[ALUG] "Hacked to Pieces"
Adam Bower
adam at thebowery.co.uk
Sun May 3 23:01:01 BST 2009
On Sun, May 03, 2009 at 10:41:33PM +0100, Ted Harding wrote:
> PW: The first thing I'll do is an easy check to see whether I can
> get a nice little automated tool to cough up your password
> straight away so I can log on as you.
> Well, my jaw would drop if I believed it! Even if the password is
> case-insensitive, that's 36 letters+numbers to try every "permutation"
> of. There are 36^14 different 14-character strings where each character
> can independently be any letter or number. And that's just the full
> 14-character string -- there's also all the shorter strings as well.
My first instinct would be to suggest that they weren't brute force
guessing the password. I'm guessing that they were recovering the
encrypted password file from disk and breaking/reversing the format it
was stored with using something like L0phtcrack and rainbow tables which
make it much much easier to recover passwords quickly.
In short, this kind of attack is very feasible and I have done similar
in the past. Nearly 10 years ago I grabbed a set of users passwords from
a windows domain and ran an automated scanning tool against about 80
users passwords, took me about 20 hours to get 95% of them and keep in
mind the machine I was using to do this was about Pentium III vintage
with 512MB ram.
Without a proper explanation of what they were trying to break and how
then it would be hard to say if it was genuine or not, but it is
entirely feasible.
Thanks
Adam
--
jabberid = quinophex at jabber.earth.li
More information about the main
mailing list