5 months to accomplish because I had to finish my studies for CCNP certification. The lesson learned from this is that with a good and smart dictionary combined with handy rules either for hashcat or John the Ripper even strong passwords can be cracked. Based on the above statement, admins should use a stronger hash algorithm (with salt) to store your passwords and on your side just change your passwords in a regular basis.

Thanks for reading.

You can find me on twitter, @m3g9tr0n.

Downloads

You can download the results of the cracked hashes:

721.9 MB - m3g9tr0n_122Million_Passwords_WordLists.zip

The provided KoreLogic torrent file contains various but unique password hashes. For that reason you may find duplicated passwords in these wordlists, as a single password can be hashed using various algorithmes! Meaning that 122 million unique hashes (MD5, SHA1, double MD5, etc.) were cracked and result in 83,6 million unique passwords.

You can download the “all in one” version, cleaned and sorted:

270.2 MB - m3g9tr0n_Passwords_WordList_CLEANED.zip

The command used to generate this "all in one" CLEANED wordlist was:

export LC_ALL='C' && cat * | sort | uniq > eNtr0pY_ALL_sort_uniq.dic

References

• hashcat Wiki [ http://hashcat.net/wiki/ ]
• John the Ripper Wiki [ http://openwall.info/wiki/john ]

Related terms:

• korelogic rule set
• md5 crack
• oclhashcat-plus tutorial
• Hashcat
• how i cracked 122 million
• md5 cracker
• crack md5
• eNtr0pY_ALL_sort_uniq dic
• md5 hash cracker
• sha1 cracker

How to build a HackinTosh with Mountain Lion (10.8), the latest version of MacOS X.

During this very hot summer (about 37°C outside), I spent about 20 hours in an entire weekend to install MacOS 10.8 Mountain Lion on my Asus Sabertooth P67. Really, there's no best time for that… And because I love you my readers, I wrote this little GUIDE in the hope you'll find useful information about it.

This article will be updated frequently. So come back here from time to time or follow me on twitter!

What’s not working:

• Nothing

Updates: (subscribe to my twitter to get notified)

• 08/20/2012 – ExtraThi updated to v1.1! (ExtraThi v1.0 was broken)
• 08/20/2012 – Added USB 3.0 support explanations in STEP #3.
• 08/23/2012 – Updated information relative to Extensions.mkext creation.
• 08/23/2012 – Original ExtraThi_v1.1 renamed to ExtraThi_v1.1_10.8.
• 08/23/2012 – 10.8.1 update procedure with ExtraThi_v1.1_10.8.1.
• 08/23/2012 – Chameleon 2.1 r2048 replaced by r2050.
• 08/24/2012 – 10.8.1 update procedure [ TESTING… ] -> [ GOOD ]
• 09/22/2012 – Fixed a mistake in AppleGraphicsPowerManagement.kext plist modification (IOCFUnserialize: syntax error near line 2995). Please download the new kext or apply the new modifications!
• 09/22/2012 – Chameleon 2.1 r2050 replaced by r2060.
• 09/22/2012 – 10.8.2 update procedure [ GOOD ]
• 01/11/2013 – Minor changes.
• 01/11/2013 – USB 3.0 working, added a note about it for SaberTooth P67 users.
• 03/18/2013 – Chameleon 2.1 r2060 replaced by Chameleon 2.2 r2187.
• 03/18/2013 – iMessage fix with FileNVRAM from xZeneu LLC.
• 03/18/2013 – New version of AGPM.kext for MacOS X 10.8.3.
• 03/18/2013 – 10.8.3 update procedure [ TESTING… ] -> [ GOOD ]
• 03/18/2013 – Minor changes.
• 03/29/2013 – Fixed a mistake in AppleGraphicsPowerManagement.kext plist modification for 10.8.3. Please download the new kext!
• 05/04/2013 – New Audio kext instructions, which fix “With DSDT” Audio kext issues under 10.8.3. (MultiBeast has been updated with new audio kexts: Updated toleda’s patched AppleHDAs to the 10.8.3 versions)
• 05/04/2013 – USB 3.0 support is now UNIVERSAL! New USB 3.0 Instructions. (Make sure to delete any CalDigit*.kext and PXHCD.kext drivers from your /System/Library/Extensions folder). Fix USB 3.0 not properly working under 10.8.3. You should now use RehabMan’s branch of Zenith432’s GenericUSBXHCI.kext to enable USB 3.0.
• 05/04/2013 – ExtraThi updated to v1.2! (New Preboot image with new additional and updated kexts. Thanks to Artistus!)
• 06/07/2013 – 10.8.4 update procedure [ GOOD ]
• 06/07/2013 – Chameleon 2.2 r2187 replaced by Chameleon 2.2 r2189.
• 09/21/2013 – Chameleon 2.2 r2189 replaced by Chameleon 2.2 r2263.
• 09/21/2013 – ExtraThi updated to v1.3! (New fakesmc.kext + plugins 5.3.832 from kozlek)
• 09/21/2013 – 10.8.5 update procedure [ GOOD ]
• 11/04/2013 – Chameleon 2.2 r2263 replaced by Chameleon 2.2 r2266.
• 11/04/2013 – AppleIntelE1000e.kext, you should roll back to v2.4.14.
• 11/04/2013 – 10.8.5 Supplemental Update 1.0 PROCEDURE [ GOOD ]
• 16/03/2014 – SAPPHIRE ATI Radeon HD6870 multiple output (4 PORT dvi/hdmi) fix.

TODO:

• Better AGPM.kext for NVIDIA GTX 480 to avoid lags of 1st speedstep layer. (in fact the plist modification was broken due to a syntax error… so the kext was not loaded! It is now fixed!)
• Extra checks regarding STEP #3 additional kexts.
• Better patch for AppleIntelCPUPowerManagement (boot kext mode) so it can be added to Extensions.mkext and will not require to be removed from /S/L/E.
• Test betstu settings for AGPM.kext GTX480 iMac12,2 10.8

Before we start…

This is not a universal/generic GUIDE. All tips, files and patches provided in this article are designed to work for my own computer specs. In the meantime, I think people with a similar configuration will find this guide interesting and useful to achieve their installation of MacOS X Mountain Lion.

This guide was not written for beginners, also if you have any questions, I recommend you to ask on various HackinTosh forum communities before, such as tonymacx86 or InsanelyMac.

About my specs

Let’s see what we have here…

• CPU: Intel – Processeur – Intel Core i7 2600K / 3,4 GHz – LGA1155 Socket – L3 8 Mo
• RAM: G.Skill Kit Extreme3 4 x 4 Go PC15000 Sniper CAS 9
• MotherBoard: ASUS SABERTOOTH P67 (rev. B3) – Socket 1155 – Chipset P67 – ATX – BIOS VERSION 2302 official*
• GPU: SAPPHIRE ATI Radeon HD6870 Toxic | 1024 Mo DDR5 – PCI Express – DUAL DVI / HDMI / mini DP
• GPU: ASUS ENGTX480/2DI/1536MD5 GeForce GTX 480 (Fermi) 1536MB 384-bit GDDR5 PCI Express 2.0 x16 HDCP Ready SLI Support Video Card
• Power Supply: OCZ Z Series Gold OCZZ1000M 1000W
• CPU Cooler: COOLER MASTER HYPER 212 PLUS
• Case: Lian Li PC-K63

* Some people have reported issues with the SATA controller for the latest 3302 version (link). Do not upgrade your BIOS unless you know what you’re doing. By the way, it is possible to patch your BIOS to avoid some issues with MacOS, such as AppleIntelCPUPowerManagement problems related to Intel SpeedStep.

What will you need?

It's always best to already have a working version of MacOS installed on your HackinTosh. Although it's possible to achieve all steps of this GUIDE with an external MacOS system, it will be more difficult. But before anything else, I recommend you to get the following stuff:

• 1 x USB/SD card of 8GB minimum.
• 1 x Original Mountain Lion Install DVD (InstallESD.dmg, md5 checksum = 8b4869920cd740414fe6b7e3f0b1be3e).
• 8GB of available space minimum to install Mountain Lion.
• 1 x Human Brain.
• 30 minutes up to 3 hours of your time.

HackinTosh common issues… Warning!

In case some of you might think that dealing with a HackinTosh is quite easy, here is a list of common issues you can face while attempting to build your HackinTosh. These issues CAN ALSO resurface after every OS X update!

• Speedstep not working, which causes Kernel Panic at startup (related to AppleIntelCPUPowerManagement.kext).
• SATA controller not working properly.
• Some ACPI tables not recognized (in this case you have to deal with DSDT or/and SSDT).
• Graphics cards not natively supported can lead to Kernel Panics, bad power management (altered performances), black/blank screens, freezes, video output not recognized (DVI/HMDI/VGA), etc.
• USB not recognized, including both USB 2.0 and 3.0.
• Network cards not working or stuck at a certain speed.
• Audio output/input not working.
• Sleep/Wake/Reboot not working.

Most of these issues can be solved by patching Apple drivers, or installing custom drivers. Some of them, such as DSDT and SSDT tables require advanced knowledge and hacks.

STEP 1 – Creating USB/SD Mountain Lion Installation Drive

For this part, you need to force Finder to show all hidden files (link).

1. Right Click on "Install OS X Mountain Lion" -> Show Package Contents.
2. Contents -> Shared Support -> InstallESD.dmg.
3. Open InstallESD.dmg (this will popup the “Mac OS X Install ESD” volume).
4. In "Mac OS X Install ESD" volume open **BaseSystem.dmg **(this will popup the "Mac OS X Base System" volume).
5. Open the Disk Utility application.

Now we will create our USB/SD Mountain Lion installation DVD volume.

1. Partition your USB/SD device to match two partition, GUID Partition Scheme, both must be Mac OS Extended (Journaled).
2. The first partition must be around 500MB, and the second one the remaining free space.
3. Call the first partition CHAMELEON (500MB), and the second one INSTALLDVD (more than 6GB).
4. Restore "Mac OS X Base System" volume (source) to INSTALLDVD (destination).
5. Once done, your INSTALLDVD partition should now popup under the name Mac OS X Base System.
6. Replace "Mac OS X Base System"/System/Installation/Packages (must be removed) by "Mac OS X Install ESD"/Packages (copy/paste)*
7. "Mac OS X Base System" is now your installation DVD volume.

* A more detailed and illustrated guide about this process can be found on this link.

At the end, this is how your USB/SD drive should look like:

[

Now we have to create the bootloader:

1. Download Chameleon 2.2 r2266 or newer version (from source or package).
2. Install Chameleon on your CHAMELEON volume (default install, no extra options checked).
3. Open CHAMELEON, unzip and copy the following Extra folder into it:

54.9 MB - ExtraThi_v1.1_10.8.zip

In this Extra folder you will find:

• DSDT.aml/dsl files are specific to ASUS Sabertooth P67 AND Intel Core i7-2600k! If you have a different configuration you can create and patch your own DSDT, or you can find pre-patched DSDT in this database.
• SSDT patches for CPU Speedstep have been directly integrated to DSDT (ASUS motherboards does not deal with SSDT for that). If you have a different configuration other than ASUS Sabertooth P67 AND Intel Core i7-2600k, YOU MUST follow these instructions to create your own SSDT or find some help in this forum. If you do not create any SSDT file or patch your DSDT file (for your custom configuration) you will be stuck at some CPU speed (16x for example).
• Preboot.dmg contains all generic kexts you need to boot, including patched AppleIntelCPUPowerManagement.kext. It also contains the Darwin kernel (12.0.0) for MacOS X 10.8. This Preboot.dmg image should be generic but is dependent of the OS X version.
• Other files are generic and related to Chameleon configuration.

Once done, eject your drive and boot your computer with it. Chameleon should display a list of bootable drives, you must select "Mac OS X Base System".

STEP 2 – Install MacOS X Mountain Lion 10.8

Boot your "Mac OS X Base System" drive (which is Mountain Lion Installation DVD) in verbose mode (-v).

Now comes the hard part. If you are lucky enough and if you use the same configuration as me, Mountain Lion Installation DVD will load without any issues. If not, issues can be related to the ones listed in the HackinTosh common issues… Warning! section of this GUIDE. Most issues can be related to your Graphic Card and can be solved with some tricks like GraphicsEnabler=Yes/No. For this reason, I will not list here all issues and solutions, it really depends of your Graphic Card model. By the way, if you plan to buy a new Graphic Card, I recommend you to have a look at this list and buy a "Working Out Of the Box" Graphic Card.

Some people are facing an issue with ATI/AMD Graphics Cards, when the Installation DVD is loaded they see a blank screen and their mouse but nothing else. To fix this issue you have two solutions:

1. You can press the power button to make your computer got to sleep, and then press the power button again to wake it up. Once awake you should see the normal Installation screen and no more blank screen. This works only if you have sleep/wake working. It was working for me with my ATI Radeon HD6870 Toxic.
2. According to this topic, you can delete/backup ATI6000controller.kext which is located in your "Mac OS X Base System"/System/Library/Extensions folder. This step is only for the installation process. Once on Mountain Lion you must put this file back in your /System/Library/Extensions folder.

In case everything works well, you should be able to install Mountain Lion.

[ [ [ [

RAID0 (optional part)

Those who don’t want to use RAID0 might find this tip useful too, because this tip provides an easy way to backup the Extensions.mkext file to prevent any stuck OS X. For example, if you install a bad kext in your /System/Library/Extensions folder that crashes your OS on the next boot, you can easily rollback to one of your previous Extensions.mkext files which does not contain this bad kext.

If you want to install Mountain Lion on a RAID0 software partition you'll also be interested to read my old post regarding RAID 0 Apple Software + x86_64 kernel + GUID + Dual Boot Seven. Note that if you are planing to install your OS on a RAID0 partition it is way better to have an external chameleon bootloader (located on another drive), because you will face a big issue regarding kexts. Chameleon will not be able to access your RAID0 drive to load Extensions.mkext nor extensions located in the /System/Library/Extensions folder (in case you try to boot without cache -f). For this reason, you will need to create the Extensions.mkext cache file in your Chameleon Extra folder BEFORE you try to boot Mountain Lion and AFTER any changes in your /System/Library/Extensions folder. YOU SHOULD FIRST DELETE AppleIntelCPUPowerManagement.kext from your /System/Library/Extensions folder!

Use the following commands every time you update your OS or update your Extensions folder:

mv /Volumes/CHAMELEON/Extra/Extensions.mkext /Volumes/CHAMELEON/Extra/Extensions.mkext.bak
cd /Volumes/CHAMELEON/Extra/
sudo kextcache -v -l -m Extensions.mkext /System/Library/Extensions

If you have multiple Extensions folders:

mv /Volumes/CHAMELEON/Extra/Extensions.mkext /Volumes/CHAMELEON/Extra/Extensions.mkext.bak
cd /Volumes/CHAMELEON/Extra/
sudo kextcache -v -l -m Extensions.mkext /Extra/Extensions ... /System/Library/Extensions ... /AndAnyOtherFolderContainingkexts

STEP 3 – Boot Mountain Lion 10.8 and install additional kexts

Use your Chameleon USB/SD drive to boot Mountain Lion. When the list of bootable OS popup you just have to choose the name of the OS X partition where you have installed Mountain Lion. Once done… Welcome in Mountain Lion!

YOU SHOULD FIRST DELETE AppleIntelCPUPowerManagement.kext from your /System/Library/Extensions folder!
DELETE THIS KEXT AFTER ANY UPDATE OF MOUNTAIN LION, BEFORE REBOOT!

What you might want to do is to install the Chameleon Bootloader on your disk to get rid of your USB/SD bootable device. Follow once again the steps to install Chameleon with the Extra folder, but this time either select your Mountain Lion partition or another bootable device (if you have installed OSX on a Raid0 partition I recommend you the second option). Then in your BIOS, change the settings to boot on the drive where you have installed Chameleon!

About additional kexts…

Audio, USB 3.0 and Ethernet drivers can be found in MultiBeast – Mountain Lion. The reason why I prefer not to use such tools for a fresh install is because most of the time we don't know what exactly these applications install. So I prefer creating my own bootloader with my own kexts, which is better in case I need to debug my bootloader.

• Audio* – If you use my DSDT you must select ALC892 from the “Drivers & Bootloaders -> Drivers -> Audio -> Realtek ALC8xx -> With/Without DSDT” section (use ‘Without DSDT’ if you have not patched your DSDT). Otherwise, you must select the audio driver for your own configuration in case the Audio doesn't work out of the box.
• USB 3.0 – Install USB 3.0 – Universal from the “Drivers & Bootloaders -> Drivers -> Miscellaneous” section. Make sure you do not have any CalDigit*.kext and PXHCD.kext drivers from your /System/Library/Extensions folder, otherwise you must delete them (and rebuild your kext cache).
• Ethernet* – Install hnak's AppleIntelE1000e Ethernet (from MultiBeast – Mountain Lion) or AppleIntelE1000e.kext (I prefer this method). It is strongly advised to use the stable 2.4.14 version of this kext. Newest versions are very unstable after hours of heavy network usage (i.e. 2.5.4d). This issue was reported on the official forum topic: here.

124.3 KB - AppleIntelE1000e_2.4.14.kext.zip

* Note that these drivers depend of your motherboard!

[

Before each reboot make sure to Repair Permissions with the Disk Utility.

Hopefully my NVIDIA GTX 480 and AMD HD6870 Graphics Cards were working out of the box on Mountain Lion. OpenCL, OpenGL and Quartz Extreme are working without any patch. If you need to patch OpenCL you'll find more information on this topic. The only issue I faced on Mountain Lion was the bad GPU power management of my NVIDIA GTX 480. To fix this issue you need to patch the Infos.plist file contained in the AppleGraphicsPowerManagement.kext folder.

Here are the lines you need to add, right after iMac12,2 . This patch only works for iMac12,2 model and NVIDIA GTX 480! Also be careful when copy/paste, you may need to replace inadequate spaces with tabs… Prefer the pre-patched version if you are unsure!

<key>Vendor10deDevice06c0</key>
<dict>
    <key>BoostPState</key>
    <array>
        <integer>0</integer>
        <integer>1</integer>
        <integer>2</integer>
        <integer>3</integer>
    </array>
    <key>BoostTime</key>
    <array>
        <integer>3</integer>
        <integer>3</integer>
        <integer>3</integer>
        <integer>3</integer>
    </array>
    <key>Heuristic</key>
    <dict>
        <key>ID</key>
        <integer>0</integer>
        <key>IdleInterval</key>
        <integer>250</integer>
        <key>SensorOption</key>
        <integer>1</integer>
        <key>SensorSampleRate</key>
        <integer>4</integer>
        <key>TargetCount</key>
        <integer>5</integer>
        <key>Threshold_High</key>
        <array>
            <integer>47</integer>
            <integer>75</integer>
            <integer>93</integer>
            <integer>100</integer>
        </array>
        <key>Threshold_Low</key>
        <array>
            <integer>0</integer>
            <integer>72</integer>
            <integer>90</integer>
            <integer>99</integer>
        </array>
    </dict>
    <key>control-id</key>
    <integer>17</integer>
    <key>LogControl</key>
    <integer>0</integer>
</dict>

If you still need the full kext, here it is:

44.4 KB - AppleGraphicsPowerManagement.kext(2).zip

IF YOU ARE UNDER 10.8.3 YOU NEED THIS VERSION OF THE KEXT (you can still patch the original kext manually):

46.3 KB - AppleGraphicsPowerManagement.kext.10.8.3ONLY_FIXED.zip

About iMessage…

HackinTosh computers may have this bad behavior with iMessage, that when you try to sign in to iMessage it fails with an error displaying "Could not sign in to iMessage.". Fortunately "xZeneu LLC" released a module for Chameleon r2181 or newer named FileNVRAM.dylib that fixes this issue (download the 1.1.3 version or newer). Make sure that you have the latest version of Chameleon and put the FileNVRAM.dylib module to your /Extra/modules/ folder. Reboot and enjoy iMessage.

Final thoughts…

[

I'm writing these last lines from my new Mountain Lion OS. I hope you enjoyed this tutorial. Feel free to thank anyone who helped you during this painful task.
Never forget that this hard work was made during my spare time and if you need more help you should ask on hackintosh forums, such as tonymacx86 or InsanelyMac.

As always, feel free to share the knowledge my friends!

OSX Updates:

10.8.1 UPDATE PROCEDURE [ GOOD ] – Update, reboot, enjoy!

1. Either update from App Store or direct link.
2. Use the following updated ExtraThi_v1.1 to boot Mountain Lion, it contains the new OS X Darwin kernel (12.1.0 for MacOS 10.8.1) included in Preboot.dmg.
3. (Optional) Users who have installed Chameleon 2.1 r2048 (previous version of this GUIDE) can upgrade their CHAMELEON bootloader with Chameleon 2.1 r2050 (from source or package).

50.1 MB - ExtraThi_v1.1_10.8.1.zip

10.8.2 UPDATE PROCEDURE [ GOOD ] – Update, reboot, enjoy!

1. Either update from App Store or direct link.
2. Use the following updated ExtraThi_v1.1 to boot Mountain Lion, it contains the new OS X Darwin kernel (12.2.0 for MacOS 10.8.2) included in Preboot.dmg.
3. (Optional) Users who have installed Chameleon 2.1 r2050 (previous version of this GUIDE) can upgrade their CHAMELEON bootloader with Chameleon 2.1 r2060 (from source or package).

50.1 MB - ExtraThi_v1.1_10.8.2.zip

10.8.3 UPDATE PROCEDURE [ GOOD ] – Update, patch, reboot, enjoy!

1. Update using the OS X Mountain Lion Update v10.8.3 (Combo) from direct link.
2. Patch your AppleGraphicsPowerManagement.kext if needed (Apple updated this kext in this 10.8.3 version, so you need to patch it again).
3. Use the following updated ExtraThi_v1.1 to boot Mountain Lion, it contains the new OS X Darwin kernel (12.3.0 for MacOS 10.8.3) included in Preboot.dmg.
4. Users who have installed Chameleon 2.1 r2060 (previous version of this GUIDE) must upgrade their CHAMELEON bootloader with Chameleon 2.2 r2187 or newer version (from source or package).
5. Apply fixes for Audio/USB3.0/Ethernet/iMessage/etc.

38.7 MB - ExtraThi_v1.1_10.8.3.zip

10.8.4 UPDATE PROCEDURE [ GOOD ] – Update, patch, reboot, enjoy!

1. Update using the OS X Mountain Lion Update v10.8.4 (Combo) from direct link.
2. Patch your AppleGraphicsPowerManagement.kext if needed (Apple updated this kext in 10.8.3 version, so you need to patch it again if updating via Combo).
3. Use the following updated ExtraThi_v1.2.1 to boot Mountain Lion, it contains the new OS X Darwin kernel (12.4.0 for MacOS 10.8.4) included in Preboot.dmg.
4. Users who have installed Chameleon 2.1 r2187 (previous version of this GUIDE) should upgrade their CHAMELEON bootloader with Chameleon 2.2 r2189 or newer version (from source or package).
5. Apply fixes for Audio/USB3.0/Ethernet/iMessage/etc.

38.5 MB - ExtraThi_v1.2.1_10.8.4.zip

10.8.5 UPDATE PROCEDURE [ GOOD ] – Update, patch, reboot, enjoy!

1. Update using the OS X Mountain Lion Update v10.8.5 (Combo) from direct link.
2. Patch your AppleGraphicsPowerManagement.kext if needed (Apple updated this kext in 10.8.3 version, so you need to patch it again if updating via Combo).
3. Use the following updated ExtraThi_v1.3 to boot Mountain Lion, it contains the new OS X Darwin kernel (12.5.0 for MacOS 10.8.5) included in Preboot.dmg.
4. Users who have installed Chameleon 2.2 r2189 (previous version of this GUIDE) should upgrade their CHAMELEON bootloader with Chameleon 2.2 r2266 or newer version (from source or package).
5. Apply fixes for Audio/USB3.0/Ethernet/iMessage/etc.

34.1 MB - ExtraThi_v1.3_10.8.5.zip

10.8.5 Supplemental Update 1.0 PROCEDURE [ GOOD ] – Update, patch, reboot, enjoy!

1. Update using the OS X Mountain Lion v10.8.5 Supplemental Update 1.0 from direct link.
2. Patch your AppleGraphicsPowerManagement.kext if needed (Apple updated this kext in 10.8.3 version, so you need to patch it again if updating via Combo).
3. Use the following updated ExtraThi_v1.3.1 to boot Mountain Lion, it contains the new OS X Darwin kernel (12.5.0 for MacOS 10.8.5) included in Preboot.dmg.
4. Users who have installed Chameleon 2.2 r2263 (previous version of this GUIDE) should upgrade their CHAMELEON bootloader with Chameleon 2.2 r2266 or newer version (from source or package).
5. Apply fixes for Audio/USB3.0/Ethernet/iMessage/etc.
6. For Ethernet, you should consider using AppleIntelE1000e.kext v2.4.14.
7. SAPPHIRE HD 6870 4 PORT kext 10.8.5 patched – Install the patched ATI6000Controller.kext (replace the original one provided by Apple) to fix DVI/HDMI outputs of your Sapphire HD6870 Graphics Card. With the original ATI6000Controller.kext only one DVI output is working out of the box.

33.6 MB - ExtraThi_v1.3.1_10.8.5.zip

Please note that after each update Audio/USB3.0/Ethernet/etc. might be broken. Make sure to fix them right after the update.

RAID0 users: After each update do not forget to rebuild your Extensions.mkext!

Related terms:

• 黑苹果
• chameleon hackintosh
• kexts
• hackintosh 10 8 2
• hackintosh chameleon
• chameleon mountain lion
• 10 8 usb boot chameleon
• hackintosh mountain lion 10 8 2
• mountain lion 10 8 2 hackintosh
• hackintosh 10 8 download

John the Ripper into its latest community enhanced version (John the Ripper 1.7.9-jumbo-5) has many advanced features. Most of them are without any doubt very useful and appreciated such as MD5 hash cracking.

Four days to come before Hack In The Box Amsterdam 2012 security conferences. Excitement is at its top level, bags are already packed and the iOS Hacker’s Handbook is left open on the beside table. But, because it is always time for challenges I decided to face one that I had in mind for years…

Cracking a custom hash algorithm and making your own password cracking cluster would be great, wouldn't it? Well, you know what? You can make it with John the Ripper jumbo version.

Updates: (subscribe to my twitter to get notified)

• 11/16/2012 – Note about run/dynamic.conf file. No need to recompile, much easier to edit!
• 11/16/2012 – Note dynamic function names up to 999 are reserved!
• 11/16/2012 – Added “–subformat=LIST” tip.

Prepare salt and pepper sauce… the French Cuisine

Most of the time, hashed passwords are salted and combined with different famous hash algorithms. For example, developers who care a little about security will hash user passwords with different hash algorithm combinations, i.e. sha1(md5($salt.$password)."HelloWorld"). This kind of classic enhanced security to store hashed passwords makes the job harder for password crackers.

First of all the attacker needs to know how passwords were hashed. Reverse engineering is always a good start but the easiest way is to get the sources. The second step and the one I'd like to talk in the first part of this article is to implement and use your own hash algorithm for cracking purpose.

• First go to http://www.openwall.com/john/, and download the latest jumbo “community enhanced” version. When I wrote this article the latest stable release was 1.7.9-jumbo-5.

  $ wget http://www.openwall.com/john/g/john-1.7.9-jumbo-5.tar.gz

$ tar -xvzf john-1.7.9-jumbo-5.tar.gz

• Let's see what we have here…

  $ cd john-1.7.9-jumbo-5/src/

Before changing anything, we'd like to check if it compiles well.

• The make command will list all available compilation modes. This time I'm gonna compile john on MacOS X Lion 10.7.3. Choose the one you prefer…

  john-1.7.9-jumbo-5/src$ make

john-1.7.9-jumbo-5/src$ make macosx-x86-64

• If everything is ok you should see john binaries and configuration files into the run directory.

  john-1.7.9-jumbo-5/src$ cd ../run/

john-1.7.9-jumbo-5/run$ ./john --test

• Now go back to the src directory

  john-1.7.9-jumbo-5/run$ cd ../src/

In the introduction I talked about a custom hash algorithm such as sha1(md5($salt.$password)."HelloWorld"). So let's use this one as example.

Note: A similar procedure can also be applied directly to the run/dynamic.conf file, where you can add your own dynamic functions ([List.Generic:dynamic_XXXX]) without the need to recompile.

What we'll have to modify is dynamic_preloads.c. This is where we can create our custom algorithm under the name of dynamic_1666. Names up to dynamic_999 are reserved, so make sure to use a number which is not already in use by another dynamic function. Use the command ./john -subformat=LIST to check available numbers.

Additionally, you’ll find into this file many examples of classic dynamic subformats such as md5(md5($password)). I advise you to understand by your own how things work before doing anything.

• When you are ready, open dynamic_preloads.c and add these new lines

    //dynamic_1666 --> sha1(md5($s.$p)."HelloWorld") BY THIREUS
    static DYNAMIC_primitive_funcp _Funcs_1666[] =
    {
        DynamicFunc__clean_input,
        DynamicFunc__append_salt,
        DynamicFunc__append_keys,
        DynamicFunc__crypt,
        DynamicFunc__SSEtoX86_switch_output1,
        DynamicFunc__clean_input2,
        DynamicFunc__append_from_last_output_to_input2_as_base16,
        DynamicFunc__append_input2_from_CONST1,
        DynamicFunc__SHA1_crypt_input2_to_output1_FINAL,
        NULL
    };
    static struct fmt_tests _Preloads_1666[] =
    {
        {"$dynamic_1666$e964aa651052d2bbd64aea60756d7705634187f6$admin","password"}, // salt=admin, password=password
        {"$dynamic_1666$4a573951007f7d23eb411c066e2cfb8a175a76d2$123456789","heydude"},
        {"$dynamic_1666$fee9c8708b2e1a177acd350513c14ce0e9900609$salted","test123"},
        {"$dynamic_1666$d8e18f5f1035ce486dd3a08911a4205d78fc7f49$bonjour","awesome"},
        {NULL}
    };
    static DYNAMIC_Constants _Const_1666[] =
    {
        {"HelloWorld"},
        {NULL}
    };
  

If you are curious about how to declare DynamicFunc__ actions and optimise your function, you’ll find all you need in dynamic_parser.c and dynamic_fmt.c files.

• Finally at the end of the  file, we need to specify hashes format

    { "dynamic_1666: sha1($s.md5($p).\"HelloWorld\")", _Funcs_1666,_Preloads_1666,_Const_1666, MGF_SALTED|MGF_SHA1_40_BYTE_FINISH, MGF_NO_FLAG },
  

• Once everything is in place, we have to clean and compile again.

  john-1.7.9-jumbo-5/src$ make clean

john-1.7.9-jumbo-5/src$ make macosx-x86-64

• You should see john binaries and configuration files into the run directory. And you can run the -test option of John the Ripper.

  john-1.7.9-jumbo-5/src$ cd ../run/

john-1.7.9-jumbo-5/run$ ./john --test

New lines should appear to display benchmark scores for your function.

    Benchmarking: dynamic_1666: sha1($s.md5($p)."HelloWorld") [SSE2i 10x4x3]... DONE
    Many salts: 1855K c/s real, 1995K c/s virtual
    Only one salt:  1741K c/s real, 1852K c/s virtual
     
    Benchmarking: dynamic_1666: sha1($s.md5($p)."HelloWorld") [64x2 (MD5_Body)]... DONE
    Many salts: 1373K c/s real, 1509K c/s virtual
    Only one salt:  1283K c/s real, 1410K c/s virtual

• You can also verify that your dynamic function exists with the following command.

  john-1.7.9-jumbo-5/run$ ./john --subformat=LIST

Test fails?

There are many reasons why tests can fail. The main reasons are due to a bad use of the DynamicFunc__ actions, bad order or bad implementation. This will result into a verbose fail of John before starting any tests.
Another common issue, could be that your fmt_tests are broken, meaning bad format for example, this results into a FAILED (valid) error during the tests.
And one last note, if you hash long strings using SSE mode your tests will automatically fail! That's the reason why you have to switch between SSE and X86 mode using functions such as DynamicFunc__ToX86 or DynamicFunc__SSEtoX86_switch_output1.

• You should now be ready to crack these passwords.

    lydia:$dynamic_1666$72d4d61b4e5db9ef8704d1af81284c67eea640dd$skyrim
    admin:$dynamic_1666$70ea6b7f633305f04521683226ecabd0537e90ec$example.com
    user123:$dynamic_1666$907c7df1d7e349e98184d74fb7486c77eaf76d60$example.com
    Thireus:$dynamic_1666$e41c041fda28b3615b63acddb6407cf74b354d66$CestLaFeteAlouette
  

• Put them into a hash.txt file, and crack them all.

  john-1.7.9-jumbo-5/run$ ./john hash.txt

Step by step instructions for grilling the perfect steak… with MPI enabled barbecue

A few months ago I wrote an article that explains how to compile John the Ripper with OpenMP enabled to take advantage of multiple cores: Crack Passwords using John the Ripper with Multiple CPU Cores (OpenMP). OpenMP is good for algorithms such as DES which can be used by default with this awesome feature. The downside is that not all algorithms are compatible with OpenMP, such as MD5 or SHA1. Fortunately, we can use the MPI (Message Passing Interface) feature of John the Ripper to take advantage of all our CPU cores with any algorithm!

Before going any further, some packages are required. You have to install OpenMPI.

1. Under MacOS you can do it via MacPorts using the sudo port install openmpi command.
2. Under Linux you can get everything with sudo apt-get install libopenmpi-dev openmpi-bin openmpi-doc.

Make sure your have the mpirun command available.

• Now what you have to do is to open John's Makefile and edit two lines.

  $ cd john-1.7.9-jumbo-5/src/

john-1.7.9-jumbo-5/src$ nano Makefile

• Locate the following lines.

    #CC = mpicc -DHAVE_MPI -DJOHN_MPI_BARRIER -DJOHN_MPI_ABORT
    #MPIOBJ = john-mpi.o
  

• Uncomment MPI flags.

    CC = mpicc -DHAVE_MPI -DJOHN_MPI_BARRIER -DJOHN_MPI_ABORT
    MPIOBJ = john-mpi.o
  

• Once everything is in place, we have to clean and compile again.

  john-1.7.9-jumbo-5/src$ make clean

john-1.7.9-jumbo-5/src$ make macosx-x86-64

Under Linux, compilation should work out of the box. Under MacOS users will face this issue:

    john-mpi.c:6:10: fatal error: 'omp.h' file not found
    #include <omp.h>
             ^
    1 error generated.
    make[1]: *** [john-mpi.o] Error 1
    make: *** [macosx-x86-64] Error 2

To fix it, just open the john-mpi.c file and comment the omp.h file inclusion (which is not needed and must not be used under MacOS X).

    #include "john-mpi.h"
    #include <string.h>
    #include <stdio.h>
    #include <stdlib.h>
    #include <unistd.h>
    //#include <omp.h>

Now it should compile and run fine with mpirun.

john-1.7.9-jumbo-5/run$ mpirun -n 8 ./john hash.txt

You need to adjust the number of cores depending on your CPU. With the previous command the work is now split in 8 sub-processes, one per core on my i7-8600K. Isn’t that great?

Warning: Once the number of cores is fixed for a session, don’t change it unless you know what you are doing. Because for sure it can break your work.

Note that you can use sessions, and similar options that can be associated with mpirun. For example, if you want to know the state of a session:

john-1.7.9-jumbo-5/run$ mpirun -n 8 ./john --status=mysavedsession

The John instances will read all the mysavedsession.%d.rec, where %d is a number between 0 and 7 in our case. Also, sessions are saved every 10 minutes, so don't be scared if the status command displays null stats for the first 10 minutes.

Cook some French fries for your steak

So you have many computers in your room, and want to take advantage of all CPUs? As promised, I'll talk about clustering here for advanced users only.

Before going any further, some packages are required. You have to install OpenMPI and mpich2.

1. Under MacOS you can do it via MacPorts using the sudo port install openmpi mpich2 command.
2. Under Linux you can get everything with sudo apt-get install libopenmpi-dev openmpi-bin openmpi-doc mpich2.

Make sure your have the mpirun command available and hydra_pmi_proxy.

hydra_pmi_proxy is the binary file which is used to talk between computers. It is located under /opt/local/bin/hydra_pmi_proxy on MacOS X and /usr/local/bin/hydra_pmi_proxy under Linux.

What you need to know now is that any systems must run the same John the Ripper version, in the same directory and use the same version of mpich2. If this is not the case you can manually compile and install mpich2 and also create symbolic links with ln -s command.

For example, to talk between MacOS and Linux I had to make sure hydra_pmi_proxy can be reached via the same path on both systems.

ln -s /usr/local/bin/hydra_pmi_proxy /opt/local/bin/hydra_pmi_proxy

Now that all your computers are ready, make sure you can reach them using ssh, because this is how MPI messages are going to be transmitted. So, I advice you to create SSH key pairs. Once done, create a nodes.txt file, containing the list of ip addresses of the computers you want to use.

toto@192.168.1.145
localhost
localhost
localhost
localhost
mike@192.168.4.12
mike@192.168.4.12
mike@192.168.4.12
mike@192.168.4.12
192.168.5.5
192.168.5.5
paul@mydomain.com
paul@mydomain.com

You can now use this file to invoke commands on other systems. Let’s start with john-1.7.9-jumbo-5/run/john –test:

mpirun -f nodes.txt -n 18 john-1.7.9-jumbo-5/run/john --test

You may have noticed that I'm not using 18 instances (for 18 CPU cores). Because once the end of the nodes.txt file is reached, mpirun will start reading the list again from the beginning of the file, making a loop.
toto@192.168.1.145 will thus be used twice, as well as the four localhost entries.

You should now be ready to play with your own password cracking cluster!

Ready to serve. Bon appétit !

Related terms:

• hydra_pmi_proxy
• open mp mulithread sha1
• omp h file not found
• john the ripper 1 7 9 openmpi
• crash recovery file is locked john the ripper
• mpi password cracker
• mpich2 john the ripper
• mpirun hashcat
• mpirun john the ripper

The famous Linux-based penetration testing arsenal can run in VirtualBox. However, some tricks are needed to have the latest version fully functional with VirtualBox.

For the ST’HACK Ethical Hacking Contest tonight in Bordeaux (France), all tools must be ready before the battle begins. MacBooks are armed, scripts are ready to be launched and beers are waiting in the fridge. During the preparation, BackTrack 5 R2 was installed on every teammate computers.

VirtualBox is of course the most suitable virtualization solution to run BackTrack. Unfortunately, with this latest version of BackTrack, the VirtualBox Guest Additions cannot be installed on a fresh new install. Fortunately, after some modifications everything can be fixed to compile these additions for the 3.2.6 Linux Kernel of BackTrack 5 R2.

Edit: VirtualBox Guest Additions solution updated with new fixes.

Download and Install

• BackTrack: http://www.backtrack-linux.org/downloads/
• VirtualBox + Oracle VM Extension Pack: https://www.virtualbox.org/wiki/Downloads

If you want support for USB 2.0 devices you must download and install Oracle VM Extension Pack for VirtualBox!

I will not describe the steps to install BackTrack on VirtualBox. A lot of tutorials can be found on the Internet to upgrade to BackTrack 5 R2 or to make a fresh install.

You can find bellow some screenshots about the VirtualBox configuration for my MacBook Air i7 1.8Ghz.

[ [

[ [

Issue #1 (solved): USB device descriptor error

usb 1-1: Device descriptor read/8, error -110 usb 1-1: Device descriptor read/64, error -110

Solution

The number of Processor for the Guest OS must be set to 1 or eventually 2… For example, my MacBook Air has a Core i7 inside, multithreading displays 4 virtual cores. So, I have to set a maximum of 2 cores to BackTrack VM Guest to fix this issue. (Even if the recommended number of cores VirtualBox displays is 4).

Issue #2 (solved): VirtualBox Guest Additions

After a fresh new install of BackTrack 5 R2, you should have no issues installing VirtualBox Guest Additions… So, before applying these patches, make sure the installation of VirtualBox Guest Additions fails.

After upgrading from an old version of BackTrack to BackTrack 5 R2, you can face some issues during the installation of the VirtualBox Guest Additions. These two kinds of errors can occur and lead to a vboxguest kernel extension impossible to load.

The headers for the current running kernel were not found. If the following module compilation fails then this could be the reason.

and

Building the main Guest Additions module ...fail! (Look at /var/log/vboxadd-install.log to find out what went wrong)

Both issues will result in:

Starting the VirtualBox Guest Additions ...fail! (modprobe vboxguest failed)

Solution

apt-get install linux-headers-$(uname -r) linux-headers xserver-xorg xserver-xorg-core file-roller # file-roller not needed
cd /usr/src/
tar jxf /usr/src/linux-source-3.2.6.tar.bz2
rm /usr/src/linux
ln -s /usr/src/linux-source-3.2.6 /usr/src/linux
rm /usr/src/linux-headers-3.2.6/include/asm
ln -s /usr/src/linux-source-3.2.6/arch/x86/include/asm /usr/src/linux-headers-3.2.6/include/asm
ln -s /usr/src/linux-headers-3.2.6 /lib/modules/3.2.6/build
ln -s /usr/src/linux-source-3.2.6/arch/x86/Makefile_32.cpu /usr/src/linux-headers-3.2.6/arch/x86/Makefile_32.cpu # Solution required for BackTrack x86 version by SphaZ

Make sure you have linux-source-3.2.6.tar.bz2 inside your /usr/src/ directory… Just in case you need it:

[wpfilebase tag=file id=28]

Ready to install the VBOXADDITIONS

Verifying archive integrity... All good.
Uncompressing VirtualBox 4.1.10 Guest Additions for Linux..........
VirtualBox Guest Additions installer
Removing installed version 4.1.10 of VirtualBox Guest Additions...
tar: Record size = 8 blocks
Removing existing VirtualBox DKMS kernel modules ...done.
Removing existing VirtualBox non-DKMS kernel modules ...done.
Building the VirtualBox Guest Additions kernel modules
Building the main Guest Additions module ...done.
Building the shared folder support module ...done.
Building the OpenGL support module ...done.
Doing non-kernel setup of the Guest Additions ...done.
You should restart your guest to make sure the new modules are actually used
Installing the Window System drivers
Installing X.Org Server 1.7 modules ...done.
Setting up the Window System to use the Guest Additions ...done.
You may need to restart the hal service and the Window System (or just restart
the guest system) to enable the Guest Additions.
Installing graphics libraries and desktop services components ...done.

Good job, now reboot and enjoy adaptative screen resolution, smooth mouse moves, folder sharing and copy/paste from Host to Guest and vis versa.

[

Related terms:

• backtrack virtualbox
• Error! Bad return status for module build on kernel: 3 2 6 (i686)
• /var/log/vboxadd-install log
• backtrack macbook air
• backtrack 5 virtualbox
• backtrack 5 r2 virtualbox guest additions
• error! bad return status for module build on kernel: 3 2 6 (x86_64)
• backtrack virtualbox guest additions
• backtrack on macbook air (35)
• backtrack 5 virtualbox guest additions

Unigine Heaven 3.0 is out for MacOS X. We finally have a good 3D benchmark software on Mac!

You can download Unigine Heaven from this page: https://unigine.com/products/heaven/download/. Downloads are available for Windows, Linux and now OSX!

Today I benchmarked my NVIDIA ENGTX480 and AMD HD6870 graphics cards. These two powerful graphics cards (PassMark High End Video Card Chart) are plugged to my HackinTosh build and connected to two different Full HD 1080p screens. Let’s see how each card deals with Unigine Heaven 3.0 at Maximum Settings!

Edit: The first results uploaded to this article were wrong. Have a look at the “Bad Results” section to know more why.

Unigine Heaven for OSX

First of all, under MacOS X there is no DirectX. So, Unigine Heaven 3.0 uses the OpenGL API, which is one of the best way to 3D bench your GPU.

[![Uningine Heaven 3.0 Baom/img/uningine-heaven-3-0-basic-edition-macos-x.png)

This is how the main menu looks like… I pushed all settings to the maximum (except Stereo 3D because I don’t have 3D glasses).

https://www.youtube.com/watch?v=iwlY_1-hmCA

We clearly see that two OSX applications can be executed at the same time and have their own dedicated GPU and screen.

About the HackinTosh build…

Let’s see what we have here…

• CPU: Intel – Processeur – Intel Core i7 2600K / 3,4 GHz – LGA1155 Socket – L3 8 Mo
• RAM: G.Skill Kit Extreme3 2 x 4 Go PC15000 Sniper CAS 9
• MotherBoard: ASUS SABERTOOTH P67 (rev. B3) – Socket 1155 – Chipset P67 – ATX
• GPU: SAPPHIRE ATI Radeon HD6870 Toxic | 1024 Mo DDR5 – PCI Express – DUAL DVI / HDMI / mini DP
• GPU: ASUS ENGTX480/2DI/1536MD5 GeForce GTX 480 (Fermi) 1536MB 384-bit GDDR5 PCI Express 2.0 x16 HDCP Ready SLI Support Video Card
• Power Supply: OCZ Z Series Gold OCZZ1000M 1000W
• CPU Cooler: COOLER MASTER HYPER 212 PLUS
• Case: Lian Li PC-K63

Nothing extreme, just a common HackinTosh build with two graphics cards in it.

[![Graphics/Display OSX 1om/img/graphicsdisplay-2xgpu.png)

Benchmark Results!

I have benchmarked both NVIDIA ENGTX480 and AMD HD6870 graphics cards with Unigine Heaven 3.0.. The results are very good for the NVIDIA card, but poor for the AMD card with maximum settings.

Default Settings :

[![NVIDIA ENGTX480 Uniginom/img/nvidia-engtx480-unigine-heaven-3-0-63-4-fps-default-settings.png) [![AMD HD6870 Unigine Heaom/img/amd-hd6870-unigine-heaven-3-0-56-9-fps-default-settings.png)

Maximum Settings :

[![NVIDIA ENGTX480 Uniginom/img/nvidia-engtx480-unigine-heaven-3-0-47-1-fps.png) [![AMD HD6870 Unigine Heaom/img/amd-hd6870-unigine-heaven-3-0-40-7-fps.png)

Bad Results?

The first time I benchmarked my AMD HD6870, results were very bad… My uptime was about 24 hours. So, I restarted the hackintosh with a fresh boot, and everything went fine after that for the AMD card. NVIDIA ENGTX480 results were good.

I have noticed that my AMD HD6870 graphics card performance degrades over time. This is a known issue (other AMD GPU owners have the same issue within the HackinTosh community).

If you face the same issue, I advise you to reboot first, it is always better to benchmark after a fresh boot. Then check if you have the latest Kernel version and the latest Kexts for your video card (www.osx86.net is a good place to find these stuff).

Conclusion

Both graphics cards are very good and run well under MacOS X 10.7.3. The NVIDIA card is very tricky to install under MacOS X Lion (and a lot more under Snow Leopard 10.6), but once you get all things done it’s just a real pleasure working with it. The AMD HD6870 works out of the box under MacOS X Lion, everything is fluid, no freezes, no KP at all, but the results are here, this card is less powerful.

I’m planing to write another article regarding CUDA, PhysX, OpenCL, OpenGL benches, and the advantages to have two powerful graphics cards (AMD + NVIDIA) into your HackinTosh. I keep you in touch on twitter.

One last thing, those who own a GTX480 and are frustrated with lags but can’t wait for my next article… here’s a little gift for you (only works if your HackinTosh model is iMac12,2).

My AGPM.kext GTX480 iMac12,2 10.7.3:

68.9 KB - AppleGraphicsPowerManagement.kext.zip

Related terms:

• 3d benchmark mac
• mac 3d benchmark
• osx 3d benchmark
• 3d benchmark for mac
• 3d benchmark mac os x
• AppleGraphicsPowerManagement kext
• 3d benchmark osx
• mac 3d benchmark software
• gtx 480 hackintosh
• hackintosh benchmark

JailBreaking is easy, but you can face many issues before and after the process. Let’s see how to fix some of them…

It was friday night, I was playing with my old iOS 5.0.1 JailBroken 3GS device, and did something nasty installing bad Cydia packages. My iPhone never booted up again after this. It was completely down, frozen and stuck on the Apple boot logo. Backups were too old, this time I knew I had to make a fresh new install of my iOS device.

This article will not describe how to jailbreak your iPhone. iClarified has very nice and easy tutorials for beginners to JailBreak your iOS devices. This article can help you to fix the following issues:

• Restoration fails on iTunes before starting anything on your iOS device.
• Restoration hangs on iTunes at 99% of the restoration process.
• Activating iOS location service causes dropped signal and WiFi loss.
• No Push notifications.
• Downgrade BaseBand 06.15.00 to 05.13.04.

So, let me present your here some big issues I faced during the iOS 5.0.1 JailBreak process using redsn0w on MacOS 10.7.2 for my iPhone 3GS (iPad baseband 06.15.00). Most of them were easy to solve, but good solutions are hard to find on the Web. I found some using my brain and others after seeking for a while on various JailBreak forums.

Issue #1 (Before JailBreak, solved): Restoration fails on iTunes before starting anything on your iOS device.

This issue is most of the cases related to your network configuration. Apple needs to check before any restoration process if the firmware (.ipsw) you use is valid. If your firewall blocks these requests, the restoration process cannot begin.

The easiest solution is to temporarily deactivate your firewalls and rename your hosts file.

sudo mv /etc/hosts /etc/hosts.jailbreak.bak

After the JailBreak, do not forget to reactivate your firewalls and move back your backed up hosts file.

sudo mv /etc/hosts.jailbreak.bak /etc/hosts

If you wish to leave your firewall and hosts file in place, simply make sure that “gs.apple.com” is not blocked.

Issue #2 (Before JailBreak, solved): Restoration hangs on iTunes at 99% of the restoration process.

This is due to a USB communication issue. iTunes is waiting for your iOS device to be plugged in your Mac. However, this never happens because your iOS device is already plugged in and awaits for iTunes' next instructions.

There are many solutions to fix this. The easiest and fastest I’ve found is to launch DiskAid. This software will catch your iOS device's USB communication, and provide it back to iTunes quickly. So iTunes will display a “Connection Failed” error but will immediately retry and submit the final instructions to your iOS device.

Watch this video if you are unsure about what to do: https://www.youtube.com/watch?v=MscLL_tkSww

Note that you cannot simply unplug and plug again your iOS device. Which will cause your iPhone to be stuck and you will need to restore it once again.

Issue #3 (After JailBreak, solved): Activating iOS location service causes dropped signal and WiFi loss.

This issue is due to a bad hacktivation. You will need to deactivate and re-activate your iOS device using SAM.

1. First turn off location service.
2. Use Cydia to install SAM even if you have activated with official SIM card. SAM is available on the Cydia repository http://repo.bingner.com.
3. De-activate your iOS device with SAM.
4. Re-run redsn0w with nothing checked (meaning uncheck Cydia installation checkbox). redsn0w will hacktivate and apply the fix during hacktivation.
5. Go back to SAM after your iOS device booted up. Press “Revert Lockdownd to Stock”.
6. Re-activate your iOS device with iTunes and official SIM or reactivate with SAM.
7. Turn on location service, and check if the issue is gone (i.e. use the Map application for at least 30 seconds with location activated).

If this fails, do not hesitate to reboot your iOS device and repeat these steps until your iOS device is correctly activated. It took me maybe 3 or 4 activations via iTunes to finally have my iPhone activated and working correctly with the location service.

Issue #4 (After JailBreak, solved): No Push notifications.

To fix push notifications, you can find some packages on Cydia. This issue is also related to bad certificates received during the activation process.

If you want to know if Push is working, there is a simple free application on the App Store called iPusher.

You can either fix the Push notifications using the correct Cydia Packages (type “fix push” in Cydia). Or use SAM once more (better solution).

1. Use Cydia to install SAM even if you have activated your device using an official SIM card. SAM is available on the Cydia repository http://repo.bingner.com.
2. Open SAM. Press “Revert Lockdownd to Stock”.
3. Press the “De-activate (clear Push)” button with SAM.
4. Re-activate your iOS device with iTunes and official SIM or reactivate with SAM.

Note: There is a very great and illustrated tutorial to fix this issue using SAM on addictivetips.

You may also need to remove then reinstall all your applications that use Push notifications.

Issue #5 (After JailBreak, solved): Twitter Notifications not working.

FaceBook notifications are working great after applying “Issue #4” fix. But Twitter is completely quiet. I’m still investigating this issue… but it's maybe due to the low activity of my Twitter account.

Edit: Twitter Push notifications are working when someone mentions you in a tweet.

Issue #6 (iOS 5.0.1 only, solved): PAC proxy ignored by Safari.

Under iOS 5.0.1, Safari ignores locally stored .pac proxy configuration.

This is a new restriction also impacting Safari 5.1 under MacOS.

Two solutions:

• You can either, run a local server on your iOS device, so you can access your proxy configuration via http://localhost:7276/myproxy.pac (127.0.0.1 will not work, prefer using localhost hostname). Configure your network to use this URL instead of the local file:///private/var/mobile/pacdir/myproxy.pac address you used to have into the “Auto Configuration” field of your network proxy settings.
• Or you can host your file on an Internet-accessible server. If some people are in need, I can host .pac files here. Just ask.

I don’t know yet which one of these two solutions is best. But, I think it is better to keep everything on the device.

Here is a quick Perl http proxy script (based on sburke black hole http server) that will let you access your local myproxy.pac via http://localhost:7276/*:

#!/usr/bin/perl
# Time-stamp: "2005-08-19 01:17:45 ADT"
#
# desc{    pac http proxy server    }    sburke@cpan.org
#
 
use strict;
use IO::Socket qw(:DEFAULT :crlf);
use constant MY_PORT => 7276;
use constant DEBUG => 1;
 
my $pac_file_type = 'application/x-ns-proxy-autoconfig';
my $pac_file = "myproxy.pac";
 
my $no_bytes = (stat ($pac_file))[7];
 
print $pac_file;
 
{
    if(open(IN, "<$pac_file")) {
    local $/;
    $pac_file = join '',
      "HTTP/1.1 200 OK", CRLF, "Content-Length: ", $no_bytes, CRLF,
      "Content-Type: ", $pac_file_type, CRLF, CRLF,
      <IN>;
    close(IN);
    }
}
#-----------------------------------------------------------------------------
 
my $quit = 0;
$SIG{'INT'} = sub {$quit = 1};
 
my $sock = IO::Socket::INET->new(
  Listen => 20,        LocalPort => shift(@ARGV)|| MY_PORT,
  Timeout => 60 * 60,  Reuse => 1,
) or die "Can't create listening socket: $!\n";
 
DEBUG and warn "Waiting for connections...\n";
 
my($session, $peer, $port);
while(!$quit) {
  next unless my $session = $sock->accept;
  if(DEBUG) {
    $peer = gethostbyaddr($session->peeraddr, AF_INET) || $session->peerhost;
    $port = $session->peerport;
    warn "Connection from [$peer\n,$port] at ", scalar(localtime), "\n";
  }
 
  #select($session);
  #++$|;
  #select(STDOUT);
 
  print $session $pac_file;
  close($session);
  DEBUG and print " (Closed)\n";
}
 
DEBUG and print STDERR "Byebye\n";
close($sock);
exit 0;

You might also be insterested by the following thread: How To Get Socks Proxy + SSH Tunneling To Work On A Jailbroken iPhone/iPod Touch/iPad. I’ll pack everything and try to make things easier to use and configure.

Issue #7 (BB 06.15.00 only, solved): GPS Fix, Signal Issues Fix.

This solution is for iPhone 3 and 3GS owners who upgraded their baseband to the iPad BaseBand 06.15.00 (in order to unlock their iPhone with ultrasn0w). Unfortunately, upgrading to the 06.15.00 breaks the iPhone’s GPS feature and is the source of many signal issues.

Fortunately MuscleNerd released a solution which is now integrated with redsn0w. iPhone users can downgrade from 06.15 to 05.13.04. The 05.13.04 BaseBand version is unlockable with ultrasn0w.

https://twitter.com/MuscleNerd/status/214626056211140609

The full tutorial to downgrade from 06.15 is available on iClarified.

Final thoughts…

Thanks to anyone who worked hard on these fixes. A big thank to the Dev-Team for their tools and efforts with the JailBreak.

My JailBroken and unlocked iPhone 3GS is now fully functional. I hope I helped some of you.

Don't hesitate to post comments for any questions or suggestions.

Related terms:

• ipusher
• ipusher cydia
• ipusher repo
• ipusher cydia source
• 06 15 00 gps fix
• ошибка в ipusher
• 06 15 00
• loss of signal in cellphone because of jailbreak
• my iphone 3gs jailbreak process complete but sim card network not catch

Create your own free and secure DropBox with SparkleShare!

SparkleShare is a free and Open Source alternative to the famous DropBox service, which allows users to upload and store files in the cloud. You can download this utility (currently supported for MacOS, Linux and Android) from sparkleshare.org.

SparkleShare has the advantage to let you use your own configured GIT server where your files will be hosted. This main characteristic is important for those who do not want to pay for extra online storage space and for those who are concerned about cloud privacy. But, if you do not own any server, SparkleShare can also be configured to use Bitbucket.org, Github.com or Gitorious.org.

Today I’m gonna show you how to setup a private and ultra secure SparkleShare box.

Those who want to setup their own GIT server will find a quick and ultra easy tutorial on this page (“Setting up a host” section): http://sparkleshare.org/

Basically the server setup is as follow (you must be root):

apt-get install git
adduser --disabled-password git # Creates a new user 'git'
cd /home/git
git init --bare MyProject # Creates the GIT repository directory /home/git/MyProject
mkdir .ssh

Now you can store all client ssh public keys, so that clients can login with the ‘git’ user and access your GIT repository.

nano .ssh/authorized_keys # This is where you must store your client ssh public key

Once edited, you have to fix permissions:

chmod 700 .ssh
chmod 600 .ssh/authorized_keys
chown -R git.git .

Your server is now configured. That was easy, heh?

Now the client side:

First make sure you have git installed and that you can connect to your host server!

$ whereis git

/usr/bin/git

$ git --version

git version 1.7.5.4

If you are under MacOS and do not have git installed, I recommend to install it via MacPort, you can also read this tutorial http://matthew.mceachen.us/blog/installing-git-with-macports-197.html. If you do not have MacPort and do not want to install it, you can alternatively get it here: https://code.google.com/p/git-osx-installer/downloads/list?can=3.

You are now ready to use SparkleShare. Download it from sparkleshare.org and configure it.

Hit the Add button and that’s it! You should now see into your home directory a new folder called SparkleShare containing all your projects.

How to setup a client side encryption for hosted files?

This is the most interesting part of this article. I’m going to explain how to use a client side encryption system so that nobody can know what you are hosting on the cloud. This tip can be applied to any existing Cloud platforms (DropBox, iCloud, Amazon, etc.) and not only SparkleShare.

Let’s use encfs, which is a tool that creates two linked folders. The first folder is the encrypted side, and the other one the unencrypted directory in which you will drop the files you want to encrypt.

First you have to install encfs:

• On Linux you can perform an apt-get install encfs.
• On MacOS you have to follow these instructions: http://blog.boxcryptor.com/encfs-174-installer-for-mac-os-x-available.

Once installed check which version of encfs you are using (all clients must use the same version! This is very important).

$ encfs --version

encfs version 1.7.4

Ok, you are now ready to create your encrypted folder using encfs, prefer the use of "paranoia mode". This procedure must be performed once only using your first client which will be configured to use this folder. The directory “~/SparkleShare_Unencrypted_folder” is the unencrypted side, so do not put it inside your SparkleShare box!

$encfs ~/SparkleShare/MyProject/secure_folder ~/SparkleShare_Unencrypted_folder

Creating new encrypted volume.
Please choose from one of the following options:
 enter "x" for expert configuration mode,
 enter "p" for pre-configured paranoia mode,
 anything else, or an empty line will select standard mode.
?>p
[...]

Great, now to mount your directory this is the same command. So we can create a script that does the job automatically:

nano encfs

#!/bin/sh
encfs ~/SparkleShare/MyProject/secure_folder ~/SparkleShare_Unencrypted_folder

chmod u+x ./encfs

To umount the unencrypted folder you must use fusermount:

fusermount -u ~/SparkleShare_Unencrypted_folder

If you want to configure another client which will use the same encrypted folder, this mount script should be enough. The encfs configuration file is located inside the encrypted SparkleShare folder you've just configured “./SparkleShare/MyProject/secure_folder/.encfs6.xml”. The use of the same encfs version for all clients is required because of this configuration file!

One last thing…

If you want to free some space by removing old removed file revisions on your server, execute the following script at the root directory of your repository on the server side:

#!/bin/bash
set -o errexit
 
# Author: David Underhill
# Script to permanently delete files/folders from your git repository.  To use
# it, cd to your repository's root and then run the script with a list of paths
# you want to delete, e.g., git-delete-history path1 path2
 
if [ $# -eq 0 ]; then
    exit 0
fi
 
# make sure we're at the root of git repo
if [ ! -d .git ]; then
    echo "Error: must run this script from the root of a git repository"
    exit 1
fi
 
# remove all paths passed as arguments from the history of the repo
files=$@
git filter-branch --index-filter "git rm -rf --cached --ignore-unmatch $files" HEAD
 
# remove the temporary history git-filter-branch otherwise leaves behind for a long time
rm -rf .git/refs/original/ && git reflog expire --all &&  git gc --aggressive --prune

Happy Sparkling!

Related terms:

• dropbox alternative 2012
• sparkleshare tutorial
• sparkleshare bitbucket
• alternative dropbox client
• sparkleshare
• open source dropbox client
• dropbox alternative
• how to use sparkleshare
• dropbox alternative client
• dropbox alternative git

John the Ripper is a fast and famous password cracker.

John can break many password hashes, but one of the primary missing feature was the CPU multiple core support. But today, John the Ripper 1.7.9 supports OpenMP which brings Multi-Processing. Of course this feature was present on some patched versions of John, but since the 1.7.9 version it is officially integrated.

One of the best platform on which you should use John the Ripper is UNIX, I personally prefer running john on Debian x86_64.

Let’s try some simple steps to enable and illustrate the new feature

• First go to http://www.openwall.com/john/, and download the latest version. When I write this article the latest stable release was 1.7.9.

$ wget http://www.openwall.com/john/g/john-1.7.9.tar.gz

$ tar -xvzf john-1.7.9.tar.gz

• Now let’s make some changes inside the Makefile to enable the use of OpenMP

$ cd john-1.7.9/src/

john-1.7.9/src$ nano Makefile

• Locate the following lines:

    # gcc with OpenMP
    #OMPFLAGS = -fopenmp
    #OMPFLAGS = -fopenmp -msse2
  

• Uncomment OMPFLAGS

    # gcc with OpenMP
    OMPFLAGS = -fopenmp
    OMPFLAGS = -fopenmp -msse2
  

• Before compiling john, make sure you have gcc installed! Now, let’s compile john.

john-1.7.9/src$ make

This command will list all the systems where john can be compiled on. So, because I’m running Debian x86_64, I will choose linux-x86-64.

john-1.7.9/src$ make linux-x86-64

John should be located in the ../run folder.

• Let’s try John

john-1.7.9/src$ cd ../run/

john-1.7.9/run$ ./john --test

Some benches should appear…

    Benchmarking: Traditional DES [128/128 BS SSE2-16]... DONE
    Many salts: 7651K c/s real, 3872K c/s virtual
    Only one salt:  6876K c/s real, 3487K c/s virtual

At this stage, John should now use all your CPU cores.

• Now let’s do something fun, if you want John to use a certain amount of cores you can adjust it with the environment variable OMP_NUM_THREADS:

john-1.7.9/run$ OMP_NUM_THREADS=1 ./john --test

    Benchmarking: Traditional DES [128/128 BS SSE2-16]... DONE
    Many salts: 3982K c/s real, 3990K c/s virtual
    Only one salt:  3770K c/s real, 3770K c/s virtual

As you can see, this bench is twice slower than the previous one. That's because I requested OpenMP to use only one core on my dual-core CPU.

Feel free to adjust the number of cores you want to use with OMP_NUM_THREADS.

Three other quick tips regarding John the Ripper

• Restore your previous job in background

./john --restore &> /dev/null &

• Get the status for the current task

./john --status

• Display the plain passwords (cracked hashes)

./john --show hash_file

Let’s see if you can crack some of my UNIX accounts

baby:$6$rc7o1BLw$Qsl9hnQx7W3C3KDagDkWXAXDx0vDWqwM0BOOeQyotXzCvUs6DeijTp3zBsbjCw4ou2OoJXKf6qNC5pEGEsjZF/
mat:$6$Ajsi.AJy$GdZ3iGYzaUk.NoTkGrSpTotskDyg3FIrBMjya7un.WE4r.P/RdhwRb2e6mmdJWZrLHgNuCc1CUEVtj5l4qVec1
milou:$6$UYj2H.Jq$ChyawjKf3XQVftrVpnDEsFFph1P0pElDv3GuBXXTy2ICbB3oVE/6mhyo3poCD532B03fYMSWgR3D7E.qFyXnk/
superman:$6$8HZYSst1$F/8U5nPD9grY/kaC3jWVZcqdawRsa3t9PKKWSI6MZwR9T2vCs8jxWajx7vYcHtSPe0FbIf8LnMDJESTrmaAx7.
toto:$6$Mzwiuppo$4aSvxLcbDD7hhnWj9vr9js7/VZ5hNhrq/b07PVfMc9Y4SeNMNtHci8XYUTAxF7c3qv3uHqByKzdFPAV3KBBog0
master:$6$Jyv/bLLH$wC1eBBFpPclSwNuS5Lkj1ciqZCtO4d/FQ/8RuWrHRejvAZSn4zSmGDaTYwwgOofytlhwTHD8vE3QuqRYmFdKj0

Have fun with my friend John!

Related terms:

• john the ripper multicore
• john the ripper multi core
• john the ripper multithreaded
• john the ripper multithread
• john the ripper multiple cores
• john openmp
• john the ripper openmp
• john the ripper dual core
• jtr openmp

Current WordLists Release : 20111129

I have created some lists of words based on common web directory and file names. These wordlists are for Web security testing purpose.

CHANGELOG:

• 29/11/11: 20111129 More words, more fun. Updated with some fresh new critical words.
• 28/11/11: 20111128 Updated and cleaned Extra/Crazy words. WordLists are smaller and better.
• 27/11/11: 20111127 Initial release.

![](https://blog.thireus

736.9 KB - WordLists-20111129.zip

Most of you might already know that hidden does not mean secure nor unreachable. I tried to include a maximum of sensitive filenames and directories in these auto-generated wordlists. I’ll try to update these files from time to time.

Quick description:

• All = Common + Extra + Crazy
• Common = Very frequently used words ONLY
• Extra = Some extra words for lucky and patient people (does not contain Common nor Crazy wordlists)
• Crazy = Extremely rare words ONLY (does not contain Extra nor Common wordlists)

I invite you to try the excellent w3bfukk0r forced browsing tool from http://www.ngolde.de/w3bfukk0r.html.

w3bfukk0r – scan webservers for hidden directories (forced browsing)

w3bfukk0r is a forced browsing tool, it basically scans webservers (HTTP/HTTPS) for a directory by using HTTP HEAD command and brute force mechanism based on a word list.

Have fun my friends!

Related terms:

• common directory names
• common directories
• directory wordlist
• common web directories
• filenames zip wordlist