|
<sheepish grin> OK, I see how that works. It didn't occur to me that it was trying to encrypt plaintext guesses to find a match. D'oh. Thanks for the explanation. db > -----Original Message----- > From: midrange-l-bounces@xxxxxxxxxxxx / Douglas Handy > Sent: Wednesday, September 29, 2004 9:19 AM > > Dan, > > > How does the password cracker > > program *know* when it has found the "clear text" password? > > You feed it the encrypted form of the password, which must get > matched. You get that from places like QSYRUPWD api, for example. > > The bruteforce method then attempts to match that ciphertext by > testing various plaintext passwords, encrypting each using the proper > algorithm, then comparing the result to the desired ciphertext you > told it to match. If they are the same, then the password has been > found. > > In some scenarios, "dictionaries" of word lists are used as the set of > plaintext passwords to attempt. In the particular crack program being > discussed, it simply generates the "next" possible permutation subject > to the command line options to limit the starting letters or password > length, etc. On my PC, it does that at the rate of somewhat over 19 > million tests per second.
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.
midrange.com
