1. Contracting
    1. General
      1. Brexit
    2. Business / Contracts
      1. Coronavirus Assistance
    3. Accounting / Legal
      1. Umbrella Companies
      2. HMRC Scheme Enquiries
      3. The Future of Contracting
      4. IR35 Reform
    4. Technical
    5. Welcome / FAQs
  2. Social
    1. Light Relief
    2. Social / Events
  • Visitors can check out the Forum FAQ by clicking this link. You have to register before you can post: click the REGISTER link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. View our Forum Privacy Policy.
  • Want to receive the latest contracting news and advice straight to your inbox? Sign up to the ContractorUK newsletter here. Every sign up will also be entered into a draw to WIN £100 Amazon vouchers!

Security is paramount

Collapse
X
11 to 13 of 13 Previous 1 2 template Next
Collapse
Reply to Thread
  •  
  • Filter
  • Time
  • Show
Clear All
new posts
11 to 13 of 13 Previous 1 2 template Next
    #11
    Originally posted by Sysman View Post
    Details of the LinkedIn Hash Brute-Force
    One thing they don't mention there is that already-cracked hashes in the dumps have the first five characters set to zero, so you have to check for that too.

    Comment

      #12
      Originally posted by NickFitz View Post
      One thing they don't mention there is that already-cracked hashes in the dumps have the first five characters set to zero, so you have to check for that too.
      Even that has been addressed

      One issue becomes apparent: about half the file has had the first 5 characters zeroed out. This is discussed at ycombinator. Atom has released a version of his Hashcat password cracker to deal with this. John-the-Ripper apparently also has published a patch for this.

      ...

      So let's try the other file containing the corrupted hashes using the updated Hashcat feature on the other file, containing all the zeroed-out hashes.

      As you can see, this straight dictionary lookup results in 688-thousand passwords being cracked, or about one fifth of all the zeroed hashes.
      It gets worse when the guy starts using GPU processing. Worth a read.
      Behold the warranty -- the bold print giveth and the fine print taketh away.

      Comment

        #13
        Originally posted by Sysman View Post
        Even that has been addressed



        It gets worse when the guy starts using GPU processing. Worth a read.
        Good article

        Comment

        Reply to Thread
        11 to 13 of 13 Previous 1 2 template Next

        Advertisers

        1. Contracting
          1. General
            1. Brexit
          2. Business / Contracts
            1. Coronavirus Assistance
          3. Accounting / Legal
            1. Umbrella Companies
            2. HMRC Scheme Enquiries
            3. The Future of Contracting
            4. IR35 Reform
          4. Technical
          5. Welcome / FAQs
        2. Social
          1. Light Relief
          2. Social / Events
        Working...
        X