Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Sun, 20 Aug 2006 22:27:35 +0200
From: "Frank Dittrich" <frank_dittrich@...mail.com>
To: john-users@...ts.openwall.com
Subject: RE: practice cracking passwords

Solar Designer wrote:
>On Sun, Aug 13, 2006 at 11:38:15AM +0100, Jack Sparrow wrote:
> > can you give me a site where i can practice cracking passwords...

>If you are looking for sample password files with hashes to crack, then
>you can try the following Google queries:
[...]
>12eMC4Wi9/C9o

That was interesting. You can adjust your cracking attempts,
assuming all salts in the passwd file are built using
the same broken algorithm.

>"enable secret 5"

But in most cases the passwords will be "cisco" or comething similar.

>and many others - just be creative.

I found another interesing search term:

allinurl:  "ccbill.log"

Use wget, then grep for "^ADD", and restrict your cracking attempts
to the majority of salts which matching "^[1-9][0-9]"

You easily find more than 60000 different username/hash
combinations, and due to the small number of different salts
(and due to the weak passwords), you can crack more than 30000
passwords in 24 hours;)

Regards, Frank



-- 
To unsubscribe, e-mail john-users-unsubscribe@...ts.openwall.com and reply
to the automated confirmation request that will be sent to you.

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ