Waraxe IT Security Portal
Login or Register
October 20, 2025
Menu
Home
Logout
Discussions
Forums
Members List
IRC chat
Tools
Base64 coder
MD5 hash
CRC32 checksum
ROT13 coder
SHA-1 hash
URL-decoder
Sql Char Encoder
Affiliates
y3dips ITsec
Md5 Cracker
User Manuals
AlbumNow
Content
Content
Sections
FAQ
Top
Info
Feedback
Recommend Us
Search
Journal
Your Account
User Info
Welcome, Anonymous
Nickname
Password
(Register)

Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9144

People Online:
Visitors: 286
Members: 0
Total: 286
Full disclosure
CyberDanube Security Research 20251014-0 | Multiple Vulnerabilities in Phoenix Contact QUINT4 UPS
apis.google.com - Insecure redirect via __lu parameter(exploited in the wild)
Urgent Security Vulnerabilities Discovered in Mercku Routers Model M6a
Re: Security Advisory: Multiple High-Severity Vulnerabilities in Suno.com (JWT Leakage, IDOR, DoS)
Security Advisory: Multiple High-Severity Vulnerabilities in Suno.com (JWT Leakage, IDOR, DoS)
[SBA-ADV-20250730-01] CVE-2025-39664: Checkmk Path Traversal
[SBA-ADV-20250724-01] CVE-2025-32919: Checkmk Agent Privilege Escalation via Insecure Temporary Files
CVE-2025-59397 - Open Web Analytics SQL Injection
Re: [FD]Full Disclosure: CVE-2025-31200 & CVE-2025-31201 – 0-Click iMessage Chain ? Secure Enclave Key Theft, Wormable RCE, Crypto Theft
Re: Full Disclosure: CVE-2025-31200 & CVE-2025-31201 – 0-Click iMessage Chain ? Secure Enclave Key Theft, Wormable RCE, Crypto Theft
Re: Defense in depth -- the Microsoft way (part 93): SRP/SAFERwhitelisting goes black on Windows 11
Re: [FD]: "Glass Cage" – Zero-Click iMessage ? Persistent iOS Compromise + Bricking (CVE-2025-24085 / 24201, CNVD-2025-07885)
Re: [FD]Full Disclosure: CVE-2025-31200 & CVE-2025-31201 – 0-Click iMessage Chain ? Secure Enclave Key Theft, Wormable RCE, Crypto Theft
Samtools v1.22.1 Uncontrolled Memory Allocation from Large BED Intervals Causes Denial-of-Service in Samtools/HTSlib
Samtools v1.22.1 Improper Handling of Excessive Histogram Bin Counts in Samtools Coverage Leads to Stack Overflow
Log in Register Forum FAQ Memberlist Search
IT Security and Insecurity Portal

www.waraxe.us Forum Index -> General discussion -> Brute forcing improving ideas...
Post new topicReply to topic View previous topic :: View next topic
Brute forcing improving ideas...
PostPosted: Fri Oct 31, 2008 11:10 am Reply with quote
_mranderson_
Valuable expert
Valuable expert
Joined: Oct 30, 2008
Posts: 51




I was thinking, in the last few days, of a way to improve bruteforcing... here what came in my mind:

Let's define bruteforce improving:
we should aim at the most high probability to find the password using the less time possible.

well, assuming that most passwords are readable words plus (possibly) some numbers, we could improve our password-generating algorithm so that, instead of picking any possible password (thus even unreadable passwords like "abbbttk") it would generate just readable passwords..

one thing we must keep in mind is that the slower our password algorihm is the worst it is (I mean it's better to try more passwords but faster than less but a lot slower).

so, if we want to achieve this goal, we have to put rules to create readable words:
I think that a simple (and fast) rule to apply would be to never put more than 2 consonants or vocals one past another while generating the password (some letters like "h" should not be considered vocals nor consonants and others like "y" should be considered vocals), so that generated words would always fit the charset but never be unreadable (numbers could be considered vocals/consonants too, eg.: "1" is "i"/"l", "2" is "r", "3" is "e"...) thus reducing the keyspace, and conseguently the time needed to generate all the possible passwords. Of course this method should never be used untill the keyspace doesn't become big enough to be impossible to be completed (like passwords over 8-9 chars length with a charset length of 36 could be quite a pain to be completed).

Just let me know what you think, and I might implement an md5 bruteforcer that supports IPB md5(md5(salt).md5(pwd)) hashing algorithm and uses this method to bruteforce your hashes...
View user's profile Send private message
Re: Brute forcing improving ideas...
PostPosted: Fri Oct 31, 2008 11:30 am Reply with quote
gyan007
Advanced user
Advanced user
Joined: Oct 17, 2008
Posts: 106




_mranderson_ wrote:
I was thinking, in the last few days, of a way to improve bruteforcing... here what came in my mind:

Let's define bruteforce improving:
we should aim at the most high probability to find the password using the less time possible.

well, assuming that most passwords are readable words plus (possibly) some numbers, we could improve our password-generating algorithm so that, instead of picking any possible password (thus even unreadable passwords like "abbbttk") it would generate just readable passwords..

one thing we must keep in mind is that the slower our password algorihm is the worst it is (I mean it's better to try more passwords but faster than less but a lot slower).

so, if we want to achieve this goal, we have to put rules to create readable words:
I think that a simple (and fast) rule to apply would be to never put more than 2 consonants or vocals one past another while generating the password (some letters like "h" should not be considered vocals nor consonants and others like "y" should be considered vocals), so that generated words would always fit the charset but never be unreadable (numbers could be considered vocals/consonants too, eg.: "1" is "i"/"l", "2" is "r", "3" is "e"...) thus reducing the keyspace, and conseguently the time needed to generate all the possible passwords. Of course this method should never be used untill the keyspace doesn't become big enough to be impossible to be completed (like passwords over 8-9 chars length with a charset length of 36 could be quite a pain to be completed).

Just let me know what you think, and I might implement an md5 bruteforcer that supports IPB md5(md5(salt).md5(pwd)) hashing algorithm and uses this method to bruteforce your hashes...


So... You basically mean wordlists?
View user's profile Send private message
PostPosted: Fri Oct 31, 2008 12:38 pm Reply with quote
epro
Regular user
Regular user
Joined: Feb 11, 2008
Posts: 24




Yes, for thing like you said is wordlists! Bruteforce aim is to check all possibilities to find password! No clever algorithm! Just numbers, letters and special symbols!
View user's profile Send private message
PostPosted: Fri Oct 31, 2008 1:24 pm Reply with quote
_mranderson_
Valuable expert
Valuable expert
Joined: Oct 30, 2008
Posts: 51




I don't think you can find a wordlist with every possible readable password of the length you choose and with the charset you want...

I mean a wordlist contains words you use in your language, not all readable words from 1 to 8 using abcdefghijklmnopqrstuvwxyz0123456789 as charset

also this method would reduce the keyspace enourmously... try to crack a 10 chars length password with numbers and letters using the standard bruteforce method.. you will need like 1000 years, with this method maybe you need 100 (that's still a lot, but it's always 1/10 of the time) and you always have a high probability of finding the password...
View user's profile Send private message
PostPosted: Fri Nov 14, 2008 12:48 pm Reply with quote
ThoR
Regular user
Regular user
Joined: Nov 13, 2008
Posts: 5




And if you use a GPU enabled approach u can cut the 100 years to 1 ^^
i personally like the idea. for passlengths of over 10 chars, i would gladly forfeit the "it will sure find it" of standard bruteforce for the, let's hope it finds it of this approach ^^
View user's profile Send private message
PostPosted: Fri Nov 14, 2008 4:59 pm Reply with quote
_mranderson_
Valuable expert
Valuable expert
Joined: Oct 30, 2008
Posts: 51




Exactly, I mean wouldn't that be sweet if such GPU enable bruteforcers would let you choose to use this option or not? I don't think a --readable switch would be so hard to implement for those whome already implemented such programs.. that' would be really nice.

ThoR idk if you would be able to sugges this to the right ppl, but if you know any, pls do so. I think the most complex passwords would always be possible to be find.

For example:

a password like hi63624jk12 would be found.

6 = g
3 = e
2 = r
4 = a
1 = i/l

as you can see no more that 2 consonants/vocals would be put together in that password. so it's not true complex and long passwords wouldn't be found at all.
View user's profile Send private message
Brute forcing improving ideas...
www.waraxe.us Forum Index -> General discussion
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
All times are GMT
Page 1 of 1

Post new topicReply to topic


Powered by phpBB © 2001-2008 phpBB Group



PCWizardHub - Helping you fix, build, and optimize your PC life
All logos and trademarks in this site are property of their respective owner. The comments and posts are property of their posters, all the rest (c) 2004-2024 Janek Vind "waraxe"
Page Generation: 0.025 Seconds