Why is there a hash of a weak password in the Windows cryptographic libraries?
A customer found the byte sequence ba7816bf8f01cfeaÂ414140de5dae2223Âb00361a396177a9cÂb410ff61f20015ad in the Windows cryptographic libraries. This is the SHA256 hash of the notoriously insecure password abc. (See pages 14 through 16 of the NIST Computer Security Resource Center, Cryptographic Standards and Guidelines, SHA examples document.) Why does the Windows cryptographic library use such a ridiculously weak password, and what is this password used for?
While it’s true that abc is a horrible password, it’s also the case that the Windows cryptographic libraries aren’t using it as a password. The value is part of a self-test that the libraries perform to verify that nothing obvious has gone wrong with the standard providers.
You can find this hard-coded “well-known SHA256” in the sha256.c module, with the “plaintext” in selftest.c. The values are used by the function SymÂCryptÂSha256ÂSelfÂTest to verify that the algorithm produces the expected answer.
The fact that an insecure password appears in the cryptography libraries doesn’t mean that the library is using them as passwords. In this case, they are just test data.
Bonus chatter: I bet you can find insecure passwords in a lot of binaries if you set your mind to it. Just scan for the bytes 61 62 63 in any binary, and if you find it, you can get all excited: “Hey, your binary contains the insecure password abc!”
Light
Dark
2 comments
nice post
It’s not just a particular artefact of the Windows cryptographic library, “abc” is a standard test string used for hash functions going back to at least MD5 in 1991. Other standard hash-function test strings are “a”, “message digest”, “abcdefghijklmnopqrstuvwxyz”, and “abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq”. If you look for MD5, SHA-1, and SHA-2 hashes of those in other crypto libraries you’ll find those as well.