Re: Crack a 9 char case sensitive password?

From: SuperFly (fake_at_email.com)
Date: 09/14/03

• Next message: Vandija Sanoth: "Re: Kryptel Lite and Iron Key, and suggestions for encryption software"
• Previous message: Mok-Kong Shen: "Re: Are my posts showing up?"
• In reply to: Benjamin Choi: "Re: Crack a 9 char case sensitive password?"
• Next in thread: Kristian Olsen: "Re: Crack a 9 char case sensitive password?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Sun, 14 Sep 2003 19:19:27 +0200

On 14 Sep 2003 06:01:16 -0700, contact@technosoft21.com (Benjamin
Choi) wrote:

>kristian_ols@email.is (Kristian Olsen) wrote in message news:<e23fce92.0309140257.196f3229@posting.google.com>...
>> Hi group,
>>
>> It is probably case sensitive, might also contain numbers and other chars. Is it
>> feasible to do a brute force search on a normal home computer?
>>
>> Any suggetions for windows software?
>
>It's easy to write a brute force cracker to crack 6 letter passwords
>in minutes, but 9 letters is quite different.
>
>What encryption algorithm is used? If it's Blowfish, you can expect a
>big headache... (Blowfish's key schedule is so slow, it's difficult to
>execute brute force attacks). If it's MD5, brute force cracking
>shouldn't be too time-consuming.
>
>Do you know the plaintext in the first place?

If this is a real life situation. I think a dictionary attack might be
the best 1st attempt. 99% of the people use a password that makes
grammatical sense. Start with lowercase words and date information.
Then introduce first letter upper case. Then introduce random upper
case. Then introduce logical substitutes like s=$ , a=4, e=3 etc..

You'd be surprised how good this works.

Good luck.

• Next message: Vandija Sanoth: "Re: Kryptel Lite and Iron Key, and suggestions for encryption software"
• Previous message: Mok-Kong Shen: "Re: Are my posts showing up?"
• In reply to: Benjamin Choi: "Re: Crack a 9 char case sensitive password?"
• Next in thread: Kristian Olsen: "Re: Crack a 9 char case sensitive password?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: Crack a 9 char case sensitive password? ... > It is probably case sensitive, might also contain numbers and other chars. ... > feasible to do a brute force search on a normal home computer? ... It's easy to write a brute force cracker to crack 6 letter passwords ... (sci.crypt) RE: Brute force attacks ... Setting up port knocking can help reduce brute force attempts too. ... Seriously, my open SSH ports get minimal brute force attacks daily, ... I've been experiencing brute force dictionary attacks from various sources ... (Security-Basics) Re: secure SMTP... ... SMTP AUTH won't open you to brute force attacks as the accounts will be ... locked out by the devices if incorrect logon information is provided for the ... Also not using SMTP AUTH will not allow a brute force type attack as their ... (microsoft.public.exchange.admin) linux ssh security defaults ... To prevent brute force attacks i think that linux ssh, ... should default for example to allow at first 30 logins within 10 ... (comp.security.ssh) Re: Is there any strong hand cipher? ... for brute force attacks you have to mimic the algorithm by a computer. ... My question's aim was more like that: Is there any hand cipher ... (sci.crypt)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint