| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 18 Oct 2005 16:06:05 -0400 From: Clayton Kossmeyer <ckossmey@...co.com> To: full-disclosure@...ts.grok.org.uk Cc: bugtraq@...urityfocus.com, psirt@...co.com Subject: Re: Ciscos VPN-Client-Passwords can be decrypted -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello - The Cisco PSIRT is aware of reports that claim the Cisco VPN Client password encryption uses a breakable algorithm to encrypt user passwords. We are aware of reports at the following sites: http://www.heise.de/newsticker/meldung/64954 http://evilscientists.de/blog/?page_id=339 http://evilscientists.de/blog/?page_id=343 This issue is related to a Security Notice that the Cisco PSIRT released in October of 2004. Cisco's public announcement can be found here: http://www.cisco.com/warp/public/707/cisco-sn-20040415-grppass.shtml The Cisco VPN 3000 Series has a configuration option that does not allow the storage of the user password in the VPN client. For customers that are concerned about the recovery of the user password, the following option can be disabled to prevent local storage of the user password. http://www.cisco.com/en/US/products/hw/vpndevc/ps2284/products_configuration_guide_chapter09186a00803ee1f0.html#wp2477015 - - --------------------- Cisco Client Parameters Allow Password Storage on Client - Check this box to allow IPSec clients to store their login passwords on their local client systems. If you do not allow password storage (the default), IPSec users must enter their password each time they seek access to the VPN. For maximum security, we recommend that you not allow password storage. - - --------------------- Note that the default configuration of the VPN 3000 Series does not allow client password storage. Additionally, this attack only affects passwords that are static and reused for login to the VPN network. Customers using one-time passwords (OTP) and certificates to connect are unaffected. We do greatly appreciate the opportunity to work with researchers on security vulnerabilities, and welcome the opportunity to review and assist in product reports. Regards, Clay Cisco PSIRT On Sun, Oct 16, 2005 at 09:28:41PM +0200, Thierry Zoller wrote: > > Dear List, > > [1] heise published a news article today. > [2] EvilScientists reverse engineered the algorithm Cisco uses to _obscufate_ the > passwords. > [3] PoC > > Summary : > Cisco uses 3des to encrypt the passwords, however it does so using > a deterministic encryption sheme (no user input) and thus must be > reproducible. > > The algorithm [2] found was as follows : > > * GetDate - convert to string > * Generate an SHA Hash from that string h1 (20 Bytes) > * h1 is modified into Hash h2 > * h1 is modified into Hash h3 > * h2 and the first 4 Bytes from h3 give the 3DES Key > * The clear text password no encrypted in 3DES CBC Mode. The IV is the first 8 Bytes of h1. > * If the size of the clear text password is not a multiple of the > Block size, the differece to the next block is calculcated and padded > with a Digit. -> length of password is known > * A last hash is calculated from the encrypted Password h4 > * The value of the Key enc_UserPassword is: h1|h4|verschlüsseltes Passwort > > Credits: > [1] http://www.heise.de/newsticker/meldung/64954 > [2] http://evilscientists.de/blog/?page_id=339 > [3] http://www.evilscientists.de/blog/?dl=CiscoPasswordRevealer.rar > I take no credit I am only translating and forwarding. > > -- > Thierry Zoller > http://thierry.sniff-em.com > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (SunOS) iD8DBQFDVU8DEHa/Ybuq8nARAgVzAJ4mPsT5ThKc4DKJGAa76OuLSPs7CgCdFS+W BjtwpXaQnRZvaR/UiH+/1wg= =ivMN -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists