Security Basics mailing list archives
Re: How Windows Password Cracking Programs Work
From: "Michal Merta" <michal.merta () gmail com>
Date: Wed, 26 Jul 2006 14:17:29 +0200
Hi all, these programs in most cases calculate (or there are some tools which pre-calculate) hashes from text passwords and compare it with hash of the passwords. 2 very similar passwords have completely different hashes, i.e. password - 286755fad04869ca523320acce0dc6a4 passwords - 6f59c8e9229e384c2935e75075825566 (md5 algorithm used in previous example.) The output of hash algorithms is all the time the same length. For all hash functions its mathematically impossible (we hope :)) to derive the original text password from encrypted hash. But it can be that 2 different passwords have the same hash. Its called "collision". Regards, Michal On 22 Jul 2006 15:33:12 -0000, winshel () camden rutgers edu <winshel () camden rutgers edu> wrote:
Please excuse my lack of technical understanding of windows password cracking software. My question is whether windows password cracking programs has to do with how these programs work. Is it correct that they do not crack a password one character at a time? That is, the password cracking programs aren't able to determine that they have cracked the first character, or the first two or first three characters? Also, is it correct that password cracking programs aren't able to determine - ahead of time - how long a windows password is? Thanks. --------------------------------------------------------------------------- This list is sponsored by: Norwich University EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life. http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
-- Michal Merta Network Security Engineer http://www.misuta.cz The information contained in this electronic message and any attachments to this message are intended for the exclusive use of the addressee(s) and may contain proprietary, confidential or privileged information. If you are not the intended recipient, you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately and destroy all copies of this message and any attachments. --------------------------------------------------------------------------- This list is sponsored by: Norwich University EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINEThe NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life.
http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
Current thread:
- How Windows Password Cracking Programs Work winshel (Jul 24)
- Re: How Windows Password Cracking Programs Work Dharmesh Sampat (Jul 25)
- Re: How Windows Password Cracking Programs Work Michal Merta (Jul 27)
- <Possible follow-ups>
- Re: How Windows Password Cracking Programs Work chris (Jul 27)
- Re: Re: How Windows Password Cracking Programs Work e . m . baechle (Jul 27)
- Re: Re: How Windows Password Cracking Programs Work Nagareshwar Talekar (Jul 28)