I were highly motivated by goat's old post.
I figure out that a 16^10 hex password dictionary must be very, very big.
How big? Well, to compare I recently download a not so good password dictionary that weight 178Mb and contains 16,982,780 ten hex strings.
For the other hand, my iMac can manage only 4,300 keys/s with aircrack-ng, so it takes about an HOUR to check all these passwords.
So, a complete 16^10 = 1,099,511,627,776 dictionary must take for me about 8 YEARS for my machine and it could weight approximately 11 Tb.
It make sense to have some heuristic to crunch that enormous dictionary and I like goat's rules.
So I generate a PHP class that follows goat's rules. At first, I've believed that that monster dictionary could be chunk to weight very little, maybe just 10% of the original file. But I was wrong.
According to my big random sample of 10 million string passwords, the real ratio of optimised/total is 0.6655 and it converge very soon from the beginning.
What does it means?
It means that the wanted file is still very big:
- weight: (0.6655) 11Tb = 7.32 Tb
- crackTime: (0.6655) 8 years = 5.32 years
The numbers speak for themselves. So, maybe we will have to wait the first generations of quantum computers, hehe.
The php classes are attached to this post.
Greetings,
I figure out that a 16^10 hex password dictionary must be very, very big.
How big? Well, to compare I recently download a not so good password dictionary that weight 178Mb and contains 16,982,780 ten hex strings.
For the other hand, my iMac can manage only 4,300 keys/s with aircrack-ng, so it takes about an HOUR to check all these passwords.
So, a complete 16^10 = 1,099,511,627,776 dictionary must take for me about 8 YEARS for my machine and it could weight approximately 11 Tb.
It make sense to have some heuristic to crunch that enormous dictionary and I like goat's rules.
So I generate a PHP class that follows goat's rules. At first, I've believed that that monster dictionary could be chunk to weight very little, maybe just 10% of the original file. But I was wrong.
According to my big random sample of 10 million string passwords, the real ratio of optimised/total is 0.6655 and it converge very soon from the beginning.
What does it means?
It means that the wanted file is still very big:
- weight: (0.6655) 11Tb = 7.32 Tb
- crackTime: (0.6655) 8 years = 5.32 years
The numbers speak for themselves. So, maybe we will have to wait the first generations of quantum computers, hehe.
The php classes are attached to this post.
Greetings,