| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CABgawuYu+QQK-1j4VR7-ZTFoAGatcVhBv9RGPebVObJuOW-HnA@mail.gmail.com> Date: Fri, 2 Dec 2011 14:16:47 -0500 From: Charles Morris <cmorris@...odu.edu> To: noloader@...il.com Cc: full-disclosure@...ts.grok.org.uk Subject: Re: Large password list This is extremely depressing. On Fri, Dec 2, 2011 at 2:14 PM, Jeffrey Walton <noloader@...il.com> wrote: > On Thu, Dec 1, 2011 at 10:59 PM, Sanguinarious Rose > <SanguineRose@...ultusterra.com> wrote: >> I am at a lack of words for this, why pay $4.99 when you can just do >> some simple googling? You can even search pastebin and get a mass >> collection of password lists from dbases. Add a dash of awk and maybe >> a pinch of sed and viola! >> > Why even spend the CPU cycles to process the password list? See Jon > Callas' post on the Random Bits mailing list: "No one bothers cracking > the crypto (real life edition)", > http://lists.randombit.net/pipermail/cryptography/2011-December/001870.html. > > Interestingly (sadly?), googling the hash worked quite well for me on > a number of test cases, including common words and proper names. > > Jeff > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists