Your browser does not seem to support CSS. If images appear below, please disregard them.
Topic Options
Rate This Topic
#4641 - 09/30/03 08:02 AM Some thoughts on PassWord Crackers
Joined: Sep 2003
Posts: 6
PhaseSpace Offline
Junior Member
PhaseSpace Offline
Junior Member

Joined: Sep 2003
Posts: 6
Mars
I have recently been trying to crack some 'difficult' passwords on my system with 7-8 alpha numeric characters.

Using Jack the Ripper, I have been running by
brute force to no avail. Looks like I may never manage at this rate.

I was wondering if people here could relate there experiences with the password crackers that are out there.

Which ones tend to be the fastest? What are the most reliable and efficient ones? Which ones tend to crack 'hard' passwords without resorting to brute force.

PhaseSpace

Top
Sponsored Links
#4642 - 09/30/03 09:11 AM Re: Some thoughts on PassWord Crackers
Joined: Mar 2002
Posts: 815
sinetific Offline
nobody
sinetific Offline
nobody

Joined: Mar 2002
Posts: 815
Ann Arbor
what type of encryption are you trying to decipher?

Top
#4643 - 09/30/03 09:41 AM Re: Some thoughts on PassWord Crackers
Joined: Sep 2003
Posts: 6
PhaseSpace Offline
Junior Member
PhaseSpace Offline
Junior Member

Joined: Sep 2003
Posts: 6
Mars
It is your standard RedHat 9.0 distribution, so whatever they use to encrypt their user accounts with.

Top
#4644 - 09/30/03 10:59 AM Re: Some thoughts on PassWord Crackers
Joined: Mar 2002
Posts: 815
sinetific Offline
nobody
sinetific Offline
nobody

Joined: Mar 2002
Posts: 815
Ann Arbor
MD5
http://www.redhat.com/docs/manuals/linux/RHL-9-Manual/install-guide/s1-authconfig.html
Just get a better wordlist, wordlists are a lot better to use than a straight up bruteforce, but then a good admin wouldnt use a dictionary word. I doubt there is anything better than jack the ripper though i've never benchmarked crackers to see what's faster.

Top
#4645 - 10/01/03 07:09 AM Re: Some thoughts on PassWord Crackers
Joined: Sep 2003
Posts: 6
PhaseSpace Offline
Junior Member
PhaseSpace Offline
Junior Member

Joined: Sep 2003
Posts: 6
Mars
Wordlist won't help here.

Actually, I have been running Jack the ripper for 2 days and 18 hours. (Pentium III system) Unreal! Is something wrong? or is that a fairly normal amount of time?

Top
#4646 - 10/01/03 10:00 AM Re: Some thoughts on PassWord Crackers
Joined: Mar 2002
Posts: 815
sinetific Offline
nobody
sinetific Offline
nobody

Joined: Mar 2002
Posts: 815
Ann Arbor
That is normal.

"It is pointed out that passwords only use ASCII characters 32-139, which would lead to a password that can be cracked in just a few years at 1,000,000,000 tries per second. Almost feasible - if you have a distributed network of blazing hardware and a few years to wait. Usually, none of this is true.
So, what is the solution?
It turns out that the best solution, in general, is exactly what many of the password crackers have implemented. Really, it is just an extension of already demonstrated logic. We reduce the search space by 432, 197,966,893,081,601 because of the observation that most passwords will only use ASCII codes 32-126. We can reduce this eve further if there any any other subsets we can remove.
As it turns out there are lots. For ezmaple, it is not often you will find a password such as Xtn(DJ"z, $N40NzJH, DxdL(&$&, et cetra. Most people would not be able to remeber a password with even this paltry amount of entropy. Thus, most passwords will be easier to remeber. Think about what would make a password easier to remeber.
Most people:
-Use a dictionary word.
-Use some combination of dictionary words.
-Try to obscure it somehow (such as using 1337)."

[Taken from: Fun Password Facts -by kaige, 2600 Magazine Vol 19 issue 3]

A word list will help. Not nessicarily a word list but a list of some type. If you look around the net you will find random password generators word lists and you can write programs to go through and change all the 'E's to '3's and things of that nature to add to your list. Using this will not make it fool proof but it will greatly reduce your time, and your chances of success.

Top
#4647 - 10/01/03 11:36 AM Re: Some thoughts on PassWord Crackers
Joined: Sep 2003
Posts: 6
PhaseSpace Offline
Junior Member
PhaseSpace Offline
Junior Member

Joined: Sep 2003
Posts: 6
Mars
Cool, thanks for the info.

Hopefully it will take less than a few years

Top
#4648 - 11/09/03 12:32 PM Re: Some thoughts on PassWord Crackers
Joined: Nov 2003
Posts: 33
fearENKI Offline
Junior Member
fearENKI Offline
Junior Member

Joined: Nov 2003
Posts: 33
thats good info....my windows password isnt a word, but my other shit is a combination of words

Top
#4649 - 11/10/03 02:26 AM Re: Some thoughts on PassWord Crackers
Joined: Nov 2003
Posts: 33
fearENKI Offline
Junior Member
fearENKI Offline
Junior Member

Joined: Nov 2003
Posts: 33
hmm....awhile back i used a program called cane and able which cracked a 5 char pswrd including like 2 or 3 ASCIIs in like 3 hours...

Top

Member Spotlight
Gremelin

Gremelin
Portland, OR; USA
Posts: 7,195
Joined: February 2002
Show All Member Profiles 
Sponsored Links
Forum Statistics
Forums46
Topics46,497
Posts81,667
Members2,157
Most Online1,567
Apr 25th, 2010
Latest Postings
Top Posters(All Time)
UGN Security 39,661
Gremelin 7,195
§intå× 3,255
SilentRage 1,273
Ice 1,146
pergesu 1,136
Infinite 1,041
jonconley 955
Girlie 908
unreal 860