Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Tue, 27 Mar 2012 12:21:23 +0200
From: Per Thorsheim <per@...rsheim.net>
To: john-users@...ts.openwall.com
Subject: Re: EPiServer hashes

On Tue, 2012-03-27 at 11:27 +0400, Solar Designer wrote:
> Hi,
> 
> This thread was referenced in tweets CC'ed to @Openwall:
> 
> http://hashcat.net/forum/thread-987-post-5151.html#pid5151
> 
> Maybe our EPiServer format is wrong or out of date.
> 
> Per - what's the status on this?  Does JtR work right for your hashes?
> Does any change in JtR need to be made?
> 
> Alexander

Status is as given in the hashcat thread, except that I also asked
@episerver if they could provide any insight:
http://www.twitter.com/thorsheim/status/183121090929893377

And they replied:
http://www.twitter.com/episerver/status/183127532474875905

..... (break for phone call):

As I started to respond to this e-mail, I got a call from an episerver
representative who had both knowledge & interest in helping out, and we
talked for quite some time. (Thank you!)

Yes, the episerver format in john is out of date. Somewhere around
version 4.x of episerver they dropped using their own crypto
implementations and went for using Microsoft .NET provided algorithms
instead. episerver is now at 6.2x if I remember correctly.

What I forgot to mention in my post at hashcat forums is that the config
also has an option named "passwordformat", with default value of "1". I
got that one answered; it is related to the .NET configuration. In fact;
depending on your .NET configuration, your episerver could seriously be
at risk.

The good news; the default install seems to provide decent security, and
probably better than many other solutions floating around. (Oops,
marketing talk... sorry)

By default episerver will rely on the SqlMembershipProvider in .NET for
securing your passwords. You can do cleartext or reversible encryption
if you want, and you can do authentication against Microsoft Active
Directory (SSO). Default though is SHA-1 with salt.

More info here:
http://msdn.microsoft.com/en-us/library/system.web.security.sqlmembershipprovider.passwordformat.aspx

A list of cryptograhic services provided in .NET can be found here:
http://msdn.microsoft.com/en-us/library/92f9ye3s.aspx

There are also those who tries to implement bcrypt in there as well:
http://stackoverflow.com/questions/6460711/adding-a-custom-hashalgorithmtype-in-c-sharp-asp-net

There is lots more to be read about .NET etc, but I'm nowhere near being
a programmer, and will not pretend to be one either.

Again; the good news is anyone running episerver also has .NET, and can
pick from a good list of algorithms etc in order to protect their users
passwords.

The bad news: I guess many episerver installations are running on
default .NET configurations, probably making it easier to crack the
password hashes than with a customized configuration. Of course when
configured by someone who really understands what he/she is doing.

I hope this will aid in replacing current code for episerver hashes in
john (and eventually hashcat + others). There is still some reading to
do in Microsofts documentation, even for the default config settings
that are supposed to be SHA-1 with salt.


-- 
Best regards,
Per Thorsheim
CISA, CISM, CISSP-ISSAP
securitynirvana.blogspot.com




Download attachment "signature.asc" of type "application/pgp-signature" (199 bytes)

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.