Rainbowcrack-Online was doing precomp dictionary attacks in conjunct with rainbowtables in 2k5. The hype spike for RC tables was back in 2k4.
You're off by 5 years Christian. -Travis On Thu, Feb 4, 2010 at 7:21 AM, McGhee, Eddie <[email protected]> wrote: > Are you serious? People have been using rainbow tables for years mate.. and > they are rather widely used.. no need to replace useful with anything, the > statement was plain wrong.. > ________________________________ > From: [email protected] > [mailto:[email protected]] On Behalf Of Christian > Sciberras > Sent: 04 February 2010 12:06 > To: Anders Klixbull > Cc: [email protected]; [email protected] > Subject: Re: [Full-disclosure] anybody know good service for cracking md5? > > FINE. Replace "useful" with "widely popular". > > > > > On Thu, Feb 4, 2010 at 1:04 PM, Anders Klixbull <[email protected]> wrote: >> >> lol they have been useful for years son >> just because YOU never found a use for them doesn't mean noone else has :) >> >> >> ________________________________ >> From: Christian Sciberras [mailto:[email protected]] >> Sent: 4. februar 2010 13:00 >> To: Anders Klixbull >> Cc: [email protected]; [email protected] >> Subject: Re: [Full-disclosure] anybody know good service for cracking md5? >> >> Uh, in the sense that they are finally becoming actually useful... >> >> >> >> >> >> On Thu, Feb 4, 2010 at 12:58 PM, Anders Klixbull <[email protected]> wrote: >>> >>> seems to be cropping in? >>> as far as know rainbow tables has been around for years... >>> >>> >>> ________________________________ >>> From: [email protected] >>> [mailto:[email protected]] On Behalf Of Christian >>> Sciberras >>> Sent: 3. februar 2010 23:02 >>> To: [email protected] >>> Cc: [email protected] >>> Subject: Re: [Full-disclosure] anybody know good service for cracking >>> md5? >>> >>> Actually dictionary attacks seem to work quite well, especially for >>> common users which typically use dictionary and/or well known passwords >>> (such as the infamous "password"). >>> Another idea which seems to be cropping in, is the use of hash tables >>> with a list of known passwords rather then dictionary approach. >>> Personally, the hash table one is quite successful, consider that it >>> targets password groups rather than a load of wild guesses. >>> >>> Cheers. >>> >>> >>> >>> >>> On Wed, Feb 3, 2010 at 10:26 PM, <[email protected]> wrote: >>>> >>>> On Wed, 03 Feb 2010 23:42:07 +0300, Alex said: >>>> >>>> > i find some sites which says that they can brute md5 hashes and WPA >>>> > dumps >>>> > for 1 or 2 days. >>>> >>>> Given enough hardware and a specified md5 hash, one could at least >>>> hypothetically find an input text that generated that hash. However, >>>> that >>>> may or may not be as useful as one thinks, as you wouldn't have control >>>> over >>>> what the text actually *was*. It would suck if you were trying to crack >>>> a password, and got the one that was only 14 binary bytes long rather >>>> than >>>> the one that was 45 printable characters long. ;) >>>> >>>> Having said that, it would take one heck of a botnet to brute-force an >>>> MD5 has >>>> in 1 or 2 days. Given 1 billion keys/second, a true brute force of MD5 >>>> would >>>> take on the order of 10**22 years. If all 140 million zombied computers >>>> on the >>>> internet were trying 1 billion keys per second, that drops it down to >>>> 10**16 >>>> years or so - or about 10,000 times the universe has been around >>>> already. >>>> >>>> I suspect they're actually doing a dictionary attack, which has a good >>>> chance >>>> of succeeding in a day or two. >>>> >>>> >>>> _______________________________________________ >>>> Full-Disclosure - We believe in it. >>>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html >>>> Hosted and sponsored by Secunia - http://secunia.com/ >>> >> > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > -- FD1D E574 6CAB 2FAF 2921 F22E B8B7 9D0D 99FF A73C http://pgp.mit.edu:11371/pks/lookup?search=tbiehn&op=index&fingerprint=on http://pastebin.com/f6fd606da _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
