Shmoocon Stratfor Password Analysis

Chris Truncer presenting at Shmoocon with an interesting analysis of the Stratfor password dump. When Strategic Forecasting Inc (Stratfor) was hacked, the Hacktivist group Anonymous released hundreds of thousands of user’s accounts, including user names, credit card numbers and hashed versions of the user’s passwords.

At the recent Shmoocon security conference, (Video above) Chris Truncer presented a short analysis on this password dump. Using oclhashcat-plus Chris was able to decode about 70% of the password hashes that were publicly released. He then analyzed the cracked passwords with the password analysis program Pipal, which searches password lists and returns several statistics, like most used passwords and character use percentages.

Though the top ten passwords used didn’t seem to match the top passwords from last year, it is interesting to note that when users received a password from Stratfor, apparently many never changed it, or worse, many changed it to something less secure.

Intro to Bro Network Security Monitor

Great impromptu intro video to the Bro Security Network Analysis Framework at Shmoocon by one of my favorite security authors/ speakers Richard Bejtlich.

Bro is an amazing tool that gives you a great summary of what is going on in your network. It creates text log files of connections, protocols, communications, and whatever else it sees on the wire. Check it out, this is good stuff. And I know I have been on a Security Onion kick again, but guess what? It comes installed by default in the open-source Security Onion IDS .

Just surf to your nsm/bro/ directory and check out all the log information created for you.

Security Conference “ShmooCon 2011” January 28-30th

Check out the annual hacker convention ShmooCon 2011, this January 28th through 30th.

ShmooCon is an annual east coast hacker convention hell-bent on offering three days of an interesting atmosphere for demonstrating technology exploitation, inventive software and hardware solutions, and open discussions of critical infosec issues.  The first day is a single track of speed talks called One Track Mind.  The next two days bring three tracks:  Build It, Break It and Bring It On.

Scheduled events include:

  • Barcodes Shmarcodes
  • Ghost in the Shellcode
  • Lockpick Village
  • ShmooCon Labs
  • Firetalks 

Adrian Crenshaw (aka Irongeek) mentioned in a tweet today that he might have the ShmooCon Firetalks available live on his site.

FireTalks are 15-minute presentations meant to be an alternative to longer traditional session formats. Similar to 5-minute lightening talks the purpose is to skip the background material and make a point by explaining it as quick as possible. The FireTalks will take place Friday and Saturday nights starting at 8:00 PM. Come enjoy both up in coming infosec leaders as well as seasoned speakers challenge the 15-minute format in an relaxed alternative conference environment.

And just in case you weren’t able to get a ticket (Come on they were available for 5 minutes!), the track streams will be available at Ustream.

Check it out!