Bugtraq mailing list archives
Re: Messenger/Hotmail passwords at risk
From: "Gaurav Agarwal" <gaurav_11878 () hotmail com>
Date: Wed, 11 Jul 2001 09:56:29 +0530
On Mon, 9 Jul 2001, Jeffrey W. Baker wrote:Uh huh. So you are saying that, given MD5(password), password may be recovered by brute force. And this is new/interesting in what way?The interesting thing is he can (allegedly) do it at 2.5e6 tries/second on an affordable machine. Being able to exhaust all combinations of 8 digits and lowercase letters within 2 weeks makes such an attack much more practical.
The claim that he makes is surely interesting. I tried running the md5crack on my system which is a linux6.1 Intel pentium 3 733 MHz and I was able to get around 1/100 of what he claims. Although he uses a 1GHz AMD can the performances be so different ??? Also the complexity of the problem increases exponentially as you start increasing the number of possible characters in your passwords. For instance for {a-Z,a-z,0-9} the crack takes 900 odd days and if you also included other special symbols then it would be even higher and seeing the rate at which it ran on my computer (1/100 of his claims) the attack would become quite impractical. Gaurav...
--Pavel Kankovsky aka Peak [ Boycott
Microsoft--http://www.vcnet.com/bms ]
"Resistance is futile. Open your source code and prepare for
assimilation."
Current thread:
- Messenger/Hotmail passwords at risk gregory duchemin (Jul 09)
- Re: Messenger/Hotmail passwords at risk aleph1 (Jul 09)
- Re: Messenger/Hotmail passwords at risk Peter van Dijk (Jul 09)
- Re: Messenger/Hotmail passwords at risk Jeffrey W. Baker (Jul 09)
- Re: Messenger/Hotmail passwords at risk Pavel Kankovsky (Jul 10)
- Re: Messenger/Hotmail passwords at risk Gaurav Agarwal (Jul 15)
- Re: Messenger/Hotmail passwords at risk Martin Macok (Jul 16)
- Re: Messenger/Hotmail passwords at risk Pavel Kankovsky (Jul 10)
- <Possible follow-ups>
- Re: Messenger/Hotmail passwords at risk Ishikawa (Jul 15)
- Re: Messenger/Hotmail passwords at risk gregory duchemin (Jul 16)
- RE: Messenger/Hotmail passwords at risk Michael Wojcik (Jul 16)
- Re: Messenger/Hotmail passwords at risk Mark (Jul 16)