× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. MIDRANGE-L
  3. September 2004

Re: Display User Password?

Phil,

> The program I used took into consideration that the 10 char passwords are 
> split into two separate units; one of 7 chars and one of 3 chars. 

I think we're using the same program.  :)

>Net effect was a brute force attack[1] that produced (the correct)
results in about 20 mins.

If that was the timed result of a specific test, then it depends on
how many permutations it tried before it stumbled on the correct
answer.  It does not indicate that it could produce the correct result
on any given password within 20 minutes.

Try running your same program, but instead of giving it a command line
argument of simply "benchmark" and see if it reports the speed it can
test on your machine.  You will likely get a list of several timings,
based on optimizations for different cpu configurations.  In my case,
the best of them (and thus the one it uses by default on my PC) is
18916K per second, or roughly 19 million tests per second.

For passwords over 7 chars, do crack the last 3 chars takes under
1/100 second, so we can safely ignore that.  For 7 char passwords, you
need to divide the total possible permutations by your benchmark speed
to find the maximum time it could take to locate the correct password,
if it was the last one tested.  In my case, dividing 126,030,769,230
by my benchmark speed of 18916k yields a maximum time of 6506 seconds,
or about 1 hour and 48 minutes.

How long it takes for any given password will likely be much less than
that.  As I mentioned, I first limit it to shorter passwords so that
it can check all of them first.  I use a batch file since the program
returns an exit code of 0 once the password is found.  So I let it
check 1-5 char passwords first (taking at most 4 seconds), then try 6
char passwords (taking under 3 minutes), then start the more laborious
process of 7 char passwords.

If you don't do it this way, at least with the cracker I have, it
tests the permutations in order so even if the password is short, you
won't find it fast if the leading character is towards the end of the
list.  By limiting the password length in my initial passes, I can
produce the correct result on typical passwords in well under 3
minutes, and often under 4 seconds.

Without doing it that way, on my PC after 20 minutes it would be to
somewhere around the letter F as the starting letter for the password.

Doug

As an Amazon Associate we earn from qualifying purchases.

This thread ...
Replies:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.