Password cracking: Difference between revisions

From Rixort Wiki
Jump to navigation Jump to search
← Older editNewer edit →
No edit summary
No edit summary
Line 13: Line 13:
* Length: 32 characters is likely to be MD5.
* Length: 32 characters is likely to be MD5.
* Characters: 0-9a-zA-Z is likely to be MD5.
* Characters: 0-9a-zA-Z is likely to be MD5.
== Lookup tables ==
* How should these be delivered? Plain text file, SQLite database, Lightning Memory-Mapped Database (LMDB), something else?
* What options does the chosen language support?
* Which options are the most efficient?

Revision as of 16:16, 22 July 2018

Steps required for password cracking software:

  1. Identify which columns contain the username and the password (hashed or otherwise).
  2. Identify the algorithm used.
  3. Identify whether a salt is used.

From these there are multiple stages:

  1. If no salt is used (e.g. plain MD5), consult a pre-computed lookup table.

Identifying an algorithm:

  • Length: 32 characters is likely to be MD5.
  • Characters: 0-9a-zA-Z is likely to be MD5.

Lookup tables

  • How should these be delivered? Plain text file, SQLite database, Lightning Memory-Mapped Database (LMDB), something else?
  • What options does the chosen language support?
  • Which options are the most efficient?
Retrieved from ‘https://wiki.rixort.com/index.php?title=Password_cracking&oldid=253