.

The most common password vulnerability

<<

Kev

Post Tue Aug 22, 2006 11:17 am

The most common password vulnerability

  The Ec council considers good old fashion password cracking as still the best place to focus on.  If there is no exploitable vulnerability or miss configured network, password cracking is still your best place to put your attention.

    I am finding that more and more people are getting away from just using a simple dictionary word for their passwords. Often they at least add a number to the word, i.e. cherry11.  Often those numbers might have a meaning like their birthday. All in all, in my experience cracking passwords with just a simple dictionary attack is getting less productive.  The only good thing is a dictionary attack is fast to do and quickly see if you need to go to stronger methods. 

    The most common password problem I encounter is not so much that they are so easy to crack, but once you do reveal it, you have access to everything that uses has.  Most people use the same password for everything!  What makes that practice a vulnerability is you never know where you might give it up.  Sure, the admin is very careful when he logs onto to his server, but is he as careful when he checks his email from my house with my computer?  How many passwords does he maintain, perhaps one or two for everything?  Imagine placing a hard ware key logger on the general access computer at the hotel lobby you are staying at and see the results you have. 

    I am wondering if other pen testers here have had the same experience with the general public.  Once you have their password, most everything else they have is yours.  Online Banking, email, pcanywhere,etc..
<<

jimbob

Post Wed Aug 23, 2006 5:00 am

Re: The most common password vulnerability

What I find scariest about this password guessing, cracking etc. is the momentrum behind single sign on (SSO) and centralised password solutions. In an ideal environment once you compromise someone's password you have access to everything; they have no choice but use the same password for everthing. Couple this with weakest link exposure of passwords and hashes and you have a receipe for disaster.

Consider a corporate environment that uses LDAP over SSL to authenticate access to services. It might seem pretty secure on the face of it, until you find a whopping hole such as the use of HTTP basic auth to send user's credentials to the corporate web proxy. Every HTTP request sends the users credentials in clear text, and there is usually no shortage of web traffic to sniff.

However you steal someone's password I'm increasing finding that the consequences are greater than they were in days gone by. Does anyone else feel that the use of passwords antiquated at best?

Jim
<<

Kev

Post Wed Aug 23, 2006 9:53 am

Re: The most common password vulnerability

  At the keynote at RSA Conference [in February 2004], Bill Gates basically said that usernames and passwords are dead.

Return to Network Pen Testing

Who is online

Users browsing this forum: No registered users and 1 guest

cron
.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software