The Beast is Born
Brute Force is a resource intensive method of exploiting a password by trying every possible combination. It is simple, straightforward, and is guaranteed to work however inefficient it may be. To give an idea of the enormous numbers that are dealt with, a typical 6-character password (case sensitive) possesses a mind boggling 735,091,890,625 unique combinations. A fairly modern PC can attempt about 6,000,000 combinations a second. At this rate, it would take:
1: 0.00001583333 seconds 2: 3: 4:
Tweaking and Refining
Not many people so inexperienced as to create a 1, 2, or 3 character passwords. In fact, many institutions require a minimum length, thus 6 – 8 characters is more likely. When cracking, a character range can be applied to narrow the possibilities. If the exact length of the password is known, exploiting will take much less time and resources. As well, the first 6 character combination is “000000”, which is unlikely in any sort, thus the cracking an start in the middle, with combination “”, working towards each side. If one has a multicore computer, each processing unit can be set to tackle a certain area, with some sections greater prioritized than others. Another common condition with most passwords, an alphabetic series precedes the numeric, thus it can be set to always begin with a letter. These small tweaks can greatly cut down on cracking times
Character Sets
When cracking, one can also specify the character set used. This will greatly affect cracking times and success rate. One has to choose the proper set for the task.
alpha = [ABCDEFGHIJKLMNOPQRSTUVWXYZ] alpha-space = [ABCDEFGHIJKLMNOPQRSTUVWXYZ ] alpha-numeric = [ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789] alpha-numeric-space = [ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789 ] alpha-numeric-symbol14 = [ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789!@#$%^&*()-_+=] alpha-numeric-symbol14-space= [ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789!@#$%^&*()-_+= ] all = [ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789!@#$%^&*()-_+=~`[]{}|\:;"'<>,.?/] all-space = [ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789!@#$%^&*()-_+=~`[]{}|\:;"'<>,.?/ ]
numeric = [0123456789] numeric-space = [0123456789 ] loweralpha = [abcdefghijklmnopqrstuvwxyz] loweralpha-space = [abcdefghijklmnopqrstuvwxyz ] loweralpha-numeric = [abcdefghijklmnopqrstuvwxyz0123456789] loweralpha-numeric-space = [abcdefghijklmnopqrstuvwxyz0123456789 ] loweralpha-numeric-symbol14 = [abcdefghijklmnopqrstuvwxyz0123456789!@#$%^&*()-_+="] loweralpha-numeric-all = [abcdefghijklmnopqrstuvwxyz0123456789!@#$%^&*()-_+=~`[]{}|\:;"'<>,.?/] loweralpha-numeric-all-space= [abcdefghijklmnopqrstuvwxyz0123456789!@#$%^&*()-_+=~`[]{}|\:;"'<>,.?/ ]
mixalpha = [abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ] mixalpha-space = [abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ ] mixalpha-numeric = [abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789] mixalpha-numeric-space = [abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789 ] mixalpha-numeric-symbol14 = [abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789!@#$%^&*()-_+=] mixalpha-numeric-all = [abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789!@#$%^&*()-_+=~`[]{}|\:;"'<>,.?/] mixalpha-numeric-all-space = [abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789!@#$%^&*()-_+=~`[]{}|\:;"'<>,.?/ ]
Cracking Windows passwords, one only needs an alphanumeric character set. Setting the parameter to mixalpha-numeric-all-space is superfluous and will waste time. Using logic, one can narrow down the password possibilities and crack more efficiently.
Power of the Dictionary
Language is a potent tool. Since it is used daily for communication purposes, words of one’s language is reinforced and easily remembered through regular use. Passwords are no exception, usually containing one key word of a given language, rather than random characters. Taken into consideration, this would significantly narrow down the number of possibilities. For this reason, Dictionary Attack was invented. Instead of generating every possible password string, the program searches through an extensive list of words (306,762 in our test), and finds the matching. The English language holds about 1,000,000 words, 450,000 of which are extensively used, so the 306,000 isn’t bad. Various wordlists exist over the web, each fairly compact in size. Our reference ~ 300k words
A Great Deal
Do you see a rainbow? Invented by cryptographer Martin Hellman, rainbow tables are an elite form of password cracking compared to brute force, capable of exploiting reasonable length codes in one or two seconds. Essentially it is a reference table with numerous hash strings and their plaintext equivalent. The system is a sort of tradeoff; disk space for much faster cracking. This comes especially useful when one is trying to crack multiple passwords, but don’t think these tables are small. Though all text, they can take hundreds of terabytes when gone into enough depth.