CS166 / CS 162

Computer Systems Security

Demos

Demo

Date

Password Cracking1/14/2016

This is a demo of password cracking using pre-computed rainbow tables on Windows XP.

Setup

In order to set up the demo, perform the following steps on a Windows XP machine or VM.

Set up the keylogger

  1. Install Family Keylogger
  2. Go to Start -> All Programs -> Family-Keylogger 5 -> Family-Keylogger
  3. A keyboard icon should appear in on the right-hand side of the bottom bar.

Set up user accounts

  1. Go to Start -> Control Panel -> User Accounts
  2. Create any number of accounts with passwords. The type of the accounts doesn’t matter.

Password Recovery

Cracking with Ophcrack

  1. Install Ophcrack
  2. Open Ophcrack from the desktop
  3. Go to Load -> Local SAM with pwdump 6 (this loads all of the local users’ password hashes)
  4. Click “crack”

Reading the keylogger file

  1. If the keyboard icon isn’t present on the right-hand side of the bottom bar, press CTRL + SHIFT + ALT + F to make it appear
  2. Right click the icon and select “view log”
Biased Stream Cipher2/3/2016

This demo is a small program which will encrypt an image by generating a stream of pseudorandom pixels, and adding it to the image to obtain a ciphertext. You can set the bias of the pseudorandom number generator (PRNG) used to produce this stream using the slider bar. Download the script: stream.py

You can invoke the script like this: ./stream.py [--pre-cache] <jpeg>

Note that this program only works for JPEGs, and the encryption is very slow. Use it only on small images. The –pre-cache flag tells the program to first compute all of the encrypted images it will display before showing the UI so that the UI is more responsive once it loads.

NOTE: You will need to install scipy, numpy, and PIL. If you have the pip installer for Python, you can install these as follows (note that you may need to install these as root (i.e., using sudo)):

pip install scipy pip install numpy pip install PIL

Dropbox Server2/19/2016

This demo is a simple dropbox service which is very vulnerable. There’s a live version of the server running at dropbox.foouniversity.com:1234.

The source of the demo consists of two files, main.go and user.go.