(10-12-2016, 08:52 AM)pepix Wrote: Is there a faster way than brute force? How can I optimize my setup. I just need to point into right direction. And come up with faster solution.
Hi,
if you want to be faster than bruteforce (e.g., because it is a very slow hash) you should have a look at probabilistic password models. A good starting point is "A Study of Probabilistic Password Models (SP '14)".
Here you can find the 3 most used alternatives to bruteforce:
## Probabilistic Context-Free Grammars
-> Password Cracking Using Probabilistic Context-Free Grammars (SP '09)
-> Guess Again (and Again and Again): Measuring Password Strength by Simulating Password-Cracking Algorithms (SP '12)
-> Effect of Grammar on Security of Long Passwords (CODASPY '13)
-> On the Semantic Patterns of Passwords and their Security Impact (NDSS '14)
-> Next Gen PCFG Password Cracking (TIFS '15)
---> Software (old): https://sites.google.com/site/reusablese...ic_cracker
---> Software (new): https://github.com/lakiw/pcfg_cracker
## Markov Models
-> Fast Dictionary Attacks on Passwords Using Time-Space Tradeoff (CCS '05)
-> OMEN: Faster Password Guessing Using an Ordered Markov Enumerator (ESSoS '15)
-> OMEN+: When Privacy meets Security: Leveraging personal information for password cracking (CoRR '13)
-> A Study of Probabilistic Password Models (SP '14)
---> Software (old): http://openwall.info/wiki/john/markov
---> Software (new): https://github.com/RUB-SysSec/Password-G...-Framework (OMEN will be published very soon)
## Neural Networks
-> Fast, Lean, and Accurate: Modeling Password Guessability Using Neural Networks (USENIX '16)
-> (A rather strange approach, but the ?FIRST? writing about this topic) Using neural networks for password cracking by Sebastian Neef
--> Software (old): https://github.com/gehaxelt/RNN-Passwords
--> Software (new): https://github.com/cupslab/neural_network_cracking
## Approach Comparison
-> Measuring Real-World Accuracies and Biases in Modeling Password Guessability (USENIX '15)
-> A Framework for Comparing Password Guessing Strategies (PASSWORDS '15)
## Hybrids
-> Introducing the PRINCE attack-mode (PASSWORDS '14)
---> Software: https://github.com/hashcat/princeprocessor
---> Software: https://github.com/hashcat/hashcat