[ale] unusual request: password hacking

Vernard Martin vernard at venger.net
Tue May 15 09:20:18 EDT 2007 

I need to do some security tests on my cluster network. Traditionally, I 
have used "crack" in the past and had great success with it. However, we 
have moved away from NIS+ to LDAP and I no longer easily have access to 
an /etc/passwd. In the interest of saving myself some time, I was 
wondering if the ALE groups at large could help.

And before it is asked, no, hiring a Security expert to help with this 
is NOT an option at this phase. No matter how reasonable or cost 
effective that might be.

My current plan is to use ldapsearch to generate a list of accounts for 
me. Then use the program "thc-hydra" to do the actual "attacking". 
Before it is asked, the attacks are against my own workstation that is 
using LDAP and I have authorization to perform the tests. :-)

So I figured first, I'd get "thc-hydra" up and running.  I had to 
download and install libssh-0.11 (not 0.2 though) and of course, 
thc-hydra. They both compile and install.  That is when the fun started.

Problems I have run into:
1) Generating a list of accounts. I think that ldapsearch can do this 
but I've never used it before.
2) Getting thc-hydra to copmile with libssh 0.11. Apparently libssh only 
generates libssh.0 and hydra can't seem to find it when it is compiled. 
a "ldd hydra" returns
 libssl.so.4 => /lib/libssl.so.4 (0x00d55000)
        libssh.so => not found
        libcrypto.so.4 => /lib/libcrypto.so.4 (0x003b7000)
        libc.so.6 => /lib/tls/libc.so.6 (0x00601000)
        /lib/ld-linux.so.2 (0x005e3000)
        libgssapi_krb5.so.2 => /usr/lib/libgssapi_krb5.so.2 (0x00d19000)
        libkrb5.so.3 => /usr/lib/libkrb5.so.3 (0x00cac000)
        libcom_err.so.2 => /lib/libcom_err.so.2 (0x00c84000)
        libk5crypto.so.3 => /usr/lib/libk5crypto.so.3 (0x00c89000)
        libresolv.so.2 => /lib/libresolv.so.2 (0x0097f000)
        libdl.so.2 => /lib/libdl.so.2 (0x00754000)
        libz.so.1 => /usr/lib/libz.so.1 (0x0075a000)
So I'm pretty sure that its some strangeness with the linker.

hydra compiles and links but won't execute anything involving SSH. As 
the above text shows. It can't seem to find the SSH library. Grrr.

Any help you can give would greatly appreciated. I suspect I can figure 
this out myself given enough time but that is just something I don't 
have a lot of right now :-)

Vernard

More information about the Ale mailing list