The Realm of the Verbal Processor

Jarvis's Ramblings

Cracking Passwords

When I arrived in Oklahoma on my trip to my cousin’s funeral, one of the big tasks was getting into my cousin’s computer. She had left it turned on and locked. She had changed the passwords for every administrator account on the computer to passwords that no one else knew. In particular, there were four programs running on her computer that my aunt was really wanting to be able to see what was on her computer screen. We figured one was probably a web browser, one was her instant messenger program, one was possibly her Bible program, and the fourth was an unknown.

Since I am the computer guy, they asked me to see if I could get into it. Because we didn’t know the password to any of the admin accounts, it wasn’t possible to simply change the password and log in. We also didn’t want to shut the computer down, because that would lose whatever was on her screen. That left us with guessing passwords. Over the course of two days, we probably entered three hundred potential passwords…everything we could think of related to Christianity, Lutheranism, her EMT studies, her boyfriend, other family members, birthdates, as well as some of the more common simple passwords (qwerty, 12345, asdfjkl, the word “password”, admin, a blank password, her username, etc). All to no avail. (BTW…side note…if your password is any of the common ones listed, don’t bother…anyone wanting to get into your computer will be in it within half an hour anyway. Change it to something that will actually be useful. Personally, my passwords are typically sentences…around 24-35 characters.)

I had let my aunt know that a Plan B…if we couldn’t guess the password…was to shut it down and I’d take the hard drive out, pull off the password files (SAM database and System registry hive), and crack the password offline. On Friday night we got to that point. I threw the drive into an external USB enclosure, and pulled those two files out of c:\windows\system32\config. I then downloaded and installed Cain on my computer and started the cracking process. The initial pass did not crack the password, so I loaded a dictionary file that I have used when doing password auditing for the organization I work for. That dictionary file has 1,425,824 “words”…essentially any combination of characters that you want to run through a password cracker. I don’t remember where I got the original version of that file, but it is an almost 16MB text file. Less than ten minutes later, we had her password…laryngoscope. Definitely not one that we would have guessed any time this year.

That leads me to another statement. If you don’t maintain physical security of your computer…you have no security. I couldn’t guess Carrie’s password, but once I took the hard drive out, I had all of her files within minutes. Now…if the files are encrypted…that’s a whole different ballgame. Without the encryption key, I’ll never read the files.

February 10, 2008 Posted by | computers, tech | , , , | 2 Comments