Full Disclosure mailing list archives
Re: anybody know good service for cracking md5?
From: T Biehn <tbiehn () gmail com>
Date: Thu, 4 Feb 2010 11:10:43 -0500
Rainbowcrack-Online was doing precomp dictionary attacks in conjunct with rainbowtables in 2k5. The hype spike for RC tables was back in 2k4. You're off by 5 years Christian. -Travis On Thu, Feb 4, 2010 at 7:21 AM, McGhee, Eddie <Eddie.McGhee () ncr com> wrote:
Are you serious? People have been using rainbow tables for years mate.. and they are rather widely used.. no need to replace useful with anything, the statement was plain wrong.. ________________________________ From: full-disclosure-bounces () lists grok org uk [mailto:full-disclosure-bounces () lists grok org uk] On Behalf Of Christian Sciberras Sent: 04 February 2010 12:06 To: Anders Klixbull Cc: full-disclosure () lists grok org uk; Valdis.Kletnieks () vt edu Subject: Re: [Full-disclosure] anybody know good service for cracking md5? FINE. Replace "useful" with "widely popular". On Thu, Feb 4, 2010 at 1:04 PM, Anders Klixbull <akl () experian dk> wrote:lol they have been useful for years son just because YOU never found a use for them doesn't mean noone else has :) ________________________________ From: Christian Sciberras [mailto:uuf6429 () gmail com] Sent: 4. februar 2010 13:00 To: Anders Klixbull Cc: Valdis.Kletnieks () vt edu; full-disclosure () lists grok org uk Subject: Re: [Full-disclosure] anybody know good service for cracking md5? Uh, in the sense that they are finally becoming actually useful... On Thu, Feb 4, 2010 at 12:58 PM, Anders Klixbull <akl () experian dk> wrote:seems to be cropping in? as far as know rainbow tables has been around for years... ________________________________ From: full-disclosure-bounces () lists grok org uk [mailto:full-disclosure-bounces () lists grok org uk] On Behalf Of Christian Sciberras Sent: 3. februar 2010 23:02 To: Valdis.Kletnieks () vt edu Cc: full-disclosure () lists grok org uk Subject: Re: [Full-disclosure] anybody know good service for cracking md5? Actually dictionary attacks seem to work quite well, especially for common users which typically use dictionary and/or well known passwords (such as the infamous "password"). Another idea which seems to be cropping in, is the use of hash tables with a list of known passwords rather then dictionary approach. Personally, the hash table one is quite successful, consider that it targets password groups rather than a load of wild guesses. Cheers. On Wed, Feb 3, 2010 at 10:26 PM, <Valdis.Kletnieks () vt edu> wrote:On Wed, 03 Feb 2010 23:42:07 +0300, Alex said:i find some sites which says that they can brute md5 hashes and WPA dumps for 1 or 2 days.Given enough hardware and a specified md5 hash, one could at least hypothetically find an input text that generated that hash. However, that may or may not be as useful as one thinks, as you wouldn't have control over what the text actually *was*. It would suck if you were trying to crack a password, and got the one that was only 14 binary bytes long rather than the one that was 45 printable characters long. ;) Having said that, it would take one heck of a botnet to brute-force an MD5 has in 1 or 2 days. Given 1 billion keys/second, a true brute force of MD5 would take on the order of 10**22 years. If all 140 million zombied computers on the internet were trying 1 billion keys per second, that drops it down to 10**16 years or so - or about 10,000 times the universe has been around already. I suspect they're actually doing a dictionary attack, which has a good chance of succeeding in a day or two. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
-- FD1D E574 6CAB 2FAF 2921 F22E B8B7 9D0D 99FF A73C http://pgp.mit.edu:11371/pks/lookup?search=tbiehn&op=index&fingerprint=on http://pastebin.com/f6fd606da _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- anybody know good service for cracking md5? Alex (Feb 03)
- Re: anybody know good service for cracking md5? Valdis . Kletnieks (Feb 03)
- Re: anybody know good service for cracking md5? Christian Sciberras (Feb 03)
- Re: anybody know good service for cracking md5? Anders Klixbull (Feb 04)
- Re: anybody know good service for cracking md5? Christian Sciberras (Feb 04)
- Re: anybody know good service for cracking md5? Anders Klixbull (Feb 04)
- Re: anybody know good service for cracking md5? Christian Sciberras (Feb 04)
- Re: anybody know good service for cracking md5? McGhee, Eddie (Feb 04)
- Re: anybody know good service for cracking md5? T Biehn (Feb 04)
- Re: anybody know good service for cracking md5? Christian Sciberras (Feb 04)
- Re: anybody know good service for cracking md5? Christian Sciberras (Feb 03)
- Re: anybody know good service for cracking md5? Valdis . Kletnieks (Feb 03)
- Re: anybody know good service for cracking md5? Sergio Pelissari (Feb 04)
- Re: anybody know good service for cracking md5? netinfinity (Feb 04)
- Re: anybody know good service for cracking md5? Valdis . Kletnieks (Feb 04)