BRUTE FORCE | PASSWORD CRACKING
BRUTE FORCE | PASSWORD CRACKING
The topic of this article is "Brute Force".In
this article i will explain the meaning of bruteforce and will provide
some top Brute force softwares to download.Lets Strat....
Brute force (also known as brute force cracking) is a trial and error method used by application programs to decode encrypted data such as passwords or Data Encryption Standard (DES) keys,
through exhaustive effort (using brute force) rather than employing
intellectual strategies. Just as a criminal might break into, or "crack"
a safe by trying many possible combinations, a brute force cracking
application proceeds through all possible combinations of legal
characters in sequence. Brute force is considered to be an infallible,
although time-consuming, approach.
Crackers are sometimes used in an organization to test network
security, although their more common use is for malicious attacks. Some
variations, such as L0phtcrack from L0pht Heavy Industries, start
by making assumptions, based on knowledge of common or
organization-centered practices and then apply brute force to crack the
rest of the data. L0phtcrack uses brute force to crack Windows NT
passwords from a workstation. PC Magazine reported that a system
administrator who used the program from a Windows 95 terminal with no
administrative privileges, was able to uncover 85 percent of office
passwords within twenty minutes.
You must have seen in movies how a hacker cracks a password. He take out
a small device from his pocket. Connect it to the locker or whatever he
wants to crack and then lots of digits and alphabets are shuffled on
the device’s screen and in a matter of minutes (and sometimes in
seconds), the thing is unlocked. Pretty Impressive but it doesn’t happen
that way. Basically a online system (by online system i means a system
which requires you to log in to get access) can’t be hacked like that.
Even a password stored in a offline file can’t be hacked so easily.
Lets take it as easy as it can get. You want to access a file which is
password protected. You create a program that tries every possible
combination of alphabets and numbers and then feed it to the file if its
the right one. This procedure is repeated till the right combination is
accepted by the file. This is what we call as a attack. And this very
procedure of trying possible combinations is called Brute Force Attack.
Now executing such a program which is required to provide every possible
combination requires a very good computing power. The time that it
consumes in breaking a password depends on the length of password and
the processor speed. Faster the processor, shorter the time it takes to
crack the password. Think it would be easy if you have a dual core or
quad core, Think again. On Desktop PCs it can take days to crack a
password.
Memory Space Trade Off – It is a situation in which time taken
for processing can be reduced at the cost of space and vice versa. To
make it very clear, lets see this again with the help of an example. In
the previous example, we can process the different combination before
hand and then store them in a file. And when you need to break a
password, combinations are retrieved from that file and this lessens the
load on the processor. The only time consumption in this case is the
retrieval of data from that file. This file is what is known as a Rainbow Table.
It can break passwords in a few minutes and in even a few seconds
depending how strong is the password. It can be obtained from the World
Wide Web but beware of its size. Its size is in GBs.
Now even if a hacker has the best of hardware, he can’t hack that
easily. Why? Ever entered a password wrong multiple times? It requires
you to enter the image to confirm that you are a human and it is not a
account and even if that fails (yes there are algorithms that can read
the text behind the image), the user is forbidden to enter the password
for a fixed amount of time. So, there is no way in hell that a hacker
can hack by Brute force or even with the help of rainbow tables. But it
surely gets the job done for offline files.
If I write more here in a single post, it would be difficult for many of
us to analyze the information. So, more in coming ICA articles.But i am
providing some most top used Brute force softwares,you can download
them and use for testing purpose...
This pack includes the following fully workable softwares:
1.Attack tool kit
2.CrackWhore 2.0
3.Apache scanner
4.Brutus
5.Brutus 2006
6.CGI scan
7.crackftp
8.E-mail cracker
9.hackers utillity
10.php brutforcer
11.php BB pass extracter
12.php cracker
13.shadow scan
14.web crack 4.0
and a few more
download links:
Brute force (also known as brute force cracking) is a trial and error method used by application programs to decode encrypted data such as passwords or Data Encryption Standard (DES) keys,
through exhaustive effort (using brute force) rather than employing
intellectual strategies. Just as a criminal might break into, or "crack"
a safe by trying many possible combinations, a brute force cracking
application proceeds through all possible combinations of legal
characters in sequence. Brute force is considered to be an infallible,
although time-consuming, approach.
Crackers are sometimes used in an organization to test network
security, although their more common use is for malicious attacks. Some
variations, such as L0phtcrack from L0pht Heavy Industries, start
by making assumptions, based on knowledge of common or
organization-centered practices and then apply brute force to crack the
rest of the data. L0phtcrack uses brute force to crack Windows NT
passwords from a workstation. PC Magazine reported that a system
administrator who used the program from a Windows 95 terminal with no
administrative privileges, was able to uncover 85 percent of office
passwords within twenty minutes.
You must have seen in movies how a hacker cracks a password. He take out
a small device from his pocket. Connect it to the locker or whatever he
wants to crack and then lots of digits and alphabets are shuffled on
the device’s screen and in a matter of minutes (and sometimes in
seconds), the thing is unlocked. Pretty Impressive but it doesn’t happen
that way. Basically a online system (by online system i means a system
which requires you to log in to get access) can’t be hacked like that.
Even a password stored in a offline file can’t be hacked so easily.
Lets take it as easy as it can get. You want to access a file which is
password protected. You create a program that tries every possible
combination of alphabets and numbers and then feed it to the file if its
the right one. This procedure is repeated till the right combination is
accepted by the file. This is what we call as a attack. And this very
procedure of trying possible combinations is called Brute Force Attack.
Now executing such a program which is required to provide every possible
combination requires a very good computing power. The time that it
consumes in breaking a password depends on the length of password and
the processor speed. Faster the processor, shorter the time it takes to
crack the password. Think it would be easy if you have a dual core or
quad core, Think again. On Desktop PCs it can take days to crack a
password.
Memory Space Trade Off – It is a situation in which time taken
for processing can be reduced at the cost of space and vice versa. To
make it very clear, lets see this again with the help of an example. In
the previous example, we can process the different combination before
hand and then store them in a file. And when you need to break a
password, combinations are retrieved from that file and this lessens the
load on the processor. The only time consumption in this case is the
retrieval of data from that file. This file is what is known as a Rainbow Table.
It can break passwords in a few minutes and in even a few seconds
depending how strong is the password. It can be obtained from the World
Wide Web but beware of its size. Its size is in GBs.
Now even if a hacker has the best of hardware, he can’t hack that
easily. Why? Ever entered a password wrong multiple times? It requires
you to enter the image to confirm that you are a human and it is not a
account and even if that fails (yes there are algorithms that can read
the text behind the image), the user is forbidden to enter the password
for a fixed amount of time. So, there is no way in hell that a hacker
can hack by Brute force or even with the help of rainbow tables. But it
surely gets the job done for offline files.
If I write more here in a single post, it would be difficult for many of
us to analyze the information. So, more in coming ICA articles.But i am
providing some most top used Brute force softwares,you can download
them and use for testing purpose...
This pack includes the following fully workable softwares:
1.Attack tool kit2.CrackWhore 2.03.Apache scanner4.Brutus5.Brutus 20066.CGI scan7.crackftp8.E-mail cracker9.hackers utillity10.php brutforcer11.php BB pass extracter12.php cracker13.shadow scan14.web crack 4.0
and a few more
download links: http://www.megaupload.com/?d=6GHU7XVB
No comments:
Post a Comment