Graphics Programs Reference
In-Depth Information
trying word: Aachen ==> jeyQc3uB14q1E
trying word: Aachen's ==> je7AQSxfhvsyM
trying word: Aaliyah ==> je/vAqRJyOZvU
.:[ output trimmed ]:.
trying word: terse ==> jelgEmNGLflJ2
trying word: tersely ==> jeYfo1aImUWqg
trying word: terseness ==> jedH11z6kkEaA
trying word: terseness's ==> jedH11z6kkEaA
trying word: terser ==> jeXptBe6psF3g
trying word: tersest ==> jenhzylhDIqBA
trying word: tertiary ==> jex6uKY9AJDto
trying word: test ==> jeHEAX1m66RV.
The hash "jeHEAX1m66RV." is from the plaintext password "test".
reader@hacking:~/booksrc $
Since the word
test
was the original password and this word is found in
the words file, the password hash will eventually be cracked. This is why it's
considered poor security practice to use passwords that are dictionary words
or based on dictionary words.
The downside to this attack is that if the original password isn't a word
found in the dictionary file, the password won't be found. For example, if a
non-dictionary word such as
h4R%
is used as a password, the dictionary attack
won't be able to find it:
reader@hacking:~/booksrc $ ./crypt_test h4R% je
password "h4R%" with salt "je" hashes to ==> jeMqqfIfPNNTE
reader@hacking:~/booksrc $ ./crypt_crack /usr/share/dict/words jeMqqfIfPNNTE
Salt value is 'je'
trying word: ==> jesS3DmkteZYk
trying word: A ==> jeV7uK/S.y/KU
trying word: A's ==> jeEcn7sF7jwWU
trying word: AOL ==> jeSFGex8ANJDE
trying word: AOL's ==> jesSDhacNYUbc
trying word: Aachen ==> jeyQc3uB14q1E
trying word: Aachen's ==> je7AQSxfhvsyM
trying word: Aaliyah ==> je/vAqRJyOZvU
.:[ output trimmed ]:.
trying word: zooms ==> je8A6DQ87wHHI
trying word: zoos ==> jePmCz9ZNPwKU
trying word: zucchini ==> jeqZ9LSWt.esI
trying word: zucchini's ==> jeqZ9LSWt.esI
trying word: zucchinis ==> jeqZ9LSWt.esI
trying word: zwieback ==> jezzR3b5zwlys
trying word: zwieback's ==> jezzR3b5zwlys
trying word: zygote ==> jei5HG7JrfLy6
trying word: zygote's ==> jej86M9AG0yj2
trying word: zygotes ==> jeWHQebUlxTmo
Couldn't find the plaintext password in the supplied wordlist.
