|
Message-ID: <BAY105-F8ECA41E193A36268C70ADFD400@phx.gbl> Date: Sun, 20 Aug 2006 22:27:35 +0200 From: "Frank Dittrich" <frank_dittrich@...mail.com> To: john-users@...ts.openwall.com Subject: RE: practice cracking passwords Solar Designer wrote: >On Sun, Aug 13, 2006 at 11:38:15AM +0100, Jack Sparrow wrote: > > can you give me a site where i can practice cracking passwords... >If you are looking for sample password files with hashes to crack, then >you can try the following Google queries: [...] >12eMC4Wi9/C9o That was interesting. You can adjust your cracking attempts, assuming all salts in the passwd file are built using the same broken algorithm. >"enable secret 5" But in most cases the passwords will be "cisco" or comething similar. >and many others - just be creative. I found another interesing search term: allinurl: "ccbill.log" Use wget, then grep for "^ADD", and restrict your cracking attempts to the majority of salts which matching "^[1-9][0-9]" You easily find more than 60000 different username/hash combinations, and due to the small number of different salts (and due to the weak passwords), you can crack more than 30000 passwords in 24 hours;) Regards, Frank -- To unsubscribe, e-mail john-users-unsubscribe@...ts.openwall.com and reply to the automated confirmation request that will be sent to you.
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.