[prev in list] [next in list] [prev in thread] [next in thread] 

List:       secprog
Subject:    Re: Precomputed Dictionary Attacks (was Re: Preventing Dictionary
From:       Alec Muffett <alecm () COYOTE ! UK ! SUN ! COM>
Date:       2001-04-12 12:35:25
[Download RAW message or body]

>L. Adrian Griffis wrote:
>>Also, is there evidence now that precomputed
>>dictionary attacks have been seen in the wild?
>
>Well, the post-computed equivalent has been in the wild for a long time.
>Crack sorts the /etc/passwd file by salt, and if two user's password entries
>have the same salt, it can check both at the same time (two-for-one).


which leads us neatly back to the too-few-salts/too-short-a-salt-string
-is-bad hypothesis, which was neatly explained a few days ago in this thread,
and which is why i have not seen fit to chip-in to the discussion.

as has also been pointed out before, partial all-precomputed crackers have
been in the wild for a long time - qcrack - and no doubt others exist.

	- alec


--
  [opinions and statements cited herein are personal and may not be factual]
      alec muffett - random numbers: 43651 92 - alec.muffett @ uk.sun.com
   perl -nle 'setpwent;crypt($_,$c)eq$c&&print"$u=$_"while($u,$c)=getpwent'

[prev in list] [next in list] [prev in thread] [next in thread]