The 2007 Finnish password leak revisited

[Image: Excerpt from a leaked password file with a message from hackers in Finnish, rendered to resemble an early IBM PC terminal display.]

In 2007, Swedish hackers ZeroPoint and the Magical Pink Bear a Finnish skript kiddie released 78,000 hashed Finnish forum passwords. Now that some time has safely passed, let's try and see how many of them can be easily reversed into cleartext passwords.

MD5

The MD5 section of the document contains 25,824 hashes, most of them unsalted (except for 3,000 in the middle) and with usernames and email addresses included. Because they're salt-free, we can directly attack the list with a ridiculously large precomputed hash dictionary containing multiple languages, password lists recovered by other groups, and generated concatenations of words and numbers.

Using Stephen C. Losen's sgrep utility, it took my 800 MHz ThinkPad and Perl just a few minutes to compare every single hash to three gigabytes of dictionaries, stored on old-skool spinning disk media. More than 50 % of the passwords were found in the dictionary.

Next, I examined some of the remaining hashes using a (relatively small) MD5 rainbow table covering all possible 1..8-character combinations of lowercase ASCII letters and digits (of which there are roughly 368 ≈ 2.8×1012 in total). This method is much slower than a dictionary attack, so I only took the first 32 hashes for demonstration. 23 cleartext passwords were recovered, that is 72 %, in the 20 minutes it took me to get an energy drink from the 24/7 corner store. (Enough numbers yet?)

[Image: An SD card labeled with rainbow colors, held between fingers with pink nail polish. On the background, a computer screen with terminal text, showing e.g. the password 'Z10N0101' and the IP address '10.2.2.2'.]

The two most common individual passwords in the MD5 set were, unsurprisingly, "salasana" (Finnish for "password") and "123456". Together they accounted for about 0.6 % of all hashes.

SHA1

The SHA1 section contains both unsalted and salted hashes. Out of the 409 unsalted ones, a dictionary search reversed 239 (58 %) in a couple of seconds. "Salasana" was a favorite again. The rest are salted with a lowercase version of the username; even though we know the salt, there's no way around brute-forcing through dictionaries, which is painfully slow.

But in case the password is in a dictionary, even a salted hash can be reversed in minutes.

About dictionaries

Note that the dictionaries used by password crackers are not plain language dictionaries in the common sense. They contain millions of words, some of which are real words yet others seemingly random strings. As soon as your password is leaked in cleartext through any site, it becomes a dictionary word, no matter how weak or strong it was.

If you've used the same password on many sites for some years, chances are it has found its way into dictionaries and is now equivalent to using "swordfish" as a password.

All right, time to change my passwords now.

The flyback sonar

[Image: Close-up photo of a PCB with various components, including three potentiometers and a black bulky device labeled 'MONITRONICS INC TAIWAN'.]

One of the sounds of my childhood was the 15.6 kHz noise of the vibrating television flyback transformer, caused by a phenomenon known as magnetostriction. It has since disappeared – not because I grew old enough not to hear it (phew, not yet), but because cathode ray tubes have been replaced by modern display technologies that don't use magnetic deflection coils.

The piercing, ubiquitous sound would easily reveal if someone had a TV on in the house. It would also change a little when channels were changed. But due to its short wavelength, it would also reveal when someone was moving around in the room the TV was in. This was apparent as a modulation that could even be heard through a closed door and in another floor. Listening to it was much like using a passive sonar.

Now, inspired by some people at the University of Washington and Microsoft Research, I decided to investigate what the modulation was actually about.

Faking it a little

To get a stable tone at the flyback transformer, the TV apparently has to be tuned to a channel. This poses a problem: all analogue TV broadcasts in this country were discontinued in 2007. I can use my RF modulator to generate a TV channel, which stabilizes the sound. But it's still quite weak for scientific purposes, coming from such a tiny portable TV.

So I ended up sampling the sound and then using a digitally generated version, after confirming that it is indeed a pure sinusoid. I'll play the sound through the speakers and use the laptop's microphone to record the soundscape in the room. Of course, this is different from the setup where the moving person is between the sound source and the listener; but nevertheless, it should give us some insight.

It's a Doppler shift!

Blocking the sound source obviously modulates the signal amplitude to some extent. But turns out even a slight movement anywhere in the room causes noticeable frequency modulation in the echoed tone. This is obviously due to Doppler shift, since the sign of the shift correlates with the direction of the movement in respect to the laptop.

In this video, the zero shift frequency has been filtered out of the spectrogram.

Another childhood mystery settled.

Reader challenge: Obfuscated messages

I'm under the impression that some people are actually reading this blog. So, for the amusement of my readers, here are some little puzzles to be solved.

Send your solutions to windyoona at gmail dot com and I'll post your name or handle under the puzzle(s) you solved!

The challenge is over now. For more problems like this, take a look at Oona's puzzle corner in PoC||GTFO 0x09.

. Almost trivial

"Wjd bwpq qbkr pgwcj qby Ewiiyouknf?
Nkhy qk hx wohp, hx iywhcpb ikx!
K towiekrp dwx! Nwggkkb! Nwggwx!"
By nbkoqgyd cj bcp ekx.

'Quwp iocggca, wjd qby pgcqbx qksyp
Dcd axoy wjd achigy cj qby uwiy;
Wgg hchpx uyoy qby ikokaksyp,
Wjd qby hkhy owqbp krqaowiy.

II. Shouldn't be very hard either

III. Might take some effort

[Image: A seemingly random pattern of black and white pixels, around a hundred thousand pixels in total, with a horizontal cut in the middle.]

IV. NSA-grade

UGYPY PCTLX ISRLF OCWZG LDAXN DMAPS LFHYR ZQFWD UGWBO ZPQUG YPYPS FRGYE PDXLD YGSYQ
DBXPQ PDPTW IGSGB PCTCD TWRFD LYCPS DFEOR ZOZPQ PGDAQ CTAGS YQDBX BSQPW SPZOB WNEWD
UGWBO GDHFZ WTUHV UBPEW WQNYF BLBAG OFESD BDYSA WSXPR ZRZWT SIFRN DELDL YRBWI RPWSP
ZOLXW PZPMD OZPQN HWQYG EWFLP WRFRD RLFNW VPBFO GWPQW UYPFI UGFEG BPDZW SAUGG WOTTR
YLSOZ RWTUB WKRLU GPSOU GBUWF GLBXL OZTWO ULBWC PYGRT RLCWE UGYHN DPVDP NDHMD ZDFZS
FMPDC DYRLB GBNLN DERDF ZUCDE LLEGP OQWUE GWUWZ POCXC DSASF AQVIX OISAR RHADG PEGFO
EOLXF ATHLD FRESS GUGXA DPWCU WXCGE DYOZP QDACF MHWBY QINRD GEGDF WOSFL FLCFP LLXIN
UGLOG WWUXI XBOZP QURPW SPWAF OCWLD XOGTX ENDEO DMRTQ GNDHM WUZUR LGFYQ WTUPA DFOGB
XEMDM GPSAX GBYCN UFALD AXASX PNDBK FRHIV AEODX DBILY HRFME INUGL OFBXW WHDNZ WZFWT
UPYPL BEWAG RFTEA VMDUG FRGBR BSACW ALTLC WILFB GDFWO QLXBK LEWUE GWUZU XMARW QDCPY
ELOZP QPBZS PTOZB ELBAG QZLXF ZUWEZ ABDYH YHDWG SDOZP QUGCD FBAZD CRZOP BMYPG WZUDP
ADFOE GGSOZ NDEQL EBHRL OZPQB HLRDB XCFOR BKQSA IXOZA WPTRE GBXCE BZPLE PBLZG SXLOB
NDUGC WBCXH DRAXA TVIYR WTSIA XZUPB ORTBN DXWEW DYFMD BERWU ZURLG FDIGP NIFOZ RPSDX
WZPOL DCDTA HDHSL ECBER IMEWC FDLDN IKYPZ OYHAR DCSAU GFLPO VALRF COEXA YLFLC FSOSA
UGFCL RHWCW QPHDE FOZPQ FOEWA XFFAV NUBLY PEMBW PLEWC FDLDC ZUOEP SYNWC SDCWI LBLEW
BEPBC XLEXO BIHSM PFIHI DQCTL RDRND MOSGA RAZLB GSOZC BEZEM NDKAF OFRSA UGLEF WOZPQ
LBQPN DXAWR TPUZW TLFUG LRWUZ URLGP ZPBDI KBCWU LEFIP BGFDY PBZML RDRTA CFMHW BYQCW
YNQSP OHYRF WXTOT GDYRF DLPBG FWGDC EOMDW EXAOZ PQUGC DLBOE YPLEP BPMGW INUGB AGEPT
PDPMW TFNWV PBETC WYILE SPXCG AFWOZ PQLBO FELEO HDUZX GFLCW OFNYF NWVPB OBOZP QNYWQ
NYFBW SVHDC IGYHO ZPQWS VXFCL DCDCD XAOXB WDNWK BELRF CPDZW VITBA GXLPY XLRHD BYRWT
OBDYA SOXLB XLOZS AUGAD FWGPL FDPFE WULEW TUGFL UGBLT CPDPT RFURG RWUOF DYXOB IHSMP
SALBQ EXHBR PWSPZ OWTOU

Update: Explanations are in another post, so this is kind of closed.

Scoreboard

IIIIIIIV
Alpak HD
Ben
Claude Vaillancourt
Denis Liliom
Hans Van Ingelgom
inquisitas
JasonD
Karim
Ken Arthur
Liwei
Miguel Lechón
Nicolas Vanderavero
Ole Andre Noss
Shaun Hey
Stefano
Steve Pordon
Tim James
Zac Watts