Ashley Madison part 2: Cryptanalysis

Lets look at these password hashes:

$2a$12$6YEtyM93L2EQkHzs/PSP6OKEiW6fS3dSZCozzDrMKhHqRmI6NjS1S
111111Iwillneverdoitagain
$2a$12$3V0bFXAv1b4DT1KHh3uqjumaRYysI.NNpgXlcFEfulNUoBYtBEtTG
111111Iwillneverdoitagain
$2a$12$8b5m318FP10GzXI.mtJyh.L.LFjK5iZMwen9gJ68OrkrSLJrKsq1e
111111Iwillneverdoitagain
$2a$12$XC2CQOA5agBimTPHdvcsKOVgKkDwfjXFPyZjNhCFxhxj0yZS/T9f.
111111Iwillneverdoitagain
$2a$12$4FOWYjeL4AtnSuWqP7.1NeeBejEvwBFI/K3Pjt2r0jg5RhnPF38ja
$2a$12$zK2RRlnbtzm/0X0ZSuMrJ.L8v4KSOGnOuXDtDcPkw.ic6qeV.cg4i

Now when looking at the passwords, I notice that they all start with the marker “$2a$12$”.

This is Linux /etc/shadow notation. Linux keep the passwords in the /etc/shadow file. This file is readable only to root accounts. It contains the password hashes of all users. We call “shadow” because it is a shadow file of the /etc/passwd file. /etc/passwd is world readable, so we obviously don’t want to store our password hashes in this file. When we shadow the password file, /etc/passwd will only store an “x” for the password.

$ sudo cat /etc/passwd
...
david:x:1000:1000:david,,,:/home/david:/bin/bash
...

This contains our username:password (shadowed)

Now if I look at the contents of our shadow file (I changed the salt and hash)

$ sudo cat /etc/shadow
...
david:$1$HSnwkd2ajf$Aadhj20idhjSd8djv9d:16663:0:99999:7:::
...

This contains our username:$algorithm$salt$hashed password, followed by information regarding password changes. In this case, the $1$ means the hash was MD5.

Some other prefixes I found:

$0$ – DES
$2$, $2a$ = Blowfish
$3$ = NT hash
$5$ = SHA-256
$6$ = SHA-512

Back to the marker “$2a$12$” in the database. I know that the passwords were hashed with the Blowfish algorithm. The bcrypt algorithm implements Blowfish, so I’m that was the algorithm the website used to hash password. The $12$ means a cost factor of 12, or 12 rounds of bcrypt.

bcrypt, along with scrypt and PBKDF2 are a family of algorithms for hashing passwords. They are all considered “slow” for a computer to perform in relation to other algorithms like MD5 or SHA, so that if a database is compromised and the hashes revealed to an outsider, any brute force or dictionary attacks will be handicapped.

bcrypt has the advantage of being hard for a GPU to do. GPUs are many times faster at performing hashes then the CPU, so crackers often utilize one or more GPUs in parallel to crack passwords. According to https://security.stackexchange.com/questions/4781/do-any-security-experts-recommend-bcrypt-for-password-storage/6415#6415

“Bcrypt happens to heavily rely on accesses to a table which is constantly altered throughout the algorithm execution. This is very fast on a PC, much less so on a GPU, where memory is shared and all cores compete for control of the internal memory bus.”

With that being said, it is unlikely I will be able to crack any passwords from this database.

Another thing I noticed was the repeated password of “111111Iwillneverdoitagain”. I would assume that this is how the website disabled accounts, since it would be extremely difficult to find a string whose hash equals “111111Iwillneverdoitagain”.

  1. Hi guys, I enjoy composing my synthwave music and recently I bumped into a very topical issue, namely how cryptocurrency is going to transform the music industry. I have decided to put together an article on the subject as I would like to inform the musicians and public at large just how cryptocurrencies can be a gamechanger in this field. I would like to donate this article to you for publication on your blog. I have saved the article in my Google drive: https://drive.google.com/drive/folders/1xX35t28GlE6wDomFAEvsPc1PqN3fp8ka?usp=sharing I did not have the time to find any images so I would be grateful if you could find and add some. I have also added a little blurb about myself. I hope you and your readers will enjoy reading my article. Have an awesome day! Regards, Tony

  2. Hey! I got some very great news for you in the crypto space ! A good deal of folks in cryptocurrency groups have mentioned that a new crypto coin is currently undergoing development and remarkably, it is collectively created by the primary intercontinental law firms ! Allegedly, its name is LAWesome coin! I would be most obliged if anybody could possibly share some new real-time information on this coin. I would certainly, love to purchase this coin during the ICO and participate in the bounty hunt to acquire some free coins also. Alas, there simply is not enough information on this coin as I think that it is a being kept hush hush. It is rather unusual that the law firms are making such a striking entrance into the cryptocurrency field! This step will certainly give cryptocurrency more credibility.

  3. Hi! I have bumped into a blog comment on this website (can not locate the comment so will create a brand-new one) with some enthusiasm in the Lawesome coin cryptocurrency. I am one of the designers of the Lawesome coin and I can confirm that the Lawesome cryptocurrency is being finalized and will definitely be launched throughout the following week. Meanwhile, you can begin picking up totally free Lawesome coins by submitting a guest post on https://blog.latestlawjobs.com. I am truly overwhelmed by the amount of interest the Lawesome coin has earned. I am afraid that I can not disclose any further info about this state-of-the-art cryptocurrency just yet due to our confidentiality and NDA arrangements with a number of other firms. Do reply to this comment if you have any questions.

  4. Fantastic items from you, man. I’ve remember your stuff prior to and you’re simply too wonderful. I really like what you’ve bought here, certainly like what you’re stating and the way in which by which you say it. You are making it entertaining and you still care for to stay it wise. I cant wait to learn far more from you. That is really a wonderful site.

  5. Hi guys! Just wanted to drop you a line to say that I really enjoyed reading your guest article on Peaches and Screams UK site! Great perspective. Have an awesome day!

  6. The 2018 recipients of this University of Washington’s prestigious teaching awards may be from fields ranging from social work to surgery, but one thing they have in common 3 week diet is their ability to inspire students. thanks for the information here. also find information regarding 3 week diet.

Leave a Reply

Your email address will not be published. Required fields are marked *