From 2fc3eed8a5fcde94fd47b0c661699496bfe67ff6 Mon Sep 17 00:00:00 2001 From: Swissky <12152583+swisskyrepo@users.noreply.github.com> Date: Mon, 17 Oct 2022 11:07:33 +0200 Subject: [PATCH] Insecure Randomness --- Insecure Randomness/README.md | 43 ++++++++++++++++++++++ Methodology and Resources/Hash Cracking.md | 6 ++- 2 files changed, 48 insertions(+), 1 deletion(-) create mode 100644 Insecure Randomness/README.md diff --git a/Insecure Randomness/README.md b/Insecure Randomness/README.md new file mode 100644 index 0000000..9f23fe7 --- /dev/null +++ b/Insecure Randomness/README.md @@ -0,0 +1,43 @@ +# Insecure Randomness + +## Summary + +* [GUID / UUID](#guid--uuid) + * [GUID Versions](#guid-versions) + * [Tools](#tools) +* [References](#references) + +## GUID / UUID + +### GUID Versions + +Version identification: `xxxxxxxx-xxxx-Mxxx-Nxxx-xxxxxxxxxxxx` +The four-bit M and the 1- to 3-bit N fields code the format of the UUID itself. + +| Version | Notes | +|----------|--------| +| 0 | Only `00000000-0000-0000-0000-000000000000` | +| 1 | based on time, or clock sequence | +| 2 | reserved in the RFC 4122, but ommitted in many implementations | +| 3 | based on a MD5 hash | +| 4 | randomly generated | +| 5 | based on a SHA1 hash | + +### Tools + +* [intruder-io/guidtool](https://github.com/intruder-io/guidtool) - A tool to inspect and attack version 1 GUIDs + ```ps1 + $ guidtool -i 95f6e264-bb00-11ec-8833-00155d01ef00 + UUID version: 1 + UUID time: 2022-04-13 08:06:13.202186 + UUID timestamp: 138691299732021860 + UUID node: 91754721024 + UUID MAC address: 00:15:5d:01:ef:00 + UUID clock sequence: 2099 + + $ guidtool 1b2d78d0-47cf-11ec-8d62-0ff591f2a37c -t '2021-11-17 18:03:17' -p 10000 + ``` + +### References + +* [In GUID We Trust - Daniel Thatcher - October 11, 2022](https://www.intruder.io/research/in-guid-we-trust) \ No newline at end of file diff --git a/Methodology and Resources/Hash Cracking.md b/Methodology and Resources/Hash Cracking.md index 5a04872..b3ea6f4 100644 --- a/Methodology and Resources/Hash Cracking.md +++ b/Methodology and Resources/Hash Cracking.md @@ -149,10 +149,13 @@ john --restore * PACK (Password Analysis and Cracking Kit) * https://github.com/iphelix/pack/blob/master/README * Can produce custom hcmask files to use with hashcat, based on statistics and rules applied on an input dataset +* Use Deep Learning + * [brannondorsey/PassGAN](https://github.com/brannondorsey/PassGAN) + ## Online Cracking Resources -* ~~[hashes.com](https://hashes.com)~~ +* [hashes.com](https://hashes.com) * [crackstation](https://crackstation.net) * [Hashmob](https://hashmob.net/) @@ -163,3 +166,4 @@ john --restore * [Using Hashcat to Crack Hashes on Azure](https://durdle.com/2017/04/23/using-hashcat-to-crack-hashes-on-azure/) * [miloserdov.org hashcat](https://miloserdov.org/?p=5426&PageSpeed=noscript) * [miloserdov.org john](https://miloserdov.org/?p=4961&PageSpeed=noscript) +* [DeepPass — Finding Passwords With Deep Learning - Will Schroeder - Jun 1](https://posts.specterops.io/deeppass-finding-passwords-with-deep-learning-4d31c534cd00) \ No newline at end of file