John the Ripper (and a lammer friend)
A friend who loves Micro$hit and who beleaves tha he is a hacker, said that linux is less secure tah windows. I obviously laughed and know we had bet 10 € (it's not too much but it's the honour what pains the most).
He has lost the bet, because i had troyaned his pc without many efforts. But he keeps saying that he will get my root password using John the Ripper. Obviously he will never get my pass file. But that program has awaken my curiosity. I'm testing it with my root pass using incremental mode but the result is quite strange. this is what i got: Quote:
Another question: what does c/s mean? and the last one: how do i do to use incremental mode with numbers and letters but no special chars? thanx |
well, this program is absolutely unusefull unless u have a 10 double-g5 cluster. I made some calculations and it'd take 3500 years to get a 8 chars pass checking letters number and some special chars (95 chars in total). I think i won't live that much :D
cya! |
actually I disagree with your timetables. We have used the ripper in the past against our corporate sam database and it cranked throught it dumping out tons of passwords 8 character alpha mixed in less than 24 hours. Machines these days have a lot of processing power....throw your /etc/passwd on a dual 64bit G5 mac and it would take probably 5 mins.....
|
I think I've used it before on a windows machine... (if it wasn't that one it was one similar) and most 8 character passwords it would find within 24 hours.
The one I used was an inside job tool. They have to have access to get the passwd/shadow file. You aren't giving him the password/shadow file are you? |
ok, i'll wait a bit more. I've tested it on a p2 300 mhz, a k7 700mhz and a p4 2ghz.
I only can try it during a long time is the p2 300 mhz, but i think that the diference can't be mora than one day (the p4 just doubled (well, a bit mora than the double) the c/s amount, the diference is not too high.) cya! ps: no! i didnt gave that to him... well, he doesn't even know what that is xDDD. |
oh yeah a 300mhz is nothing compared to a 2ghz or more machine. RAM is also crucial. I have a minimum of 1GB in my machines and it makes all the difference.
|
ram makes the diference in bruteforcing too?? Johnny doesnt seem to use many ram....
|
more than 24 hours in a 2 ghz pc triying douwncase alpha and 8 chars and it haven't finished yet... r u sure this works?
|
Crack5.0 can merge the passwd and shadow files... Are your hashes MD5? My root is MD5 (starts with $1) and other users aren't which seems odd...
|
no, tha has is DES
|
Yeah DES is the default but you can have MD5 which apparently Slack 9 seems to have for root but not the other users... I dunno i could be wrong but root is the only user on my box whose hash starts with $1.
|
and what's the difference between MD5 and DES?
|
MD5 is 128 bit encryption while DES is only 56 bit so it would take a lot longer to crack MD5. MD5 is technically only 64 bits because it is vulnerable to collision attacks where if you search for 2 random hashes that have the same hash value (birthday paradox) you can reduce it from 128 bits to 64 bits. But even then it is still more secure than DES's 56 bits.
|
Just FYI
Heres a interesting article that says Win2k is more secure than Linux. http://www.worldtechtribune.com/worl...sv10302002.asp http://www.worldtechtribune.com/worl...e/template.asp Also says that RedHat was trying to become EAL 2 certified and Win2k SP4 was already EAL 4 certified. I doubt your friend knew about this though because he probably would of mentioned it ;) |
"¬¬
Maby win2k sp4 is abit more secure than most linux... but waht aborut win2k sp1, sp2, sp3, or win XP or 98... While the linux kernel might not be the most secure in the world, the windows kernel is obviously worse. |
All times are GMT -5. The time now is 10:52 PM. |