Re: MYsql 323 Hashes Cracking

[synja () synfulvisions com]

Purchase rainbow tables?

Most basic algo's are already freely available via torrents.

as for the size/complexity issue... That is a shitton of storage for a 0-9 A-z table with 16 char passwords.

With the access that you already apparently have, you may want to look into alternate methods of credential 
"discovery." 

Of course I'm going to simply assume this is part of a legitimate pentest...
------Original Message------
From: tarunkall () gmail com
Sender: listbounce () securityfocus com
To: security-basics () securityfocus com
Subject: MYsql 323 Hashes Cracking
Sent: Dec 22, 2011 13:34

Hi,
While testing i got the mysql 323 root's and few users hashes, but i am not able to crack them till yet, passwords 
seems to complex,if the password is of length of around 12-16 having special character lower n upper alpha and numeri 
are their any possibilities of it being cracked by Rainbow tables if i purchase them, please suggest tht till what 
extent does rainbow tables could crack such passwords and will it be a worth full to purchase.
please provide up with the Suggestions 

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------


Sent on the Sprint® Now Network from my BlackBerry®