Page 3 of 4 FirstFirst 1234 LastLast
Results 21 to 30 of 32

Thread: Web-based NT & Win2k password cracker !

  1. #21
    Junior Member
    Join Date
    Apr 2002
    Posts
    6
    No prob. Been there too many times.....

    Just want you to know that until I see the source(as maybe for others too), or some proof of this theory, I will still believe that it is something other than what you say it is. Like I said before..1000 hashes in seconds...quite the feat.

    If you are right, then they might say Linus who? If it goes sour......they would say anything but nice, you can bet..

    On the other hand, it would be nice to finally show MS that the security they have needs to be updated.

    Anyway, just remember that nobody here means any disrespect, just people keeping you on your toes....

  2. #22
    Senior Member
    Join Date
    Jul 2001
    Posts
    196

    Thumbs down

    I few tests I did
    No offense, but it doesn't seem to be anymore than a database of already cracked hashes. I look forward to the one that allow a more full range of password cracking to see if these old ones (or similar just in case) will be cracked in mere seconds as the site claims.


    ==============================
    (password: 1234567890)
    test1:1015:aad3b435b51404eeaad3b435b51404ee:c8fa091edf90b125cc7f800a260ae9b5:::

    (password: someone)
    test2:1016:2a3097d038762d85aad3b435b51404ee:87205ced7393f67d463985ecab1df49c:::

    (password: die83jf)
    test3:1017:020de3c40868eb88aad3b435b51404ee:fa7e4983b11df92abca640bb2141b09c:::

    Response from website:

    Encrypted hash: test1:1015:aad3b435b51404eeaad3b435b51404ee:c8fa091edf90b125cc7f800a260ae9b5:::
    Decrypted hash: BLANK PASSWORD

    --------------------------------------------------------------------------------

    Encrypted hash: test2:1016:2a3097d038762d85aad3b435b51404ee:87205ced7393f67d463985ecab1df49c:::
    Decrypted hash: SOMEONE

    --------------------------------------------------------------------------------

    Encrypted hash: test3:1017:020de3c40868eb88aad3b435b51404ee:fa7e4983b11df92abca640bb2141b09c:::
    Decrypted hash: ???????
    ======================================

    Some More tests:

    (password: 654321)
    test1:1018:23b3efcaa559d0dbaad3b435b51404ee:4057b60b514c5402dde3d29a1845c366:::

    (password: zzztop)
    test2:1019:6d0a23e97d9f7bd1aad3b435b51404ee:6088474f5ecad2e9d580793d032a373f:::

    (password: abcdefg)
    test3:1020:e0c510199cc66abdaad3b435b51404ee:352dfe551d62459b20349b78a21a2f37:::

    Response from site:
    Encrypted hash: test1:1018:23b3efcaa559d0dbaad3b435b51404ee:4057b60b514c5402dde3d29a1845c366:::
    Decrypted hash: ???????

    --------------------------------------------------------------------------------

    Encrypted hash: test2:1019:6d0a23e97d9f7bd1aad3b435b51404ee:6088474f5ecad2e9d580793d032a373f:::
    Decrypted hash: ???????

    --------------------------------------------------------------------------------

    Encrypted hash: test3:1020:e0c510199cc66abdaad3b435b51404ee:352dfe551d62459b20349b78a21a2f37:::
    Decrypted hash: ABCDEFG

    =============================================

    Some more test using a more complicated password:

    (password: h8trman)
    test1:1024:f0583384108943dfaad3b435b51404ee:a009a5820c022a6286b31e5115fc8497:::

    (password: d00dl8r)
    test2:1025:0136a51a527760cbaad3b435b51404ee:99f4c3cb2f795af8e62e0baa2fc3bdd5:::

    (password: zython)
    test3:1026:fe6e47837384ee2faad3b435b51404ee:483d96266da6d1018d1bd8139d99ebdb:::

    Web site response:
    Encrypted hash: test1:1024:f0583384108943dfaad3b435b51404ee:a009a5820c022a6286b31e5115fc8497:::
    Decrypted hash: ???????

    --------------------------------------------------------------------------------

    Encrypted hash: test2:1025:0136a51a527760cbaad3b435b51404ee:99f4c3cb2f795af8e62e0baa2fc3bdd5:::
    Decrypted hash: ???????

    --------------------------------------------------------------------------------

    Encrypted hash: test3:1026:fe6e47837384ee2faad3b435b51404ee:483d96266da6d1018d1bd8139d99ebdb:::
    Decrypted hash: ???????

  3. #23
    Senior Member
    Join Date
    Apr 2002
    Posts
    711
    Originally posted here by Kelvin@Sec33
    Okay, let me explain one-way hashes.
    *sigh*

    I wasn't questioning one-way hashes, I was questioning the fact why you were contrasting the idea of the MS password encryption algorithm availability to the speed of your system - it just didn't parse right in my mind and, to me, was comparing apples to oranges. At the very least, it could have been better phrased to be more understandable, I think.

    But, an 8 character password utilizing the full character set on your keyboard has 6,634,204,312,890,625 possible combinations. It would take about 3,159,144,910 seconds or 52,652,415 minutes or 877,540 hours or 36,564 days or last but not least around 100 years to run through all possible combinations at 2.1 million guesses per second.
    Actually, by my (admitedly quick) calculations, it's more like 13,685,690,504,052,736 possible combinations, which is a little over 206 years (closer to 206 and two-thirds, not counting leap years, of course)

    Understand? It's not as simple as you think. A refresher in encryption might be a good idea.
    Yes, Schneier's books are quite good - nice guy, too.


    ... and, usually when someone knocks someone for bad spelling... they just don't have anything else good to say. ;-) - Face it, the majority of the population isn't perfect when typing. And I am a member of the majority.
    My (personal) issues weren't with your spelling, but your grammar, logic and overall attitude (in your obviously eager/rushed posts).

    The day is getting longer.
    Aye... quite...


    Though so far, from what I've seen, however, this just seems to be yet another dictionary attack (or, if it's really as quick and "versatile" as you claim, I'd guess you've boosted the MS source). I'll sit and wait, however, until some more conclusive proof is demonstrated.

    Apologies to all if I sound like a skeptical ass, but I guess it's a not-too-uncommon trait for security folk... Probably doesn't help I'm in a not-too-wonderful mood, either. *shrug* (sick, plus my s/o has decided to move a long way away (work reasons))


    Like I said, I'd welcome some further, more-conclusive demonstrations...
    \"Windows has detected that a gnat has farted in the general vicinity. You must reboot for changes to take affect. Reboot now?\"

  4. #24
    Its a scam where people throw the hashes that contain passwords and these guys crack them at their own time. Pretty pathetic if you ask me.
    Well i didn't try it but i'm going to sec33.com sometimes and judging by the serious of his site
    and time he puts in it i think the guy is actually pretty serious about this and i don't think it's a scam. Why would he put his reputation and the reputation of his site to get ashes from a couple of dummy account???


    3) We did not release the full capabilities (full character set) because we wanted to demonstrate how we have affected the process of brute-force on one-way hashes. We may release it fully in the near future, but have not yet decided the app's future. This explains some passwords not being retrieved.
    I think i choose to believe that because if i would release a tool like that in the open, i would try to make it less effective then it really is but effective enough to prove a point...
    Wouldn't we all?

    Last comment...
    Kelvin, you've prove your point so i think it would be best for everybody to send the source to microsoft and forget about the whole think!
    my 2 cents!

  5. #25
    well kelvin.. you are scaring the sh** out of me!

    what's M$ response ??
    who knows?

  6. #26
    Senior Member
    Join Date
    Aug 2001
    Posts
    356
    Originally posted here by draziw
    Though so far, from what I've seen, however, this just seems to be yet another dictionary attack (or, if it's really as quick and "versatile" as you claim, I'd guess you've boosted the MS source). I'll sit and wait, however, until some more conclusive proof is demonstrated.
    dictionary attack...maybe, but you miss the point about the source. having the hashing source code does NOTHING to speed your attack. it works in one and only one way. it cannot be reversed. no matter what, if you are going to do the standard brute force attack you have to go charecter by charecter and run it through the hashing algorythm. if i had to venture a guess as to what they did i'd say they probably had the computer do nothing but hash possibilities for a very long time then store the encoded and un-encoded versions. then a simple comparison is all it takes. by limiting the charecters it can use you signifigantly reduce the possible hashes. if you get enough computers together and have them just hash like crazy for a while you can compile a list of all the possible hashes.

    once that is done you just sort them by hash and stick them in seperate files/HDD's/computers/whatever. now that you have a list of hashes and plain-text passwords you just do something like:
    if(hash > storage1start && hash < storage1end)
    search(storage1);
    if(hash > storage2start && hash < storage2end)
    search(storage2);
    ect...

    throw in a binary search within the file(cause its sorted) and *poof* you have just removed a TON of processing.
    -8-

    There are 10 types of people in this world: those who understand binary, and those who dont.

  7. #27
    I dont care what anyone says Lopht Crack is a useing a program to crack the Sam is lame

  8. #28
    Senior Member
    Join Date
    Oct 2001
    Posts
    638
    Kelvin@Sec33: When will we get to see the source code?
    OpenBSD - The proactively secure operating system.

  9. #29
    I dont care what anyone says cracking the sam is a lame way of breaking a password do it the old fastion way and crack it your self

  10. #30
    Junior Member
    Join Date
    Apr 2002
    Posts
    2

    Mutiple replies

    Didn't know this was going on for a while. I put a bunch of replies up on sec33.

    Forums -> IPC$

    http://www.sec33.com/modules.php?op=...rum&forum=16&1

    Thanks for the feedback, guys.

    --morlock

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •