UGN Security Forums
My ProfileMember DirectoryLogin
Search our ForumsView our FAQView our Site Rules
View our CalendarView our Active TopicsGo to our Main Page

UGN Security Store
 

Network Sites UGN Security, The GoNix Initiative, Elite Web Gamers, Back of the Web, EveryDay Helper, VNC Web Design & Development
July
Su M Tu W Th F Sa
1 2 3 4 5
6 7 8 9 10 11 12
13 14 15 16 17 18 19
20 21 22 23 24 25 26
27 28 29 30 31
Sponsored Links
Latest Postings
Latest Reviews
Topic Options
Rate This Topic
#4641 - 09/30/03 09:02 AM Some thoughts on PassWord Crackers
PhaseSpace Offline
Junior Member

Registered: 09/30/03
Posts: 6
Loc: Mars
I have recently been trying to crack some 'difficult' passwords on my system with 7-8 alpha numeric characters.

Using Jack the Ripper, I have been running by
brute force to no avail. Looks like I may never manage at this rate.

I was wondering if people here could relate there experiences with the password crackers that are out there.

Which ones tend to be the fastest? What are the most reliable and efficient ones? Which ones tend to crack 'hard' passwords without resorting to brute force.

PhaseSpace

Top
Sponsored Links
      
#4642 - 09/30/03 10:11 AM Re: Some thoughts on PassWord Crackers
sinetific Offline
nobody

Registered: 03/02/02
Posts: 815
Loc: Ann Arbor
what type of encryption are you trying to decipher?

Top
#4643 - 09/30/03 10:41 AM Re: Some thoughts on PassWord Crackers
PhaseSpace Offline
Junior Member

Registered: 09/30/03
Posts: 6
Loc: Mars
It is your standard RedHat 9.0 distribution, so whatever they use to encrypt their user accounts with.

Top
#4644 - 09/30/03 11:59 AM Re: Some thoughts on PassWord Crackers
sinetific Offline
nobody

Registered: 03/02/02
Posts: 815
Loc: Ann Arbor
MD5
http://www.redhat.com/docs/manuals/linux/RHL-9-Manual/install-guide/s1-authconfig.html
Just get a better wordlist, wordlists are a lot better to use than a straight up bruteforce, but then a good admin wouldnt use a dictionary word. I doubt there is anything better than jack the ripper though i've never benchmarked crackers to see what's faster.

Top
#4645 - 10/01/03 08:09 AM Re: Some thoughts on PassWord Crackers
PhaseSpace Offline
Junior Member

Registered: 09/30/03
Posts: 6
Loc: Mars
Wordlist won't help here.

Actually, I have been running Jack the ripper for 2 days and 18 hours. (Pentium III system) Unreal! Is something wrong? or is that a fairly normal amount of time?

Top
#4646 - 10/01/03 11:00 AM Re: Some thoughts on PassWord Crackers
sinetific Offline
nobody

Registered: 03/02/02
Posts: 815
Loc: Ann Arbor
That is normal.

"It is pointed out that passwords only use ASCII characters 32-139, which would lead to a password that can be cracked in just a few years at 1,000,000,000 tries per second. Almost feasible - if you have a distributed network of blazing hardware and a few years to wait. Usually, none of this is true.
So, what is the solution?
It turns out that the best solution, in general, is exactly what many of the password crackers have implemented. Really, it is just an extension of already demonstrated logic. We reduce the search space by 432, 197,966,893,081,601 because of the observation that most passwords will only use ASCII codes 32-126. We can reduce this eve further if there any any other subsets we can remove.
As it turns out there are lots. For ezmaple, it is not often you will find a password such as Xtn(DJ"z, $N40NzJH, DxdL(&$&, et cetra. Most people would not be able to remeber a password with even this paltry amount of entropy. Thus, most passwords will be easier to remeber. Think about what would make a password easier to remeber.
Most people:
-Use a dictionary word.
-Use some combination of dictionary words.
-Try to obscure it somehow (such as using 1337)."

[Taken from: Fun Password Facts -by kaige, 2600 Magazine Vol 19 issue 3]

A word list will help. Not nessicarily a word list but a list of some type. If you look around the net you will find random password generators word lists and you can write programs to go through and change all the 'E's to '3's and things of that nature to add to your list. Using this will not make it fool proof but it will greatly reduce your time, and your chances of success.

Top
#4647 - 10/01/03 12:36 PM Re: Some thoughts on PassWord Crackers
PhaseSpace Offline
Junior Member

Registered: 09/30/03
Posts: 6
Loc: Mars
Cool, thanks for the info.

Hopefully it will take less than a few years

Top
#4648 - 11/09/03 12:32 PM Re: Some thoughts on PassWord Crackers
fearENKI Offline
Junior Member

Registered: 11/08/03
Posts: 33
thats good info....my windows password isnt a word, but my other shit is a combination of words

Top
#4649 - 11/10/03 02:26 AM Re: Some thoughts on PassWord Crackers
fearENKI Offline
Junior Member

Registered: 11/08/03
Posts: 33
hmm....awhile back i used a program called cane and able which cracked a 5 char pswrd including like 2 or 3 ASCIIs in like 3 hours...

Top

Moderator:  Infinite 
Featured Member
Registered: 08/21/13
Posts: 1
Forum Stats
2145 Members
46 Forums
33124 Topics
68291 Posts

Max Online: 1567 @ 04/25/10 10:20 AM
Top Posters
UGN Security 26287
Gremelin 7192
§intå× 3255
SilentRage 1273
Ice 1146
pergesu 1136
Infinite 1041
jonconley 955
Girlie 908
unreal 860
Newest Members
Jimmie Menon, fghijk435948, Devo60, ali, lavos
2147 Registered Users
Who's Online
1 registered (Gremelin), 671 Guests and 390 Spiders online.
Key: Admin, Global Mod, Mod
Latest News


Donate
  Get Firefox!
Get FireFox!