May 1st, 2002, 02:57 AM
http based password crackers
http based password crackers are the dumbest thing to hit the net cause unless you have a really fast internet connection it takes for ever and about an hour of dictionary or brute forceing the webmaster will probley notice.
"Worst tatic ever"
May 1st, 2002, 03:04 AM
Thank you for showing that you have a keen grasp of the obvious.
Now precisely -how- would you know how long it takes?
May 1st, 2002, 03:06 AM
May 1st, 2002, 03:15 AM
LOL ur not supposed to do that or talk about it on AntiOnline or CyberArmy
May 1st, 2002, 03:22 AM
LOL Keisha, I'd like to know also how you arrived at your quess. Password crackers are flawed always will be in a few ways. One the assumption that a user name is in English and even if it is perhaps it is a transulation. Two if it were not English, well look to WWII (That means World War Two) Navaho Code takers took English in transulated into their native American Indian language and back to English, the code was never broken. I know this cause I speak more then one language oops I can take a name transulate it into a native tongue and back to english it is not the same. This is the user name part never for your standard user just the admin name, then the password the same can be applyed here also, although my favorite way for long pass words is to use a text editor bang my head on my keyboard roll it around a minute or two take a random as long as I can cut and paste and put into the password field after making note of it. So I have yet to see a bang your head multi languaged cracker yet..LOL works for me
I believe that one of the characteristics of the human race - possibly the one that is primarily responsible for its course of evolution - is that it has grown by creatively responding to failure.- Glen Seaborg
May 1st, 2002, 05:36 AM
Palemoon doesn't matter what language it is in - a proper brute force attack does not use a dictionary file but goes through all letters, numbers, speacil characters in sequence.
Like: aaaaaa then aaaaab then aaaaba then aaabaa then aabaaa
and so on when u think how many possible combinations there is thats alot of guesses
esp as my example above deals with a 6 digit long pass - what if you don't know the length of the pass?? brute forcing an online password just cannot be done! If the admin on the otherside doesn't pick up on it - your own isp will !
Cracking a 6 digit .zip pass took 2 & a bit hrs on my comp (ok so am running a 166mhz not exactly uber-fast) imagine if you were doing that over an internet connection? heh
by the way for those of you who are intrested I had to crack it for some wargame I was playing a while ago :P
May 1st, 2002, 07:26 AM
HTTP Password crackers?, now I am not really a hacker per se, I just look for security flaws and use them..(hacker?) But if I am correct are you using a java script to crack a password on a host machine? If I am right that doesn't sound like the securest thing that I know of...prehaps I am missing the concept?
May 1st, 2002, 02:28 PM
cybermagellan> There are a couple of sites that allow you to post an NT password file, and it will return the passwords for you. I will admit that I made a couple of test files for this, just to see how they work. One of them was pretty fast (unfortunately). It didn't work very good on "complicated" passwords, but it got almost of the letters correct.
I agree that these things suck, but not for the same reason. It has nothing to do with the speed of them, and all to do with the fact that it just sets up script kiddies with another tool, and they don't even have to download a program to use it....
\"Ignorance is bliss....
but only for your enemy\"
May 1st, 2002, 03:18 PM
<offtopic>souleman, let me be the first to congratulate you with your new signature
I wish to express my gratitude to the people of Italy. Thank you for inventing pizza.
May 1st, 2002, 10:15 PM
OK cause for some reason I thought that it was done with an interactive cookie of some type. Just didn't make sense to me, why would you do that?...sorry my bad kinda new at the whole forum thing just found out how to access admin shares on a comp so I have some catching up to do.