Seguridad en sistemas operativos

Manuel Urueña

Las contraseñas en Windows 7, 8, 10

Universidad Internacional de La Rioja

Contraseñas en Windows
Windows almacena las contraseñas en el fichero SAM (Security Accounts Manager):
Máquinas locales: %SystemRoot%\system32\config\sam
Controladores de dominio: %SystemRoot%\ntds\ntds.dit
Las contraseñas no se almacenan “en claro”:
► Hashes LM | Hashes NTLM | Tickets Kerberos …

In the case of online attacks, it is not possible to simply copy the SAM
file to another location. The SAM file cannot be moved or copied while
Windows is running, since the Windows kernel obtains and keeps an
exclusive filesystem lock on the SAM file, and will not release that lock
until the operating system has shut down or a "Blue Screen of Death"
exception has been thrown. However, the in-memory copy of the
contents of the SAM can be dumped using various techniques
(including pwdump), making the password hashes available for offline
brute-force attack.

Syskey is a utility that encrypts the hashed password information in a SAM database in a Windows
system using a 128-bit RC4 encryption key that, by default, is stored in the Windows registry. Syskey can
optionally be configured to require the user to enter the key at boot time as a startup password or load it
on removable storage media (e.g., USB flash drive).

http://unaaldia.hispasec.com/2008/04/mitos-y-leyendas-las-contrasenas-en.html
https://en.wikipedia.org/wiki/Syskey | https://en.wikipedia.org/wiki/Security_Account_Manager

2
Lan Manager (LM)
https://en.wikipedia.org/wiki/LAN_Manager

¿Contraseña de ≤ 14 carácteres?
► ¡NO! 2 contraseñas de 7 carácteres en mayúsculas
► 14 bytes de contraseña de longitud fija
► Se crean dos DES cada uno con 7 bytes

3
NT LAN Manager (NTLM hash)
https://en.wikipedia.org/wiki/NT_LAN_Manager

“In a Windows network, NT LAN Manager (NTLM) is a suite of Microsoft security protocols that
provides authentication, integrity, and confidentiality to users. NTLM is the successor to the
authentication protocol in Microsoft LAN Manager (LANMAN), an older Microsoft product.

The NTLM protocol suite is implemented in a Security Support Provider, which combines the
LAN Manager authentication protocol, NTLMv1 (MD4), NTLMv2 (HMAC-MD5) and NTLM2
Session (MS-CHAPv2) protocols in a single package. Whether these protocols are used or can
be used on a system is governed by Group Policy settings, for which different versions of
Windows have different default settings. NTLM passwords are considered weak because they
can be brute-forced very easily with modern hardware”.

“NTLM is a challenge-response authentication protocol which uses three messages to authenticate a client in a connection
oriented environment (connectionless is similar), and a fourth additional message if integrity is desired: 1. First, the client
establishes a network path to the server and sends a NEGOTIATE_MESSAGE advertising its capabilities, 2. Next, the
server responds with CHALLENGE_MESSAGE which is used to establish the identity of the client y 3. Finally, the
client responds to the challenge with an AUTHENTICATE_MESSAGE”.

“The NTLM protocol uses one or both of two hashed password values, both of which are also stored on the server (or domain
controller), and which though a lack of salting are password equivalent, meaning that if you grab the hash value from the
server, you can authenticate without knowing the actual password. The two are the LM Hash (a DES-based function applied to
the first 14 chars of the password converted to the traditional 8 bit PC charset for the language), and the NT Hash (MD4 of the
little endian UTF-16 Unicode password). Both hash values are 16 bytes (128 bits) each.”

4
Autenticación con Kerberos (SSO basado en Tokens)

► Kerberos: Perro de tres cabezas y

cola de serpiente según mitología
griega, guardián de la entrada del
Templo de Hades.

► Servicio de autenticación desarrollado en el Massachusetts

Institute of Technology (MIT).
► Tres componentes guardarán la puerta: Autenticación,
Contabilidad y Auditoría. Las dos últimas cabezas nunca han
sido implementadas.

http://web.mit.edu/kerberos/www/

5
Kerberos: Autenticación con cifra simétrica y KDC

► Utilización de un Key Distribution Centre (KDC) o Distribuidor de Claves

de Confianza, formado por un Authentication Server (AS) y un Ticket
Granting Server (TGS).
► Cada parte, usuario o entidad de la red comparte una clave secreta
simétrica diferente o clave maestra con el KDC.
► El KDC puede autenticar (AS) a cada parte con su clave maestra y les
permite solicitar acceso (TGS) a otros servicios.
► El KDC se ocupa de distribuir una clave de sesión que va a ser utilizada
en la conexión entre dos partes.
► La clave de sesión se protege con la clave maestra de los participantes
de una comunicación.
► Está basado en el protocolo de distribución de claves de Needham &
Schroeder.

http://www.lsv.ens-cachan.fr/spore/nssk.html
http://www.isi.edu/gost/publications/kerberos-neuman-tso.html

6
 Fases de autenticación Kerberos
1. Obtención de credenciales del KDC:
• Autenticación del usuario → Ticket Granting Ticket (TGT)
2. Petición de autenticación al KDC para un servicio:
• <TGT, Servicio> → Ticket Granting Service (TGS)
3. Presentación del ticket al servidor final:
• TGS → Servicio

7
 Demo: Sistema Kerberos

http://cswilliams.ncat.edu/IA_visualization_labs/security_visual_tools/kerberos/
kerberos_demo.html
https://en.wikipedia.org/wiki/Integrated_Windows_Authentication
https://uit.stanford.edu/service/ess/pc/docs/kerberos

8
Ataques contra contraseñas

Universidad Internacional de La Rioja

Ataques – Descubrir la contraseña

► Búsqueda inteligente (ataque de canal lateral)

► Ataque de diccionario*
► Ataque de fuerza bruta (GPU, Rainbow tables, …)
► “Robarla”

10
 https://www.youtube.com/watch?v=4vIu8ld68fc

https://www.wired.com/2014/08/gyroscope-listening-hack/

11
Ataques de fuerza bruta

http://www.neoteo.com/colossus-un-coloso-secreto-
contra-enigma-16078 https://en.wikipedia.org/wiki/EFF_DES_cracker (1998)

In 1977, Diffie and Hellman proposed a machine costing an estimated

US$20 million which could find a DES key in a single day

12
Computación con GPUs/GPGPUs (1)

Uso de la potencia de la GPU (Graphics Processing Unit) o GPGPU

(General Purpose Graphics Processing Unit) para realizar cálculos a
gran velocidad.

http://arstechnica.com/security/2012/12/25-gpu-cluster-cracks-
every-standard-windows-password-in-6-hours/

It achieves the 350 billion-guess-per-second speed when

cracking password hashes generated by the NTLM
cryptographic algorithm that Microsoft has included in every
version of Windows since Server 2003. As a result, it can
try an astounding 958 combinations in just 5.5 hours,
enough to brute force every possible eight-character
password containing upper- and lower-case letters, digits,
and symbols.

13
 Computación con GPUs/GPGPUs (y 2)
► Herramientas Gratuitas GPU:
OclHashcat - http://www.hashcat.net
Ighashgpu - http://www.golubev.com/hashgpu.htm
BarsWF - http://3.14.by/en/md5
Whitepixel - http://whitepixe.zorinaq.com
hashkill - http://www.gat3way.eu/hashkill/index.php

► Herramientas Comerciales GPU:

ElcomSoft – http://www.elcomsoft.es/products.html
Passware - http://www.lostpassword.com/hardware-acceleration.htm
Password Recovery Tools – http://passwordrecoverytools.com
HashSuite – http://hashsuite.openwall.net/performance
► Herramientas Online:
https://crackstation.net
http://www.cloudcracker.com
http://www.hash-database.net
http://www.onlinehashcrack.com

14
Rainbow Tables (1)

https://en.wikipedia.org/wiki/Rainbow_table

15
15
Rainbow Tables (y 2)

► Generación:
- Rtgen: http://Project-rainbowcrack.com
- Cain&Abel (winrtgen): http://www.oxid.it
- Precomp (0phcrack): http://ophcrack.sourceforge.net

► Online:
- http://passcracking.com
- http://md5pass.info/add.php

► Tablas pre-generadas:
- Free Rainbow Tables: http://www.freerainbowtables.com
- Shmoo group: http://rainbowtables.shmoo.com
- Ophcrack: http://ophcrack.sourceforge.net
16
16
17
17
Contraseñas de “calidad”

http://www.passwordmeter.com

18
18
Te obligan a revelar la contraseña

19

19
Ataques a las contraseñas (LM/NTLM) (1)
► Ataques online – basados la en inyección de DLL o leyendo la memoria del
proceso LSASS (Local Security Authority Subsystem):
Herramientas: Fgdump, pwdump, bkhive, samdump2, Mimikatz, Windows Credential
Editor (WCE)…

http://www.tarasco.org/security/pwdump_7/
http://ampliasecurity.com
https://www.slideshare.net/rootedcon/hernan-ochoa-wce-internals-rootedcon-2011

► Ataques offline – Consigo las credenciales cifradas:

Herramientas: Cain&Abel, oclhashcat…

► Ataques de acceso físico:

Herramientas:
• Hiren’s Boot CD (Windows gate 1.1)
• Kon-Boot (salta el proceso de autenticación)
https://hipertextual.com/archivo/2014/05/acceder-a-windows-sin-saber-contrasena/

20
Ataques a las contraseñas (LM/NTLM) (y 2)
• Ataque sin descifrar – Pass the hash

https://dfir-blog.com/2015/11/08/protecting-windows-networks-defeating-pass-the-hash/
https://blog.varonis.com/windows-10-authentication-the-end-of-pass-the-hash/
http://www.securitybydefault.com/2011/11/obtencion-del-fichero-sam-y-system-sin.html

21
Ataques a las contraseñas (Kerberos) (1)
https://digital-forensics.sans.org/blog/2014/11/24/kerberos-in-the-crosshairs-golden-tickets-silver-tickets-
mitm-more

Overpass-the-hash
Se pasa el hash de autenticación de
usuario para luego obtener un ticket TGT

22
Ataques a las contraseñas (Kerberos) (2)
https://digital-forensics.sans.org/blog/2014/11/24/kerberos-in-the-crosshairs-golden-tickets-silver-tickets-
mitm-more

Pass-the-ticket

23
Ataques a las contraseñas (Kerberos) (3)
https://digital-forensics.sans.org/blog/2014/11/24/kerberos-in-the-crosshairs-golden-tickets-silver-tickets-
mitm-more

Golden/Silver Ticket: Se genera un ticket TGT/ ticket de servicio TGS

Mimikatz: If the adversary is able to gain full administrator privileges on a Windows
Domain Controller this feature allows creating a special Kerberos TGT ticket

24
Ataques a las contraseñas (Kerberos) (y 4)

25
https://download.microsoft.com/download/7/7/A/77ABC5BD-8320-41AF-863C-6ECFB10CB4B9/Mitigating%20Pass-
the-Hash%20(PtH)%20Attacks%20and%20Other%20Credential%20Theft%20Techniques_English.pdf

https://cert.europa.eu/static/WhitePapers/UPDATED%20-%20CERT-EU_Security_Whitepaper_2014-
007_Kerberos_Golden_Ticket_Protection_v1_4.pdf

26
www.unir.net