Password cracking!!
Password cracking!!
ghost | 10039 Reads | Hello, to start off I would like to say thanks for taking time to read my article. As this might be a little sketchy, please bare with me, for this is my first article for HBH. In this article I will go over different types of cracking methods, and the odds of actually cracking them, so you can figure out and understand why cracking is so difficult.
Brute forcing The most common type of cracking method is called an exhaustive brute force. For those of you who are unsure what that means, read on. An exhaustive brute force is the cracking program, tries every conceivable password. In most password boxes, the allowed characters are A-Z (capital) a-z (lower) 0-9 (numbers) and all of their corresponding characters. Some even allow the use of a spacebar, < > ?/.,\ | ][ {} the list goes on. There are a total of 95 different keys you can use for every character of a password, so be creative. For the base of explanation ill use an eight (8) character password. If you have an eight character password, trying 10,000 cracks per SECOND, would take you 22,875 years to complete (assuming it’s the last password tried). For those of you who like the math explanation would look like 95 ^ 8 (the ^ means to the power of, 95 is how many characters it could be, 8 is how many characters are in the password. To simplify it and make more sense to you, if you had 1,000 computers cracking the same password, it would still take you OVER 22 years to complete, feel free to throw up, I know I did.
Dictionary attack I am sure that you have all heard NOT to use any direct words from the dictionary, and you ask why not, and ill answer here shortly. For the base of learning, let’s say you used the longest word in the English language (Pneumonoultramicroscopicsilicovolcanokoniosis), yes this is the longest. Despite the 45 letters it took to make it, it would still be cracked LESS THEN ONE MINUTE. Why is that you may ask? The dictionary hold about 200,000 words, more or less depending on which one you’re looking in, assuming 10,000 cracks per second, would only take 20 seconds, because it’s looking thru every word in the dictionary, and none more.
Hash look up This is by far the most appealing to me. As I was showing my friends some cracking methods, He asked me what a hash is, so I explained. He then asked why don’t you just “pre-calculate†all the hashes. Even though such a good question I laughed my ass off. I explained to him that a password normally is not found in plain text, it has a hash (usually mathematically irreversible). Of course you would have to store, the table or database somewhere, so you just need to search the database for the corresponding hash. Assuming your doing a binary search, I would look like O(log2 N). N is the number of entries. So to continue the password used above would look like O(8 log2 95) which is incredibly fast. Of course then you would have to add in for each of those a salt value between 0 and 4096. So now its O(8 log2N) X 4096 (feel free to do the math) Sound like a good idea? Well, guess again!! The downfall of such an attack is that you would have to have about 100 thousand TERABYTES of memory (damn near enough to run NASA). Just for a little ratio, a 4 character password, with all 4096 salts and every possible hash pre-calculated, would take about 4.6 terabytes of memory, which is still very impractical. There are many different types of cracking methods, for I put only those that are commonly used, known and most interesting. Please PM me or post with any comments, questions or concerns you may have regarding password cracking and my article. Also please speak openly, for I won’t get better. Thanks again!! Shaddow
richohealey 17 years ago
good article, but you should have mentioned rainbow tables…. your last paragraph points right at them!
ghost 17 years ago
Theory is good tho. What happened to structure and using spacing, ie. new lines, and paragraphs… ? It's hard to read. Nice, overall, however.
ghost 17 years ago
Thank you all in advance for your comments as they will all help me out with my future articles. Thanks
ghost 17 years ago
Thanks for this, this makes it clear why my friend laughed his ass off when I tried to crack an FTP site's login for fun the other day using a bruteforce. Took me a while to realize the estimated time was 15.7 sumthin milleniums to find a 50 letter username and a 60 letter password…. yea…
AldarHawk 17 years ago
This is a good article in theory but do you have any proof to your statements? Are you certain that it would take up approx. 100 TB of storage to hold 4 character length of all passwords salted?
If you could provide me with a little more indepth working on all of the "facts" behind this article it would be a little more backed up and rigid…as it stands now it seems a little lacking in a lot.
ghost 17 years ago
you can't really build an exhaustive hash database, but PHPBB, php-fusion, and many other popular CMS'es store their passwords as unsalted md5 hashes, and most people SUCK at picking passwords.
you will find that for the average website that has user accounts, roughly 70% of the MD5s of the passwords will be in an md5 database such as aim:md5library.
ghost 17 years ago
but what if you could? Imagin how much memory that would take. If you go to word doc. and a 1 page paper. What does it come out to be. in kb's. Imagin how many passwords that could be made the highest ive see was 95 ^16. some astronomical number. mulitplied by the 4096 salt values. Almost makes it unreal to imagine.
ghost 17 years ago
you spelt the biggest word wrong, google sais its spelt Pneumonoultramicroscopicsilicovolcanoconiosis not Pneumonoultramicroscopicsilicovolcanokoniosis.
ghost 17 years ago
p.s Thought I would add that "sais" (as you spelled it) is should actually be "says" (google for it)