00:40.43 | *** join/#neo900 Kabouik (~kabouik@37.171.88.33) |
01:31.11 | *** join/#neo900 ArturShaik (~ArturShai@212.112.100.88) |
02:27.53 | Joerg-Neo900 | xmn: absolutely, yes |
02:40.24 | Joerg-Neo900 | sixwheeledbeast: interesting |
04:10.19 | DocScrutinizer05 | my root password had 6 hits |
04:15.14 | xmn | oops |
04:43.56 | *** join/#neo900 him-cesjf (~cesjf@unaffiliated/himcesjf) |
06:20.47 | *** join/#neo900 ecloud (quassel@nat/qt/x-gaasyadqhjejiphh) |
06:56.07 | atk | no hits on anything important |
06:56.53 | atk | an old old old password I used |
06:57.01 | atk | which is generic enough to have been used by lots of other people |
06:57.29 | atk | 5140 matches :D |
07:04.37 | *** join/#neo900 tkok (~tkok@dtvg04yf1klnt6-c3bmty-3.rev.dnainternet.fi) |
07:39.22 | DocScrutinizer05 | don't use the web interface at https://passwordsecurity.info/ ! https://github.com/technonerdz/passwordsecurity.info/issues/6 |
07:40.09 | DocScrutinizer05 | or if you do, c&p the password so only one query with full length passowrd gets generated |
07:45.37 | xmn | <PROTECTED> |
07:49.10 | DocScrutinizer05 | yes, the local shellscript is safe |
07:49.52 | DocScrutinizer05 | the web interface is NOT !!! |
08:01.39 | xmn | yeah, so the local one hashs your password and then check it against their database right? |
08:11.08 | Joerg-Neo900 | xmn: right |
08:11.53 | Joerg-Neo900 | actually it also truncates the hash to leading 5 chars |
08:17.49 | Joerg-Neo900 | thanks to max-p of PIA for helping with the analysis of the web interface |
08:21.29 | atk | I didn't use the shellscript or the web-interface |
08:21.37 | atk | I just manually generated the hash and manually made the web requests |
08:22.05 | atk | I know there isn't much in that shell script, but who the fuck knows, I don't know bash that well, might be here's some missing character somewhere which would cause things to be interpreted "incorrectly" |
08:27.29 | sixwheeledbeast | Yes it hashes the password and only sends the first 5 chars of the sha1 to the api. You receive the sha's that match and compare locally is how I read it. I assume I am reading the source of the script correctly and there is nothing else in there. |
08:28.48 | Joerg-Neo900 | atk: the true geek's approach :-) |
08:29.29 | sixwheeledbeast | The website (HIBP) can work the same if you sha1 your password first I believe but the website source would need checking each time. My only concern is bash will log the password in plaintext locally. |
08:30.07 | sixwheeledbeast | Time to change your root password I think Doc |
08:30.15 | Joerg-Neo900 | how and where/why would bash log any of that? |
08:30.41 | Joerg-Neo900 | of course my rot pw got changed hours ago |
08:30.43 | Joerg-Neo900 | :-) |
08:30.59 | Joerg-Neo900 | been about time anyway |
08:31.00 | sixwheeledbeast | If you run the script on the shell the plaintext will be in history |
08:31.27 | Joerg-Neo900 | that's why my recommendation is to run the script without parameters and provide the pw on prompt |
08:31.52 | sixwheeledbeast | and therefore ~/.bash_history |
08:32.47 | sixwheeledbeast | I see, I haven't played with it much yet just used some known passwords in to check |
08:33.13 | sixwheeledbeast | correcthorsebatterystaple for example |
08:33.58 | Joerg-Neo900 | how many hits? :-D |
08:34.28 | sixwheeledbeast | 114 |
08:34.38 | Joerg-Neo900 | low |
08:36.47 | sixwheeledbeast | I see so the prompt wouldn't be logged anywhere, the script will end therefore never stored to disk. |
08:37.37 | Joerg-Neo900 | exactly. The usual way to deal with this, also used by passwd(1) |
08:38.34 | sixwheeledbeast | yes logins etc. compare the first part of the hash |
08:41.20 | xmn | cool, good info guys thanks |
08:42.19 | sixwheeledbeast | It's a handy little script to have in your toolbox |
08:44.16 | Joerg-Neo900 | sixwheeledbeast: >>...website (HIBP) can work the same if you sha1 your password...<< https://passwordsecurity.info/ does exactly same like script, incl generating SHA from plaintext password locally, according to Max-P's analysis |
08:45.00 | *** join/#neo900 bemyak (~bemyak@195.26.185.118) |
08:48.24 | sixwheeledbeast | I see it just hooks into the HIBP API. What are your concerns over the website versions? I personally wouldn't use a website for this as I would want to check over the source of the site each time I need it, it may have been compromised. |
08:54.04 | Joerg-Neo900 | sixwheeledbeast: it does incremental search, thus the first query sent out is for exactly one out of max 256 chars, it's dead simple to reverse the hash to conclude the single char |
08:54.36 | Joerg-Neo900 | the next query is for the hash of a 2char password, of which first char is known from last query |
08:54.53 | Joerg-Neo900 | so again one out of 256 choices |
08:56.07 | Joerg-Neo900 | this way you "recursively" or iteratively reveal the complete password from snooping HTML traffic as it is typed, in realtime |
08:58.09 | sixwheeledbeast | oh I believed it would send the first part of the sha and match locally. Also site is https like the API to reduce risk of leaking the sha1 |
08:58.35 | Joerg-Neo900 | yes, HTTPS defeats a worst case scenario here |
08:59.09 | Joerg-Neo900 | it actually does >>send the first part of the sha and match locally<< |
08:59.40 | Joerg-Neo900 | but that first 5 chars of SHA are more than sufficient to discern between 256 possible solutions to find the right one |
09:00.24 | sixwheeledbeast | So similar risk with the API then? |
09:01.14 | Joerg-Neo900 | no since the local version only does ONE query for full length password, no incremental search |
09:01.49 | Joerg-Neo900 | the website does one query for each char you type |
09:02.05 | sixwheeledbeast | oh I see, you can unhash each of the 5 sent chars for sure even without the rest of the hash |
09:02.29 | sixwheeledbeast | not unhash |
09:02.39 | Joerg-Neo900 | nah, those 5chars are truncated SHA sum, not truncated password |
09:02.58 | xmn | sixwheeledbeast: makes a good point on that the site could be comprised at some other time. Where as the script will stay the same and hash locally. |
09:04.31 | Joerg-Neo900 | 12345678X will still send a different truncated 5char hash than 12345678O |
09:05.25 | sixwheeledbeast | I understand I am just not explaining verbosely. You have reduced the amount of hashs it isn't because it has been sent 1+2+3+4+5 times |
09:06.37 | Joerg-Neo900 | !md5 s |
09:06.44 | Joerg-Neo900 | ~md5 s |
09:06.49 | Joerg-Neo900 | ~md5 sk |
09:06.54 | Joerg-Neo900 | ~md5 skr |
09:06.59 | Joerg-Neo900 | ~md5 skri |
09:07.04 | Joerg-Neo900 | ~md5 skrit |
09:08.04 | Joerg-Neo900 | 03c7 41d6 1542 6243 eaef <- completely describes "skrit" |
09:12.50 | Joerg-Neo900 | is fond of this terse explanation by example of above 11 lines :-) |
09:41.52 | *** join/#neo900 _Chris_ (~Chris@p5DE1A6CD.dip0.t-ipconnect.de) |
10:36.54 | *** join/#neo900 Kabouik (~kabouik@45.6.104.128) |
11:26.47 | *** join/#neo900 Kabouik (~kabouik@138.117.51.199) |
11:34.09 | *** join/#neo900 Kabouik (~kabouik@138.117.51.199) |
12:19.47 | *** join/#neo900 unclouded (~quassel@121.72.242.153) |
12:58.29 | atk | sixwheeledbeast: That's what I read from the shell script |
12:59.07 | atk | sixwheeledbeast: but, I ... well |
12:59.13 | atk | I just don't trust such things even when it's so obvious |
12:59.17 | atk | I've seen IOCCC |
12:59.23 | atk | I'm now going to be working in infosec as of next month |
12:59.29 | atk | You can say I'm paranoid |
13:05.11 | *** join/#neo900 him-cesjf (~cesjf@unaffiliated/himcesjf) |
13:10.15 | *** join/#neo900 Kabouik (~kabouik@138.117.51.199) |
15:20.05 | Joerg-Neo900 | so enjoy my augmented ticket ;-) https://github.com/technonerdz/passwordsecurity.info/issues/6 |
15:55.14 | *** join/#neo900 clapont (~clapont@unaffiliated/clapont) |
16:34.28 | *** join/#neo900 Kabouik (~kabouik@138.117.51.199) |
16:51.45 | *** join/#neo900 Kabouik (~kabouik@138.117.51.199) |
17:16.24 | *** join/#neo900 _Chris_ (~Chris@p5DE1A6CD.dip0.t-ipconnect.de) |
17:46.51 | *** join/#neo900 xmn (~xmn@user-0cdft2n.cable.mindspring.com) |
17:57.21 | *** join/#neo900 xmn (~xmn@user-0cdft2n.cable.mindspring.com) |
18:30.27 | *** join/#neo900 xmn (~xmn@user-0cdft2n.cable.mindspring.com) |
19:14.45 | *** join/#neo900 clapont (~clapont@unaffiliated/clapont) |
19:22.14 | galiven_ | For bash at least, putting a space before the actual command won't log to ~./bash_history |
21:09.29 | *** join/#neo900 him-cesjf (~cesjf@unaffiliated/himcesjf) |
22:17.32 | *** join/#neo900 fling (~fling@fsf/member/fling) |
22:39.27 | *** join/#neo900 Pali (~pali@Maemo/community/contributor/Pali) |
22:41.42 | *** join/#neo900 pagurus (~user@i577B75AF.versanet.de) |
23:24.08 | *** join/#neo900 c4rc4s (~c4rc4s@unaffiliated/c4rc4s) |