Thanks for getting the momentum going on this and following up. -John
On Fri, Mar 16, 2012 at 11:52 AM, Main Framed <[email protected]>wrote: > No much interest in this but I wanted to make sure I completed what I > started. Anyway I'm happy to announce that thanks to work done by folks > over on the John the Ripper mailing list, RACF databases are now supported. > A new plugin was added to JtR to support RACF DES hashes and a new tool > (racf2john) was developed to pull the usernames and hashes out of a copy of > the RACF database. > > For anyone curious the algorithm was obfuscating the key before putting it > through DES. Basically each byte was XOR'd with 0x55 and bit shifted to the > left by one bit (thanks goes to Nigel Pentland for figuring it out). > > > On Sat, Mar 3, 2012 at 7:43 PM, Main Framed <[email protected]>wrote: > >> Good news everyone! >> >> Turns out it was because I had downloaded the file from FTP which did the >> conversion from EBCDIC to ASCII. Instead I should've typed 'binary' before >> downloading the file. Neophyte mistake. Because of that I was able to find >> the example "hash" I included and from there find all the hashes. Next my >> other problem. I created an example account: >> >> UserID: TTTTTTTT >> Password: TESTTEST >> >> This creates a des hash (in hex) of: 42 4B 25 8A F8 B9 06 1B >> >> Unfortunately when I try to recreate the password using python (in the >> interpreter) DES I get a different hex value: >> >> >>> from Crypto.Cipher import DES >> >>> s = "TTTTTTTT" >> >>> p = "TESTTEST" >> >>> es = s.decode('ascii').encode('EBCDIC-CP-BE') >> >>> ep = p.decode('ascii').encode('EBCDIC-CP-BE') >> >>> des = DES.new(ep,DES.MODE_CBC) >> >>> cipher = des.encrypt(es) >> >>> cipher >> '\\t\x9bM\x05\x8dL\x8d' >> >> Which doesn't look to me to be the same hex values like I expected it to. >> What am I doing wrong? >> >> >> >> >> >> >> Date: Tue, 28 Feb 2012 08:21:59 -0800 >> From: Main Framed <[email protected]> >> Subject: [Pauldotcom] Mainframe: RACF database file? >> To: [email protected] >> >> >> >> I've spent the last couple of days puling my hair out trying to do some >> testing against a test z/OS system I've got access to. Since this system >> is >> mine (it's a lab system) and I have access to it I'm trying to build some >> better tools to test mainframes. >> >> I've got two goals: >> 1) Extract the user IDs and password hashes from a copy of the database >> file. I'd prefer to do that using a copy of the file locally on my Linux >> machine. >> 2) Identify the hashing algorithm (it's apparently a one way DES hash) >> >> I've been mucking around for #1 but finding *any* information about this >> is >> extremely frustrating. Even finding out what kind of file structure it is >> is an act in frustration (I wasn't able to find out what kind of file it >> was all I know is it's not VSAM). >> >> I know tools already exist: >> >> I've tried CRACF http://www.nigelpentland.co.uk/racf/cracf.htm, (and his >> other tools) and they don't work in Windows XP. Running it in a DOS image >> I >> have it loads but doesn't detect any of the simple passwords I've set (one >> user is A with a password of A). He's also the creator of a tool called >> WEAKPASS or something like it which also didn't work. I assume thats >> because my version is newer than when these tools were written. >> >> There's also PWCHECK ( http://www.goldisconsulting.com/OnePageG2.htm ) >> which is a program that runs on the mainframe. It doesn't extract the >> hashes (well, the debug mode might) but it basically runs on the >> mainframe. >> You need to install it to very privileged (APF datasets) areas. I *could* >> try and use this to extract the hashes and user IDs but it's not free. >> >> There is a way called EXTRACT in RACROUTE >> >> http://publib.boulder.ibm.com/infocenter/zos/v1r12/index.jsp?topic=%2Fcom.ibm.zos.r12.ichc600%2Fichzc6b039.htm >> . >> It would require me writting some assembly, getting system privileges on a >> mainframe and running the macro, but finding any information about it is >> difficult to understand for a mainframe neophyte such as myself. >> >> For #2 I think it's a one way DES hashing algorithm which takes the user >> ID, padded to 8 characters and uses the password as the salt, padded to >> 8 characters. From >> http://2000clicks.com/links/Computers/IBMMainframeHistory/cracker.htm I >> was >> able to see what, potentially the hash would look like: >> >> Userd ID: IBMUSER >> Password: SYS1 >> Hashed Password: C585D307BD44E61F >> >> But this could be from an older version of RACF, it's unclear. IBM is >> pretty tight lipped about this. I know where, in the database, the >> password >> is stored: from >> >> http://publib.boulder.ibm.com/infocenter/zos/v1r12/index.jsp?topic=%2Fcom.ibm.zos.r12.ichc600%2Frteut.htm >> I >> know that in the user table(?) the password is the 12th field but other >> than that I am lost. >> >> I feel like I have all the pieces I need to be able to break this file >> apart but I need some guidance to look in the right places. Strings shows >> me the user IDs (plus lots of other stuff) but the hashes aren't stored in >> plaintext in the database. Same with a HEX editor. >> >> I'm wondering if anyone on the list has any experience with the mainframe >> and working with this file specifically. Or even on where to start looking >> would be a nice start. >> >> I've also joined the RACF-L mailing list but there aren't >> very forthcoming with information about breaking apart their flagship >> security database. >> > > > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com >
_______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
