Stage 2: CowPatty


Introduction

 Firstly I want to mention you mentioned about hypervisor in class. I want it to be noted that I personally hate hypervisor, I havent really looked into its total purpose however it makes me hate windows 10.

Since I use VMware and Android Studio anytime I was to use one or the other I have to turn hypervisor off, Its simply the worst
Building On Aarchie

     Right off the bat, I knew I had to build it differently then I did for on my x86 systems running a different Linux. Once i figured out it was 'yum'  as a package manager is was good to go,

I had to install libraries as my make file was crashing, the error was related to libpcap not being installed, Once I ran sudo yum install libpcap-devel .  my makefile ran fine and my program was able to build.


Its great that I have CowPatty built however the test data I was supplied is quite small, I need to make the dictionary much larger. To do this Ill use john the ripper with the dictionary I was given and pipe the results to a file.


We now have close to 500 000 keys in our dictionary, quite large, but great for testing.
The result for the 4 way handshake is still near the top of the file, to lengthen the test we can move it to the end.

Before we start testing on this platform we need to check load and the users













Building on x86

    Building on x86 was the same but easier as I knew the commands, they are pretty much the same but I use a different package manager. For the x86 test I will be using 2 different systems, my Desktop in a vm plus the x86 server xerxes.

On xerxes I had to install Clang as it threw and error on the make.
Once I did that, It was ready for testing on xerxes!!




Running My Tests

    For my Tests, Im going to use 2 different size data sets along with doing test cross platform to see how each perform. Changing the pcap file it accepts would also be another way to test however were looking a specific hash functions in the call graph.

The test will take in the 4 way handshake provided, and my custom dictionary file. The tests will see check the performance of the hashing functions along with how it handles the file with the larger size. With the larger file we can see if it spends more time in specific area, maybe leading to other possible clues as to where we can optimize

First test will be 10201 Keys in length

Seconds test will be much longer at 498579 Keys

Here is the Table Results from the Tests




Build Graphs for Related Tests

Archie Small



Xerxes Small


Ryzen Small


Ryzen Large



Full CALL graphs - here

Results

 The Difference between the arm and the x86 is very interesting, unfortunately I couldn't attach call graphs from the large tests as the system would hang, possibly other students working. I saw 1 using the system. Because cowpatty likes to use openssl (libcrypto.so) for its hashing when possible. Im going to try and use the sha that is in the kernel libkcapi, In hopes to optimize it for specific systems. Looking at archie I'm most interested in seeing the impact this could have there. The benchmark times does not have any variations that are unexpected. Scaling the keysize does not effect time on the same scale, as the larger files have more overhead performing file operations.


Goals for Stage 3

 - Use libkcapi sha1 replacement for openssh libcryto.so
- Functional on multiple platforms
- Some performance changes!


Alternative measures

 - This software has had issue in Kali, so many people have been tinkering with buildflags and other changes to make the software work. I want to try some of the suggest flags to see if they actually change performance,

Comments

Post a Comment

Popular posts from this blog

Lab3

Image
Compiled C Lab Let's start by writing the hello world. then with this saved we can run the compiler with the Flags specified                     gcc -g -O0 -fno-builtin hello.c Looking at the objdump header file for our program Objdump -f We see that: Were using an x86 platform File Format is in ELF ( Executable and Linkable Format) We can look at the specific selections of this output file by using objdump with -d flag which disassemble sections containing code Objdump -d This is our main! We can see the function call to printf with callq on line 5. The argument was moved into the register on line 4. - Static gcc -g -O0 -fno-builtin -static hello.c -o hellostatic objdump -s hellostatic The file was huge, when read wouldn't fit in the whole window! This is due to the .static flag.  It causes the libraries to be included in the executable because it prevents dynamic l
Read more

Cowpatty!

Image
     For my project im going to be taking a look at cowpatty. I've used it before not with much success however I think it will be a great hash to take a look at as it seems to be a smaller project.       "coWPAtty is a C-based tool for running a brute-force dictionary attack against WPA-PSK and audit pre-shared WPA keys. If you are auditing WPA-PSK networks, you can use this tool to identify weak passphrases that were used to generate the PMK." The owner of my repo was nice to comment where the hash is and ask for help!  File - https://github.com/joswr1ght/cowpatty/blob/bc3c6896ba9b6504c994e32dc7e6737b525fe91b/sha1.c  This function to me looks rather complected , I dont really know how to approach a problem like this however I am interested in finding out more! I think its best to start with the build flags, I've actually read up on forums and actually made an attempt to edit the makefile as for some reason I was getting a bufferoverflow.  The s
Read more