lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Date: Wed, 22 Jul 2015 09:36:00 +0900
From: Pierre Kim <pierre.kim.sec@...il.com>
To: fulldisclosure <fulldisclosure@...lists.org>
Subject: [FD] Why Full Disclosure is the solution ? An example with RIPE

Note: this email has been sent to Full-Disclosure and has been
blogposted to: https://pierrekim.github.io/blog/2015-07-22-why-full-disclosure-is-the-solution-an-examble-with-ripe.html

TL;DR: hashes list from the RIPE database has been posted to MEGA,
containing usable hashes from 2011 to July 2015.
( https://mega.co.nz/#!xMIxHZCT!EgWNb65ERsTf5URgBNq8VW_flzXSNbO3URwE0nqtsXY )


The human is reluctant to change. Full Disclosure is, sometimes, the
only solution to improve Security by forcing the change.

RIPE, Reseau IP Europeen (European IP Networks), is in charge of IP
allowance in Europe ( https://en.wikipedia.org/wiki/RIPE ).

In 2011, I had grabbed all the authentication MD5s of the RIPE  database before
they  were taken out from the public view and RIPE asked people to
change their passwords.
These MD5s were public-made available in WHOIS reponses for years.


I don't think I was the only security researcher who downloaded all
the hashes. Clearly, there were a lot of people who had this database.
The 36.000 hashes stayed in my hard disk for 4 years.

Finding them again in 2015 in my $HOME, some may have wanted to deface
the WHOIS RIPE database by inserting giant ASCII penises everywhere
and changing IP attributions. Instead, I contacted the RIPE NCC
Information Security Officer and then the RIPE Database Working Group
Members, hoping to have open discussions and find a solution:

  - [db-wg] MD5s of the RIPE database, Deprecation of MD5 and safe
authentication methods (
https://www.ripe.net/ripe/mail/archives/db-wg/2015-May/004554.html ).

As I said in the first email:

  According to the RIPE transparency, as recommended by RIPE NCC
  Security, therefore I am now contacting this working group to work
  together because deprecation of MD5 is an important change in the RIPE
  database and it must be debated in a democratic manner.

  This john-compatible file (containing MNT logins and MD5 hashs) was
  never exposed to public but the  hashes  can  be  (VERY) easily
  cracked. From the discussion with RIPE Security (who received a copy
  of this file), 27.000 usable hashes (on a total of 36.000) appeared to
  be valid til now.

  When I discussed it with RIPE NCC Security, I gave a 90 day disclosure
  policy about this "public" information, starting from the 16 Apr 2015.
  The 90 day period can be adjusted by adding more days at the end if
  RIPE shows a good progress of the migration. I wanted to do
  responsible disclosure when I saw the RIPE Responsible Disclosure
  Policy which is a Really Good Thing, I think.

  My analysis is simple: The MD5 authentication is broken for years and
  it's time to change to a more secure method. I think people needs to
  be encouraged to move to SSO authentication. Using MD5 now is unsafe
  and dangerous, especially with unchanged 4 year-old passwords.

  Please share your thoughts about this situation. I will be happy to
  debate with you.


After a debate with the RIPE working group about the impact of the
fact 27.000 hashes were still usable (75% of total valid hashes
36.000) and  MD5 is prone to collision attacks, and
the ethics in releasing this information, which was not the point, I
think, RIPE changed the affected passwords and encouraged stronger
authentication methods.

You can read all the posts in the RIPE public mailing list, database
working group archives:
  - https://www.ripe.net/ripe/mail/archives/db-wg/2015-May/004554.html
  - https://www.ripe.net/ripe/mail/archives/db-wg/2015-June/004665.html


Now that all the hashes are invalid from July 2015 [1], I am releasing
the database[2]. These informations were PUBLIC before 2011.
Releasing the hashes is still subject to ethical problems. The release
is expected to allow people to study the strengh of the hashes. Again,
the hashes (and the decrypted passwords) are now UNUSABLE to anyone.


I want to thank all the RIPE participants in the Database Working
Group for exchanging their opinions about this problem, especialy Tim
Bruijnzeels and Ivo Dijkhuis, from RIPE. Even if, sometimes, we didn't
share the same ideas, the debate was democractic allowing people to
share their visions of improving security in RIPE. I really think RIPE
managed this problem in an effective manner, improving the security of
their IT infrastructure.

RIPE has a blogpost explaing how to migrate to a safer authentication
method here:
  https://labs.ripe.net/Members/AlexBand/pgp-in-the-ripe-database



Now, a small personal analysis:
In Twitter, Blogs and vulnerability reports, we are speaking about
0days and new exploitation techniques: I consider it's very important.
But I really think too there is a big gap between the research in
security and the reality. Companies are mainly hacked using word
macros and lazy sysadmins.

It is a VERY bad sign in IT Security that:
- 75% of the passwords in RIPE were not changed for 4 years and these
concern mainly IT professional accounts, even though RIPE alerted them
to change the passwords since 2011
- We still find reluctant opinions to challenge the current situation
and make necessary actions in improving IT security.

Mentality needs to change. Apparently, for some people, this
disclosure of information is unethical. This was not the problem of
ethics but protection of private information. A lot of people had the
RIPE credentials in their hands and something needs to be done.


So now, enjoy the show. The hashes list, as a john-compatible file, is
available at MEGA (
https://mega.co.nz/#!xMIxHZCT!EgWNb65ERsTf5URgBNq8VW_flzXSNbO3URwE0nqtsXY
).


Regards,


[1]: https://www.ripe.net/ripe/mail/archives/db-wg/2015-July/004709.html
- [db-wg] MD5s of the RIPE database, Deprecation of MD5 and safe
authentication methods
[2]: https://mega.co.nz/#!xMIxHZCT!EgWNb65ERsTf5URgBNq8VW_flzXSNbO3URwE0nqtsXY

-- 
Pierre Kim
pierre.kim.sec@...il.com
@PierreKimSec
https://pierrekim.github.io/

_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Powered by blists - more mailing lists