Elliott C. Back: In Aere Aedificare

Jim Emerson, critic of film, writes that his list of movies forms a basic curriculum of film:

They’re the common cultural currency of our time, the basic cinematic texts that everyone should know, at minimum, to be somewhat “movie-literate.” I remember I tried to represent key examples of all important genres, movie stars, directors, historical movements, and so on — like an overview of the 20th century in 101 movies.

As if that wasn’t snooty enough, eh? Well, here’s the list, which thanks to Jason Kottke is turning into a meme. I’ve bolded the movies I’ve seen:

“2001: A Space Odyssey” (1968) Stanley Kubrick
“The 400 Blows” (1959) Francois Truffaut
“8 1/2″ (1963) Federico Fellini
“Aguirre, the Wrath of God” (1972) Werner Herzog
“Alien” (1979) Ridley Scott
“All About Eve” (1950) Joseph L. Mankiewicz
“Annie Hall” (1977) Woody Allen
“Apocalypse Now” (1979) Francis Ford Coppola
“Bambi” (1942) Disney
“The Battleship Potemkin” (1925) Sergei Eisenstein
“The Best Years of Our Lives” (1946) William Wyler
“The Big Red One” (1980) Samuel Fuller
“The Bicycle Thief” (1949) Vittorio De Sica
“The Big Sleep” (1946) Howard Hawks
“Blade Runner” (1982) Ridley Scott
“Blowup” (1966) Michelangelo Antonioni
“Blue Velvet” (1986) David Lynch
“Bonnie and Clyde” (1967) Arthur Penn
“Breathless” (1959) Jean-Luc Godard
“Bringing Up Baby” (1938) Howard Hawks
“Carrie” (1975) Brian DePalma
“Casablanca” (1942) Michael Curtiz
“Un Chien Andalou” (1928) Luis Bunuel & Salvador Dali
“Children of Paradise” / “Les Enfants du Paradis” (1945) Marcel Carne
“Chinatown” (1974) Roman Polanski
“Citizen Kane” (1941) Orson Welles
“A Clockwork Orange” (1971) Stanley Kubrick
“The Crying Game” (1992) Neil Jordan
“The Day the Earth Stood Still” (1951) Robert Wise
“Days of Heaven” (1978) Terence Malick
“Dirty Harry” (1971) Don Siegel
“The Discreet Charm of the Bourgeoisie” (1972) Luis Bunuel
“Do the Right Thing” (1989 Spike Lee
“La Dolce Vita” (1960) Federico Fellini
“Double Indemnity” (1944) Billy Wilder
“Dr. Strangelove” (1964) Stanley Kubrick
“Duck Soup” (1933) Leo McCarey
“E.T. — The Extra-Terrestrial” (1982) Steven Spielberg
“Easy Rider” (1969) Dennis Hopper
“The Empire Strikes Back” (1980) Irvin Kershner
“The Exorcist” (1973) William Friedkin
“Fargo” (1995) Joel & Ethan Coen
“Fight Club” (1999) David Fincher
“Frankenstein” (1931) James Whale
“The General” (1927) Buster Keaton & Clyde Bruckman
“The Godfather,” “The Godfather, Part II” (1972, 1974) Francis Ford Coppola
“Gone With the Wind” (1939) Victor Fleming
“GoodFellas” (1990) Martin Scorsese
“The Graduate” (1967) Mike Nichols
“Halloween” (1978) John Carpenter
“A Hard Day’s Night” (1964) Richard Lester
“Intolerance” (1916) D.W. Griffith
“It’s a Gift” (1934) Norman Z. McLeod
“It’s a Wonderful Life” (1946) Frank Capra
“Jaws” (1975) Steven Spielberg
“The Lady Eve” (1941) Preston Sturges
“Lawrence of Arabia” (1962) David Lean
“M” (1931) Fritz Lang
“Mad Max 2″ / “The Road Warrior” (1981) George Miller
“The Maltese Falcon” (1941) John Huston
“The Manchurian Candidate” (1962) John Frankenheimer
“Metropolis” (1926) Fritz Lang
“Modern Times” (1936) Charles Chaplin
“Monty Python and the Holy Grail” (1975) Terry Jones & Terry Gilliam
“Nashville” (1975) Robert Altman
“The Night of the Hunter” (1955) Charles Laughton
“Night of the Living Dead” (1968) George Romero
“North by Northwest” (1959) Alfred Hitchcock
“Nosferatu” (1922) F.W. Murnau
“On the Waterfront” (1954) Elia Kazan
“Once Upon a Time in the West” (1968) Sergio Leone
“Out of the Past” (1947) Jacques Tournier
“Persona” (1966) Ingmar Bergman
“Pink Flamingos” (1972) John Waters
“Psycho” (1960) Alfred Hitchcock
“Pulp Fiction” (1994) Quentin Tarantino
“Rashomon” (1950) Akira Kurosawa
“Rear Window” (1954) Alfred Hitchcock
“Rebel Without a Cause” (1955) Nicholas Ray
“Red River” (1948) Howard Hawks
“Repulsion” (1965) Roman Polanski
“The Rules of the Game” (1939) Jean Renoir
“Scarface” (1932) Howard Hawks
“The Scarlet Empress” (1934) Josef von Sternberg
“Schindler’s List” (1993) Steven Spielberg
“The Searchers” (1956) John Ford
“The Seven Samurai” (1954) Akira Kurosawa
“Singin’ in the Rain” (1952) Stanley Donen & Gene Kelly
“Some Like It Hot” (1959) Billy Wilder
“A Star Is Born” (1954) George Cukor
“A Streetcar Named Desire” (1951) Elia Kazan
“Sunset Boulevard” (1950) Billy Wilder
“Taxi Driver” (1976) Martin Scorsese
“The Third Man” (1949) Carol Reed
“Tokyo Story” (1953) Yasujiro Ozu
“Touch of Evil” (1958) Orson Welles
“The Treasure of the Sierra Madre” (1948) John Huston
“Trouble in Paradise” (1932) Ernst Lubitsch
“Vertigo” (1958) Alfred Hitchcock
“West Side Story” (1961) Jerome Robbins/Robert Wise
“The Wild Bunch” (1969) Sam Peckinpah
“The Wizard of Oz” (1939) Victor Fleming

I have to question the authority of a list like this, however. Covering movies from 1916 to 1999 ignores the last 7 years of film, which have included such classics as LOTR, City of God, Memento, Sin City, and even Kill Bill. Also, it seems like Jim Emerson is trying to hard for statistical relevance by choosing so many older movies. Statistically, to be fair, he should choose movies with an average production date of 1958; his ends up being 1959, as if for each movie in the 70s he picked one in the 40s.

It’s the 20th year anniversary of the worst nuclear accident in the history of mankind. Pray the concrete sarcophagus holds, and the years of rain and animal infestation have not torn it completely away, as some speculate.

This is a guide for cracking passwords in Windows under XP, 2000, 98, and 95, all of which use roughly the same architecture. As you know, passwords are stored in windows in a weak hash form, the first kind of which is called the LM (Lan Manager) Hash. Passwords longer than 7 characters are broken up into 7-character chunks, made uppercase, and then hashed with DES. This means there are only about 2³⁷ 8-bit hashes instead of 2⁸³ 16-bit hashes; a good thing for an attacker looking to break a password.

The tool we’ll be using is called Ophcrack, an open-source password cracker. The technology it uses to break Windows passwords is called “rainbow tables” and was described by Philippe Oechslin in Making a Faster Cryptanalytic Time-Memory Trade-Off. A rough way to describe this technique is to say that tables of possible hashes are precomputed so that you can iteratively compare the windows hashes to precomputed bits and piece together the hash and its value more quickly than brute-force guessing.

Please note that federal law prohibits the possession of unauthorized access codes to computer systems. If you want to try cracking passwords, please obtain hashes from your own machine, or use the example hashes I provide here.

1) Setting up shop

The first thing you need is the software and rainbow table sets. You can download Ophcrack 2.2 from Sourceforge, and then browse to LASEC to download the SSTIC04-5k rainbow table. You’ll need a significant amount of memory to load this rainbow table. If you have less than 1 GB of RAM, try the smaller table.

The installation of Ophcrack 2.2 should go smoothly. Make sure you choose to download the tables seperately:

You’ll notice a lot of GTK* files being installed–that’s nothing to worry about. GTK is the Graphical Tool Kit, a way for linux programs to create graphical interfaces.

2) Dude, where’s my hash?

Now that you’ve got Ophcrack and rainbow tables installed, you’ll need hashes. There are three places to find them on Windows XP:

• In the folder C:\windows\system32\config. This folder is locked to all accounts (including an Administrator account) while running, except the special System account.
• In a SAM file from C:\windows\repair if rdisk has ever run
• In the registry, under HKEY_LOCAL_MACHINESAM, which is locked to all accounts

This doesn’t look good for retreiving the windows hashes! Well, to work around the built-in windows protections, we can recover hashes by the following techniques:

• Boot to linux and copy the file directly from C:\windows\system32\config. This is probably too troublesome for most users, but with a liveCD it’s trivial.
• Run pwdump2, including in Ophcrack, to trick out the registry values. If you didn’t change any settings, it should be installed in C:\Program Files\ophcrack\win32_tools. Here’s an example session from the command line (start, run, type “cmd” and hit enter):

C:\Documents and Settings\Elliott Back>cd “C:\Program Files\ophcrack\win32_tools”
C:\Program Files\ophcrack\win32_tools>pwdump2
Administrator:499:aabbcc:3311dd:::
Elliott Back:234:aabbcc:3311dd:::
C:\Program Files\ophcrack\win32_tools>

Naturally, I’ve censored the hashes and the number of users. If you’d like some hashes to play with, here are hashes for users with passwords varying from length from 1 to 7 characters long: test-hashes.txt.

3) Let’s get cracking!

Hashes in hand, start up Ophcrack:

Then click “load, PWDump file,” and select either the hashes you got from pwdump2, my sample hash file, or some other source of SAM hashes:

The last thing we need to do is load our rainbow tables. Click “Tables” and select the location and type of rainbow hash table you’re using, in our case the 5k tables:

Now you can click the big “Launch” button and wait. It will first load the tables (0-3 in my case) into memory, a process that takes several minutes. When this is complete, it will begin trying passwords:

The final screen gives a breakdown on how long it takes to actually find these passwords–some of which are quite hard:

All in all, it took 178 seconds on average to crack a windows password–only 3 minutes per hash! In the process it performed 89,030,630 hash-redux calculations and 199,548 fseek operations. It also couldn’t find the password for one of the hashes, which is to be expected. Rainbow tables are non-deterministic and won’t always work. Still, our success rate of 6/7 or 86% is high.

Conclusion

Now you know how to crack windows passwords. When is this a good idea?

1. When you buy a computer on Ebay and the owner forgets to give you an Admin account
2. When you forget your password
3. When a friend forgets their password
4. When the security of the country is in danger

When is this a bad idea?

1. When you buy a computer from government surpluss and want to find its secrets
2. When you want to hack up your friends
3. When your little sister’s account is too tempting
4. When you go visit your girlfriend’s dorm room

Another problem with releasing a tool like Ophcrack is that it becomes usable by anyone. In fact, this guide or tutorial to cracking windows passwords even makes it easier. Pretty much anyone can crack any windows password now, which could be a problem if used the wrong way. However, windows passwords are by nature insecure; there are dozens of other tools to crack windows passwords. Ophcrack is just the fastest.

The new server is up, and running. Load is something ridiculously low, say 1%. I also have 100GB of disk space, SQL running on server, the whole works. DNS is also transferred from Dreamhost, although I’m waiting on them to fix my subdomains. I removed them from the hosting, and added a CNAME * -> elliottback.com, but their individual A records still live on. I really do like my new Plesk environment, though. It’s so gorgeous, if a little clunky:

I really do enjoy it so far. Having some trouble getting BIND going, but I don’t need that anyway yet. I totally recommend Cari.net so far!

Update

I’m getting all the subdomains back up now, since dreamhost’s fixed our DNS config and dropped all the old A records.

I guess I’ve got a major problem with outsourcing and globalization now. An Indian blogger is ripping off my content. As other countries and cultures enter the primarily western blogosphere, they may bring a different attitude towards intellectual property. However, I believe, in this case, that there is an absolute standard. For educational purposes, here’s what he’s copied so far:

• His Legal Info matches my Legal Notice to a T
• His Digg Defender post copies content from mine without attribution, and hotlinks the code.
• He’s listed himself on BlogTopSites

This guy has the audacity to copy content at will, blog straight from digg, and then label it all “Creative Commons Attribution-NonCommercial-ShareAlike 2.5 License.” Uh huh, yeah right. Here’s what I can find out about you, my spammer friend:

• Is named “xxx yyy zzz”
• Uses the screen name xxx123
• Use the email xxx123@gmail.com
• Is from Mangalore, Karnataka, India
• Is 16 years old

Here’s what I’m sending him, his host, and his host’s host. The infamous DMCA:

Sender Information:
Elliott Back
1108 Cascadilla Hall
Ithaca, NY 14853, USA
1-607-229-0623

To whom it may concern,

I act on behalf of myself, and am the exclusive owner of the copyright works in question, that is, all of the content of my website and blog network, found on elliottback.com and its subdomains. Browsing a server on your network, xxx and the URL xxx, I find unauthorized copies of the ElliottBack network material which infringes on my rights as copyright holder:

1) -redacted-
2) -redacted-

Please immediately remove or disable all access to the infringing material. This infringing material is not authorized by myself, and this Notice of Copyright is accurate. Under penalty of perjury, I swear that I am authorized to act on behalf of the Owner, which is myself.

Should you require further information, please contact me via email or telephone.

Signed,
Elliott C. Bäck
04-24-2006

ecb29@cornell.edu
607-229-0623

Why do people do this? Do they just not understand fair use?

Update: XXX has removed the infringing material. I’d like to think of this as a case of an amateur blogger getting his ropes, rather than anything else.

Update 2: In the spirit of hospitality, I have redacted all of the identifying information.