| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 24357 | 2002-09-09 06:09:00 | Scary Truth about Insecurites | Chilling_Silence (9) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 77921 | 2002-09-09 10:31:00 | I tried brute forcing a password on a rar file I couldn't get into... I didn't know how long it was, but by the time it got to 6 characters (I think it started with 4) it had been about 4 or 5 hours. Every character takes exponentially longer than the previous number, as it doesn't try one character at a time, and just add one to the end, but tries all characters each length it tried (if that makes sense). VERY time consuming if you sit and watch it :D Mike. PS I gave up after about half way through 6 characters... I didn't need the file THAT much :) |
Mike (15) | ||
| 77922 | 2002-09-09 12:36:00 | yeah it kinda makes sense. for each position you've got 2*26+10 possible symbols (26 uppercase, 26 lowercase, 10 digits) = 62 symbols for a 6 symbol password, you've got 62^6 possible combinations (62 to the power of 6). that's a grand total of 56800235584 possible passwords... assuming a 1000MHz processor, (1000000 Hz?)... crap, it's too late to work it out. I'm going to bed. I'm sure if anyone is interested in the math then they will work it out and post it. If not, then I'm gonna post it tomorrow, and I'll spend my lecture time working this out instead of whatever it is that i'm meant to be learning.... G'd night. |
loser (538) | ||
| 77923 | 2002-09-09 21:30:00 | If it's the true clock speed, 1000Mhz would be 1000000000Hz - three more 0s than you had :) Mike. |
Mike (15) | ||
| 77924 | 2002-09-10 05:42:00 | If it's a 1Ghz or 1000Mhz, general rule of thumb most of the time to be safe is 1 attempt per second per Mhz, so this is a 600Mhz and it is doing 290 Average per second! | Chilling_Silence (9) | ||
| 77925 | 2002-09-10 05:49:00 | Take 56800235584 and divide it by 290 (Approx per second I'm doing) and you get 195862881.3 per second. that means it gonna take 195862881 seconds, or 3264381 minutes = 54406 hours?! That can't be right? My friend was able to crack a WinZip password in only 5-6 hours? Okay, anybody wanna figure it out for me? I restarted it doing only ABCabc123 so there are no special characters, cutting the time in half at least! Ummm... Okay, Taking a glass of water.. too many.... big numbers... My head hurts... Ouch! Chilling_Silence |
Chilling_Silence (9) | ||
| 77926 | 2002-09-10 06:15:00 | It can take a long time. That cracker might not be a good one ... there are quite a few. Have you used google and looked at the hint sites I suggested yesterday? | Graham L (2) | ||
| 77927 | 2002-09-10 07:40:00 | Mike - of course! you're right... like I said, it was late, and my brain doesn't really function that well at the best of times anyway! :D So as for the calculation.... one attempt per second per megahertz did you say Mr Chilling? I was kind of wondering about that... I first though 1 clock cycle per attempt, but I'm now inclined to think it would take longer than that. Not sure. Anyway, if we assumed that it WAS one attempt per clock cycle (that would be a best case) then we'd have (26*2+10)^6 combinations for a password of length 6. so that's 56800235584 combinations. at one attempt per cycle, that would be a time of 1/1000000000s per attempt.. but that would mean cracking it in less than a minute? ok, nope, I can't assume that can I? No way. Definitely not. Thinking thinking. Ok, wouldn't the speed really be limited by the speed of the bus and not the cpu? say a p4 2gig cpu cranks through the internal operations, but.... wait no that's why they developed cache isn't it.... urgh I think i'm making this worse.... >If it's a 1Ghz or 1000Mhz, general rule of thumb most of the time to be >safe is 1 attempt per second per Mhz, so this is a 600Mhz and it is >doing 290 Average per second! that doesn't make sense.... 1 attempt per second per MHz on a 600Mhz would mean 600 attempts per second...?? can you explain that 290 to me? i feel like i'm missing something.... i think your 54406 hours doesn't sound too bad actually... about 6.2 years... long time, but i remember seeing figures for something i was trying to crack that ran into 100s of years. needless to say i didn't wait around for it.... i'm gonna go write a small program to find an average for this kinda stuff... |
loser (538) | ||
| 77928 | 2002-09-10 08:08:00 | Dude ... no wonder you're "In your bedroom. ALONE." :p ]:) | antmannz (28) | ||
| 77929 | 2002-09-10 09:41:00 | na, that's for different reasons ;) well, I like to tell myself it is anyway... anyway, I'm giving up.... I've learnt a couple of things though -- 1. I don't write programs that well. 2. My assumption was way the heck off. And stop mocking me. I find this kinda interesting. You're giving me a complex... I'm gonna go have a cry now, coz I can't work this out, and coz you're being mean. And if i didn't have to get out to uni tomorrow, I'd get rip roaring drunk to drown my sorrows... This stupid thread is going to plague me until I work it out or someone explains it to me. Please someone explain it X-( Stupid calculations. Stupid computers. |
loser (538) | ||
| 1 2 | |||||