07-17-2012, 06:49 PM
G'day.
So, I got a bunch of hashes. I ran them few a few hundred million words with no success. After brute-forcing with a mask of ?1?1?1?1?1?1 and a charset of ?l?d?u
Then I get:
The passwords look pseudo-random, and not like something a human would choose. I could understand an organization using forced passwords.
If I MD5 the passwords, it gives the hash, so it appears as though I guessed the exact password scheme for this group of passwords. I find this all unlikely.
Is it possible the hashes use a different algorithm which would give useless, but accurate results when decrypted with the incorrect algorithm. I think this is probably obtuse, but I'm trying to disprove the results.
Thanks.
So, I got a bunch of hashes. I ran them few a few hundred million words with no success. After brute-forcing with a mask of ?1?1?1?1?1?1 and a charset of ?l?d?u
Then I get:
Code:
Status.......: Cracked
Input.Mode...: Mask (?1?1?1?1?1?1)
Hash.Type....: MD5
Time.Running.: 2 mins, 56 secs
Time.Util....: 176879.6ms/4584.3ms Real/CPU, 2.7% idle
Speed........: 320.9M c/s Real, 340.8M c/s GPU
Recovered....: 451/451 Digests, 1/1 Salts
Progress.....: 56759746560/56800235584 (99.93%)
Rejected.....: 0/56759746560 (0.00%)
HW.Monitor.#1: 0% GPU, 79c TempThe passwords look pseudo-random, and not like something a human would choose. I could understand an organization using forced passwords.
If I MD5 the passwords, it gives the hash, so it appears as though I guessed the exact password scheme for this group of passwords. I find this all unlikely.
Is it possible the hashes use a different algorithm which would give useless, but accurate results when decrypted with the incorrect algorithm. I think this is probably obtuse, but I'm trying to disprove the results.
Thanks.