Bugtraq mailing list archives
Re: Not so much a bug as a warning of new brute force attack
From: jco () bbn com (John Orthoefer)
Date: Tue, 4 Jun 1996 14:30:32 -0400
Brian Davidson wrote:
Against multiple accounts, crack has to encrypt each word in the dictionary with multiple salts (4096, put there to slow down such attacks). I beieve (but could be wrong) that an attack against pop would be faster. You can spawn multiple processes, all filling up all the available bandwith, and trying to get in. You don't have to encrypt each dictionary word even once, let alone 4096 times.
The first thing crack does is make a list of all the salts in the password file. Since unless you have a password file with at least 4096 passwords in it (realisiticly it's got to be MUCH larger, since you will start repeating salts at some point) there is no reason to try all salts. This will tell you what all the salts that are used in a password file are: cut -f 2 -d \: /etc/passwd | cut -c 1,2 | sort | uniq -c | more Then it dishes out 1 word to some large number of children processes ecrypting the password n times where n is the number of salts being used in the target password file. johno
Current thread:
- Vulnerability Database, (continued)
- Vulnerability Database Christopher Klaus (Jun 10)
- Re: brute force Ze'ev Maor (Jun 04)
- Re: brute force simes () tcp co uk (Jun 04)
- Re: Not so much a bug as a warning of new brute force attack Bill Broadley (Jun 03)
- Re: Not so much a bug as a warning of new brute force attack Brian Tao (Jun 08)
- Re: Not so much a bug as a warning of new brute force attack Paul D. Robertson (Jun 09)
- Re: Not so much a bug as a warning of new brute force attack Stefan Hudson (Jun 03)
- Re: Not so much a bug as a warning of new brute force attack Seguridad (Jun 03)
- Re: Not so much a bug as a warning of new brute force attack Thomas Roessler (Jun 03)
- Re: Not so much a bug as a warning of new brute force attack Andrew Macpherson (Jun 04)
- Re: Not so much a bug as a warning of new brute force attack John Orthoefer (Jun 04)
- Re: Not so much a bug as a warning of new brute force attack Don Lewis (Jun 04)
- Re: Not so much a bug as a warning of new brute force attack Dave Hayes (Jun 04)
- Re: Not so much a bug as a warning of new brute force attack Albert Lunde (Jun 04)
- Re: Not so much a bug as a warning of new brute force attack der Mouse (Jun 05)
- Re: Not so much a bug as a warning of new brute force attack der Mouse (Jun 09)
- Re: Not so much a bug as a warning of new brute force attack Brian Tao (Jun 09)