A brute-force of art-vulnerability warning-the black bar safety net

ID MYHACK58:62200923265
Type myhack58
Reporter 佚名
Modified 2009-05-16T00:00:00


> Brute force is simple to say is to use all possible characters or numbers to try until all of the test completed so far. For example, say we have a password that only allows the use of two-digit numbers, to obtain this password we have to have try from 0 0-9 9 all numbers that are decimal, until we find the right numbers so far. The digital each bit can be 0 ~ 9 any one. ip scanner will scan a specific subnet(set of all nodes, each subnet is 2 5 5 nodes, this is the violence of the scanning subnet. Try all the combinations required time-consuming by the following three factors: 1, The number of the carry system or the ascii code. 2, want crack the string length. 3, the start or end of the desired minimum password length. This rule on the remote or the local crack. Obviously should also consider the cpu speed and bandwidth, but the above three regardless of machine speed or network speed of how is relatively more important factors. Now we're back in focus: brute-force password cracking and ip scanning is very similar, except that we are here is to increase the ASCII code instead of the node number. Also remember that in the ip scan at the time when the last byte reaches 2 5 5 the future should be how to do? We will put adjacent to the bytes added together the last byte is zero, then a one is added to 2 5 5, and so on ad infinitum. Check whether 2 5 5 is to decide when the node number is reset to Condition 1, this and password hack almost, but because the password does not directly contain numbers, so the processing method will be slightly different. Let us illustrate it, suppose we want to crack a 3-byte password, the beginning we should count the bytes of the ASCII code set is 3 2 less than 3 2 is are control characters, in the range from 3 2 to 1 2 7, because this is all allows the use of characters does not include the extended ASCII code is include meta-symbols, special characters, including on the keyboard of all possible characters. for(x=0; x<=passlen-1; x++) pass[x]=3 2; The assignment is completed, the following display of the brute force loop is how, in parenthesis is the ASCII code: char 2(3 2) char 1(3 2) char 0(3 2) <----- the first attempt char 2(3 2) char 1(3 2) char 0(3 3) <----- the second attempt > > The following process is skipped, assuming that the char 0 has been added to 1 2 7 > > char 2(3 2) char 1(3 2) char 0(1 2 7) <----- 9 5 tries ^ | __ The maximum allowable value > > char 2(3 2) char 1(3 3) char 0(3 2) <----- 9 6 attempts ^ ^ | | | ------- Reset to 3 2 ----------- Plus 1 > > char 2(3 2) char 1(3 3) char 0(3 3) <------ 9 7 attempts ^ | \ ------ Plus 1 > > The following process is skipped, assuming that char 1 has been added to 1 2 7 > > char 2(3 2) char 1(1 2 7) char 0(1 2 7)

char 2(3 3) char 1(3 2) char 0(3 2) ^ | ------------------- Note the changes here We only changed the second and the char 0 and char 1 to re-assign a value of 3 to 2. This allows to test all combinations for password hack need to do the work. Next these steps will repeat indefinitely. Once a character reaches 1 2 7, then its left adjacent character plus one, and then left the characters unchanged, and all subsequent characters are set to 3 on 2! A simple calculation way, for the violence to crack the above password up need to try(127-32)^3= 8 8 4 7 3 6 times. When string length increases, the brute force of time spent will be very long. Can you imagine if crack a 1 2 characters of the password? That is(127-32)^1 2= 5 4 0 3 6 0 0 8 7 6 6 2 6 3 6 9 6 2 8 9 0 6 2 5 possible combinations. It's just that you know the password is indeed a 1 2-bit case, if the minimum password is 8, then from 8-bit has been to try to 1 2 bits, a total of need: (127-32)^8 + (127-32)^9 + (127-32)^1 0 + (127-32)^1 1 + (127-32)^1 2 Times. As can be seen in the remote to crack the password this way is not worth considering, but over a period of time is still a real method, and for the local password, if you know the password for the program and assuming it is one-way one way can be used to brute force depending on your CPU speed. Also keep in mind that if the password is encrypted in the form of storage, then each cycle is generated in the combination of characters also need to first encrypt, and then try with dark text comparison to determine whether it is bonding the correct password match. Due for the authentication of the password is typically one-way encrypted, so the above method is the only thing we available. Although my example does not do this, but I'm still demonstrates how to try every possible combination and how to do the rules. You can also reduce the character range, such as from 3 2-1 2 7 reduced to, say, contains only uppercase characters or lowercase characters A method to reduce the brute force time consuming, but we here do not relates to doing this method. Doing so is just a possibility. The following is what I wrote for this example of a brute-force engine.