Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Wed, 18 May 2011 14:26:54 -0400
From: Rich Rumble <richrumble@...il.com>
To: john-users@...ts.openwall.com
Subject: Re: Help with 14 - 16 digit CC's stored in MD5 hash

On Wed, May 18, 2011 at 2:14 PM, RB <aoz.syn@...il.com> wrote:
> An interesting problem, but one fraught with danger for both requester
> and helper.
>
Agreed.
> Sounds like a job for an external filter initially, I doubt there'd be
> enough regularity in such data as to make a new full-fledged format
> necessary.
If it were just digit's, and we know that AMEX/VISA/MC etc... start with
predifined strings of digits, then you cut down 4-6 of the possible char's
you need quite a bit, but they do need "prepended" to each BF attempt
to get the hash right. This could be an interesting candidate for the
"known force" external mode. In addition, if you knew other things like the
format of the expected digit's and their possible separators if any...
1234 5678 9012 3456
1234-5678-9012-3456
1234567890123456
Every character that is added only adds more time, if you knew the format
before hand, you could probably double your speed by not having to try
spaces and dashes if you new there were none...
It's out of my depth, but it is an interesting problem.
-rich

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.