On Sun, 3 May 2009 23:01:01 +0100 Adam Bower adam@thebowery.co.uk allegedly wrote:
On Sun, May 03, 2009 at 10:41:33PM +0100, Ted Harding wrote:
PW: The first thing I'll do is an easy check to see whether I can get a nice little automated tool to cough up your password straight away so I can log on as you.
Well, my jaw would drop if I believed it! Even if the password is case-insensitive, that's 36 letters+numbers to try every "permutation" of. There are 36^14 different 14-character strings where each character can independently be any letter or number. And that's just the full 14-character string -- there's also all the shorter strings as well.
My first instinct would be to suggest that they weren't brute force guessing the password. I'm guessing that they were recovering the encrypted password file from disk and breaking/reversing the format it was stored with using something like L0phtcrack and rainbow tables which make it much much easier to recover passwords quickly.
Confirmed.
I asked Pete from First Base. He said "it was a partial rainbow tables attack (LM hashes) using Ophcrack Live".
So no - not a straight brute force attack.
Mick
---------------------------------------------------------------------
The text file for RFC 854 contains exactly 854 lines. Do you think there is any cosmic significance in this?
Douglas E Comer - Internetworking with TCP/IP Volume 1
http://www.ietf.org/rfc/rfc854.txt ---------------------------------------------------------------------