Feasible method of cracking long, randomised passwords?
(07-07-2020, 08:28 PM)philsmd Wrote: no, mask attack would be MUCH, MUCH faster if you just try "random passwords". every operation involving the disk would slow it down tremendously as already explained above when we compared -a 3 with -a 0/1/6/7

but this depends a lot also on the hashing algorithm. we distinguish fast and slow hash types in general, one that can be considered raw or non-iterated and salted hashes versus hashes which have a lot of iterations or a high cost factor

-m 12500 = RAR3-hp for instance has 262144 (0x40000) iterations, so it's technically already considered a slow hash type

I remember reading about the difficulties of cracking encrypted RAR archives because it is such a slow algorithm. I'm guessing the exception you mentioned earlier doesn't apply to RAR algorithms? So -a 0 + rules aka jumbling up already cracked passwords would be the way to go as I suspected in the first place?
If so, can you give a few general tips regarding which rules would be useful to me? Or point me in the right direction what kind of rules to read up on for my case?

Messages In This Thread
RE: Feasible method of cracking long, randomised passwords? - by CracktainCrunch - 07-07-2020, 10:04 PM