Re: Passwords file cracking

From: Bill Unruh (unruh_at_string.physics.ubc.ca)
Date: 03/16/04

  • Next message: Ford Prefect: "Re: Passwords file cracking" 
    Date: Tue, 16 Mar 2004 15:52:12 +0000 (UTC)

    bagatrix_bruv@yahoo.co.uk (Ajay Sabnis) writes:

    ]I am creating a passowrd generator app that will create a number of
    ]random passwords and store them in some basic encrypted format in a
    ]plain txt file. I have 2 question i need urgent help on (dissertation
    ]deadline approaching!!):

    ]1. Does anyone know of any password cracking software that i can feed
    ]a plain txt password file into and it will give results? Any
    ]suggestions how this would be done?

    ]2. The generator will must encrypt passwords in the same manner the
    ]cracker will encrypt its guesses(dictionary attacking). any comments
    ]on what this may be?

    ]Please note, the purpose of this is an empirical testing on passwords.
    ]The platform passwords security issues are not important. However, i'm
    ]running windows.

    crypt(3) and libcrack on unix do just that. The passwords are not
    encrypted-- that is in fact insecure since then there is a system wide
    password to the encryption to be stored somewhere on the system. they
    are instead cryptographically hashed, and at authentication, the hash is
    compared with the hashed password entered by the user.
    crypt is the password hashing subroutine, and cracklib is the password
    cracking utility. Note that the cracking is done by exhaustive search--
    ie intelligent search through the password possibilities, namely by
    dictionary search and dictionary mangling search.
    Whether you can port these to windows I do not know.

  • Next message: Ford Prefect: "Re: Passwords file cracking"