Blackhash - Audit Passwords Without Hashes

Blackhash is a tool for restricted auditing of passwords, i.e. check for weak password digests in the system file without having access to the full digests. It works by building a Bloom filter from the system password digests.

Common Blackhash Usage:

The system manager extracts the password digests and then uses Blackhash to build the filter. The filter is saved to a file, then compressed and given to the audit team. The audit team maintains a set of dictionaries of weak passwords against which the password digests are to be tested.

Upon reception of the filter, the auditor simply checks for each entry of the dictionary, whether or not it is present in the filter. If weak passwords are found to be present in the filter, the security team creates a weak filter of these passwords and sends it back to the system manager.

Finally, the system manager tests the weak filter against the system digests to identify individual users with weak passwords.

What hash formats will Blackhash load? How do I extract password hashes?

The loader assumes it is reading a plain text file with each entry on a line by itself and will load hashes in these formats:

Hash
 User:Hash
 User:ID:LMHash:NTHash:Comment:Homedir: (This is the pwdump format as defined by Samba)

Blackhash does not extract password hashes. It just creates and tests filters. To extract password hashes, use any of the common, traditional password hash extraction tools that are freely available on the Internet. Of course, the tool you use will depend on the password store (Local SAM, Active Directory DB, etc.) that you are extracting. Some example hash extraction programs are pwdump, fgdump, NTDSXtract, etc.

What type of password hashes can be cracked with Blackhash?

Any simple, un-salted single-round password hash. Some common examples are LM, NT, MD5 and SHA1 hashes. Basically, Blackhash can crack any type of password hash that a Rainbow Table can. However, Blackhash provides more benefits to hashes that are subject to Pass the Hash attacks. Basically, those hashes are password equivalent and should be treated as if they were plain text passwords.

Blackhash would work with salted, multiple round hashes, but I have never used it on those. No modification needs to be made to the code to do that. The system manager would simply need to provide the salts and the number of rounds so that the security auditor could create weak test hashes using that information. The creation and testing of filters would not change.

What are the values used in the Bloom Filter? How many false positives?

The rate of false positives P should be roughly 0.0008 in the worst case.

The number of bits M = 67,108,864

The number of hashes N = 1,000,000 (it is typically much lower than this)

The number of hash functions K = 2 (The hash functions are MD4 and MD5)

Why not just dump the password hashes and send them to the security auditor?

That is the traditional method, however, some organizations have policies that prohibit that. They are not at liberty to send password hashes to third parties, even for the purpose of security audits. Or, they have internal security teams that are separate from production support teams and should not have access to production password hashes. Also, there's a great deal of risk associated with sending password hashes to others especially for hashes that are password equivalent (Pass the Hash attacks). In cases such as this, Blackhash may be useful.

Why the name "Blackhash"?

The name is taken from Black Box Testing. "A method of software testing that examines the functionality of an application without peering into its internal structures or workings." With Blackhash, a security auditor could test your Microsoft Active Directory hashes without having access to the hashes.

How can I tell what version of Blackhash I'm running?

Execute it without any arguments and it will display the version number.

What programming language is Blackhash written in? Will it run on my computer? May I download the source code?

Blackhash is written in C++. It uses the Boost and Crypto++ libraries. It can be built on most any modern desktop or server operating system (Windows, Mac, Linux, BSD systems, etc). Version 0.2 and later require a C++11 compiler and thus do not need boost. Blackhash is distributed under the GPL license and full source code is available.

Pros:

Password hashes never leave the system team.
Works with any simple, un-salted hash. LM, NT, MD5, SHA1, etc.
Security auditors do not have to transmit, handle or safeguard the password hashes.
Anonymizes the users. The filter contains no data about the users at all.