Vulnerability Development mailing list archives
Re: dictionary
From: visigoth <visigoth () securitycentric com>
Date: Mon, 30 Sep 2002 10:54:12 -0500
On Tue, Sep 17, 2002 at 08:28:51AM +0000, alex hajii wrote:
70% of passwords "break" under a good dictionary attack. is anyone here familiar with a good dictionary database ? is there any already written software for this reason that is downloadable? thak U.
I have found that in many regulated environments (banks, gov, etc..)
password complexity is enforced in a systemic fashion. Dictionary attacks
have been becomming less and less effective in pen-testing. However, most of
these systems still allow users to choose passwords which are a combination of
a dictionary word and 1 or 2 charactors on the beginning or end.
Here is a little utility I wrote to allow other attack code to be
significantly more effective:
http://www.securitycentric.com/files/visbrute/
<From README>
ABOUT:
Visbrute is a small utility I wrote in order to allow standard
attack code to use some better authentication data generation
algorithms. Fundamentally, it is a brute force and dictionary/hybrid
generation utility which, in its primary mode, creates a FIFO in
the filesystem which can then be specified as the input file
for attack code which accepts dictionary input.
Currently options exist for pure brute force and hybrid attacks which
add every possible combination of 1 and 2 chars on the beginning
and end of every entry from a dictionary file. There are 4
pre-made keyspaces, however the user may specify a "roll-your-own"
keyspace.
The next intended mode of operation will include a 'leet script
substitution engine which will take dictionary words and replace
chars in them in every (well.. we'll see about EVERY) possible
combination...
On my dual Athlon, it can produce just under 3 million entries/sec.
Brute force is more like 3.2
PURPOSE:
This code's purpose is to raise the effectiveness of authentication
data assessments in compliance environments. I was frequently coming
across environments where there was systemic enforcement of a
certain amount of password complexity which would befuddle a standard
dictionary attack. In some real-world testing, this utility has
taken a standard dictionary attack success rate of next to nothing
and been able to catch a large (some tests ended up at around 40%)
number of passwords.
This code is (of course) intended for educational/professional uses.
UNDOCUMENTED FEATURES:
If you notice, the code for visbrute is quite simple and based
on a small library I am writing called librute. If you want
to use visbrute as an example and read the header files and such
for librute, you are of course welcome to link to it directly
thereby giving your code the native ability to use hybrid/brute
(and eventually 'leet script substitution)
GREETZ:
siitaa - by whom all things are inspired
Digital Revelation - ALL YOUR BOX ARE BELONG TO US
phatix - heh. www.securitycentric.com/files/phatix.jpg
GOBBLES - Congratulations! When's the wedding?
DarkTangent - thanks again for all the hard work.
</From README>
Enjoy...
-visigoth
--
______________________________________________________________________________
Damieon Stark | Microsoft: Where do you want to go today?
e: visigoth () securitycentric com | Linux: Where do you want to go tommorow?
p: 612.382.6945 | FreeBSD/Sun: Are you guys coming or what?
pgp: 0xBE5D0C57 | http://www.sun.com/solaris - To the Nth!
pgp.mit.edu | http://www.freebsd.org - The power to serve!
------------------------------------------------------------------------------
I'll see your DMCA and raise you a First Amendment.
http://www.anti-dmca.org
------------------------------------------------------------------------------
eot
Attachment:
_bin
Description:
Current thread:
- Re: dictionary visigoth (Sep 30)