-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathThesis.tex
168 lines (135 loc) · 4.35 KB
/
Thesis.tex
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
%\input{config.tex}
\documentclass[11pt, a4paper]{article}
\usepackage[utf8]{inputenc}
\usepackage[T1]{fontenc}
\usepackage{lmodern}
\usepackage[singlespacing]{setspace}
\usepackage{parskip}
\usepackage{graphicx}
\usepackage[activate={true,nocompatibility},final,tracking=true,kerning=true,spacing=true,factor=1100,stretch=10,shrink=10]{microtype}
\widowpenalty = 10000
\clubpenalty = 10000
\interfootnotelinepenalty = 10000
\pagenumbering{Roman}
\title{Password Attacks}
\author{Paul-Louis Pröve}
\begin{document}
\begin{titlepage}
\centering
\includegraphics[width=0.4\textwidth]{fhw.png}\par
\vspace{1cm}
{\scshape\Large Seminar IT-Security\par}
\vspace{2cm}
{\bfseries\Huge Password Attacks\par}
\vspace{2cm}
{\itshape\Large Paul-Louis Pröve\par}
\vfill
supervised by\par
Prof. Dr. Gerd Beuster\par
\vspace{1cm}
Hamburg,\par \today\par
\end{titlepage}
\tableofcontents
\newpage
%\listoffigures
%\newpage
\pagenumbering{arabic}
\input{intro.tex}
\input{types.tex}
\input{entropy.tex}
\input{bruteforce.tex}
\input{patterns.tex}
\input{lists.tex}
\input{personal.tex}
\input{summary.tex}
\begin{thebibliography}{99}
\bibitem{pentesting}
Georgia Weidman.
\textit{Penetration Testing: A Hands-On Introduction to Hacking}.
No Starch Press, 1st Edition, 2014
\bibitem{hydra}
THC Hydra - Tool for Online Password Attacks
\\\texttt{https://github.com/vanhauser-thc/thc-hydra}.
Accessed 20 Feb. 2017.
\bibitem{sshmanpages}
Manpagez - SSH daemon configuration file
\\\texttt{http://www.manpagez.com/man/5/sshd\_config/}.
Accessed 20 Feb. 2017.
\bibitem{hashes}
M. Naor.
\textit{Universal one-way hash functions and their cryptographic applications}.
ACM New York, NY, USA, 1989
\bibitem{gpu}
Martijn Sprengers.
\textit{Speeding up GPU-based password cracking}.
\\\texttt{http://2012.sharcs.org/slides/sprengers.pdf}.
Accessed 20 Feb. 2017.
\bibitem{anders}
Jeremiah Blocki, Anirudh Sridhar.
\textit{Client-CASH: Protecting Master Passwords against Offline Attacks}.
ASIA CCS 2016, 10.1145/2897845.2897876
\bibitem{passwordquality}
Wanli Ma, John Campbell, Dat Tran, Dale Kleeman.
\textit{Password Entropy and Password Quality}.
2010 Fourth International Conference on Network and System Security, DOI 10.1109/NSS.2010.18.
\bibitem{passwordstrength}
Cyber Security Tip ST04-002.
\textit{Choosing and Protecting Passwords}.
US CERT. Retrieved June 20, 2009
\bibitem{webernetz}
Johannes Weber.
\textit{Password Strength/Entropy: Characters vs. Words}.
\\\texttt{https://blog.webernetz.net/2013/07/30/ password-strengthentropy-characters-vs-words/}.
Accessed 20 Feb. 2017.
\bibitem{brutalis}
Sagitta Brutalis.
\textit{8x NVidia GTX 1080 Hashcat Benchmarks}.
\\\texttt{https://gist.github.com/epixoip/a83d38f412b4737e99bbef804a270c40}.
Accessed 20 Feb. 2017.
\bibitem{seclist}
Daniel Miessler.
\textit{SecList: 10 Million Password List - Top 1 Million}.
\\\texttt{https://github.com/danielmiessler/SecLists/blob/master/ Passwords/10\_million\_password\_list\_top\_1000000.txt}.
Accessed 20 Feb. 2017.
\bibitem{rockyou}
Daniel Miessler.
\textit{SecList: RockYou List}.
\\\texttt{https://github.com/danielmiessler/SecLists/blob/master/
Passwords/rockyou.txt.tar.gz}.
Accessed 20 Feb. 2017.
\bibitem{korelogic}
Hank Leininger, KoreLogic.
\textit{Password Topology Histogram Wear-Leveling}.
\\\texttt{https://www.korelogic.com/Resources/Presentations/
bsidesavl\_pathwell\_2014-06.pdf}.
Accessed 20 Feb. 2017.
\bibitem{zxcvbn}
Dan Wheeler, Dropbox.
\textit{Zxcvbn - A realistic password strength estimator}.
\\\texttt{https://github.com/dropbox/zxcvbn}.
Accessed 20 Feb. 2017.
\bibitem{commonwords}
Josh Kaufman.
\textit{Google 10000 most common english words}.
\\\texttt{https://github.com/first20hours/google-10000-english}.
Accessed 20 Feb. 2017.
\bibitem{unmasked}
wpengine.
\textit{Unmasked: What 10 million passwords reveal about the people who choose them}.
\\\texttt{http://wpengine.com/unmasked/}.
Accessed 20 Feb. 2017.
\bibitem{cupp}
Mebus.
\textit{CUPP: Common User Passwords Profiler}.
\\\texttt{https://github.com/Mebus/cupp}.
Accessed 20 Feb. 2017.
\bibitem{dictionary}
Oxford Dictionaries
\textit{How many words are there in the English language?}
\\\texttt{https://en.oxforddictionaries.com/explore/
how-many-words-are-there-in-the-english-language}.
Accessed 20 Feb. 2017.
\end{thebibliography}
\end{document}