Re: Mainframe: RACF database file?

[Champ Clark III <cclark () quadrantsec com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Wow.. That's pretty awesome IMHO.  Years ago,  I worked with Jean-Loup
Gailly on getting JtR supported for OpenVMS SYSUAF.DAT password
cracking.  To be honest,  he did the hard work,  I supplied some
assistance with OpenVMS (via the public access OpenVMS Deathrow
cluster - http://deathow.vistech.net - shameless plug :)

I think it's very cool to see RACF databases supported in JtR.  It's
always interesting to "interesting" platforms get supported in JtR :)


Nice job!



On 3/16/12 11:52 AM, Main Framed wrote:
> No much interest in this but I wanted to make sure I completed what
> I started. Anyway I'm happy to announce that thanks to work done by
> folks over on the John the Ripper mailing list, RACF databases are
> now supported. A new plugin was added to JtR to support RACF DES
> hashes and a new tool (racf2john) was developed to pull the
> usernames and hashes out of a copy of the RACF database.
>
> For anyone curious the algorithm was obfuscating the key before
> putting it through DES. Basically each byte was XOR'd with 0x55 and
> bit shifted to the left by one bit (thanks goes to Nigel Pentland
> for figuring it out).
>
> On Sat, Mar 3, 2012 at 7:43 PM, Main Framed
> <mainframed767 () gmail com <mailto:mainframed767 () gmail com>> wrote:
>
> Good news everyone!
>
> Turns out it was because I had downloaded the file from FTP which 
> did the conversion from EBCDIC to ASCII. Instead I should've typed 
> 'binary' before downloading the file. Neophyte mistake. Because of 
> that I was able to find the example "hash" I included and from
> there find all the hashes. Next my other problem. I created an
> example account:
>
> UserID: TTTTTTTT Password: TESTTEST
>
> This creates a des hash (in hex) of:  42 4B 25 8A F8 B9 06 1B
>
> Unfortunately when I try to recreate the password using python (in 
> the interpreter) DES I get a different hex value:
>
> > > > from Crypto.Cipher import DES s = "TTTTTTTT" p = "TESTTEST" 
> > > > es = s.decode('ascii').encode('EBCDIC-CP-BE') ep =
> > > > p.decode('ascii').encode('EBCDIC-CP-BE') des =
> > > > DES.new(ep,DES.MODE_CBC) cipher = des.encrypt(es) cipher
> '\\t\x9bM\x05\x8dL\x8d'
>
> Which doesn't look to me to be the same hex values like I expected
> it to. What am I doing wrong?
>
>
>
>
>
>
> Date: Tue, 28 Feb 2012 08:21:59 -0800 From: Main Framed
> <mainframed767 () gmail com <mailto:mainframed767 () gmail com>> Subject:
> [Pauldotcom] Mainframe: RACF database file? To:
> pauldotcom () mail pauldotcom com 
> <mailto:pauldotcom () mail pauldotcom com>
>
>
>
> I've spent the last couple of days puling my hair out trying to do
> some testing against a test z/OS system I've got access to. Since
> this system is mine (it's a lab system) and I have access to it I'm
> trying to build some better tools to test mainframes.
>
> I've got two goals: 1) Extract the user IDs and password hashes
> from a copy of the database file. I'd prefer to do that using a
> copy of the file locally on my Linux machine. 2) Identify the
> hashing algorithm (it's apparently a one way DES hash)
>
> I've been mucking around for #1 but finding *any* information
> about this is extremely frustrating. Even finding out what kind of
> file structure it is is an act in frustration (I wasn't able to
> find out what kind of file it was all I know is it's not VSAM).
>
> I know tools already exist:
>
> I've tried CRACF http://www.nigelpentland.co.uk/racf/cracf.htm 
> <http://www.nigelpentland.co.uk/racf/cracf.htm>, (and his other
> tools) and they don't work in Windows XP. Running it in a DOS image
> I have it loads but doesn't detect any of the simple passwords
> I've set (one user is A with a password of A). He's also the
> creator of a tool called WEAKPASS or something like it which also
> didn't work. I assume thats because my version is newer than when
> these tools were written.
>
> There's also PWCHECK (
> http://www.goldisconsulting.com/OnePageG2.htm ) which is a program
> that runs on the mainframe. It doesn't extract the hashes (well,
> the debug mode might) but it basically runs on the mainframe. You
> need to install it to very privileged (APF datasets) areas. I 
> *could* try and use this to extract the hashes and user IDs but
> it's not free.
>
> There is a way called EXTRACT in RACROUTE 
> http://publib.boulder.ibm.com/infocenter/zos/v1r12/index.jsp?topic=%2Fcom.ibm.zos.r12.ichc600%2Fichzc6b039.htm.
It would require me writting some assembly, getting system
> privileges on a mainframe and running the macro,  but finding any
> information about it is difficult to understand for a mainframe
> neophyte such as myself.
>
> For #2 I think it's a one way DES hashing algorithm which takes the
> user ID, padded to 8 characters and uses the password as the salt,
> padded to 8 characters. From 
> http://2000clicks.com/links/Computers/IBMMainframeHistory/cracker.htm
> I was able to see what, potentially the hash would look like:
>
> Userd ID: IBMUSER Password: SYS1 Hashed Password: C585D307BD44E61F
>
> But this could be from an older version of RACF, it's unclear. IBM
> is pretty tight lipped about this. I know where, in the database,
> the password is stored: from 
> http://publib.boulder.ibm.com/infocenter/zos/v1r12/index.jsp?topic=%2Fcom.ibm.zos.r12.ichc600%2Frteut.htm
I
> know that in the user table(?) the password is the 12th field but
> other than that I am lost.
>
> I feel like I have all the pieces I need to be able to break this
> file apart but I need some guidance to look in the right places.
> Strings shows me the user IDs (plus lots of other stuff) but the
> hashes aren't stored in plaintext in the database. Same with a HEX
> editor.
>
> I'm wondering if anyone on the list has any experience with the 
> mainframe and working with this file specifically. Or even on where
> to start looking would be a nice start.
>
> I've also joined the RACF-L mailing list but there aren't very
> forthcoming with information about breaking apart their flagship 
> security database.
>
>
>
>
> _______________________________________________ Pauldotcom mailing
> list Pauldotcom () mail pauldotcom com 
> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main
> Web Site: http://pauldotcom.com


- -- 
- - Champ Clark III (cclark () quadrantsec com)
  Quadrant Information Security (http://quadrantsec.com)
  Key Fingerprint: 2E56 C2EB 1B25 C517 D5BA 2DCF 5E70 B2F8 0381 878A
  GPG Key ID: 0381878A
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.17 (Darwin)
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQEcBAEBAgAGBQJPY3/UAAoJENnmXt7Lmc3KerAIAILQOvd9RhQ6tTXF4Oz8qjkq
8RgGp+YGsizQQh/hzYBY4e+kYirJl3dlK78ztsX4+Bj7buWUqCgHGTL2s8aTCw8X
co2pB20UbseiqbVomztd6hqle7DJKsNt6WcepQEVrBWPbngoEWAlic1QOYoZILI+
7JXx7ivL+Rwgg3ov0Z6EsXonMp47DgBPJCVb9UvqTelstgXzYlpAy0hyx7Ivh1pJ
kQex32qEFXf/dFOA0J1s4M8naugi9GsF79xt2YLXFXIPYXXRL/CPgUuUO82ZHIvh
gpshzp5WS3/SfN1wE/y/M7U/eNoeQj/a0uvh87bK4pun6rNHwkOXojJSZK3G1z4=
=m7ng
-----END PGP SIGNATURE-----
_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com