Re: AOL passwords / crypt() and online brute forcing

From: gotcha (fmuat_private)
Date: Wed May 01 2002 - 16:27:19 PDT

Next message: Mariusz Mazur: "RE: Wlan @ bestbuy is cleartext?"

Previous message: Ron DuFresne: "Re: SECURITY CAMERA WAR DRIVING"
In reply to: Fab Siciliano: "RE: AOL passwords / crypt() and online brute forcing"
Next in thread: Muhammad Faisal Rauf Danka: "Re: AOL passwords / crypt() and online brute forcing"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

damn, i need to work on my char counting skillz :>

--gotcha

On Wed, May 01, 2002 at 04:43:17PM -0400, Fab Siciliano wrote:
> They can. The 1 is changing to a 2.
> 
> > -----Original Message-----
> > From: gotcha [mailto:fmuat_private] 
> > Sent: Wednesday, May 01, 2002 4:39 PM
> > To: Erik Parker
> > Cc: vuln-devat_private
> > Subject: Re: AOL passwords / crypt() and online brute forcing
> > 
> > 
> > On Wed, May 01, 2002 at 12:20:44PM -0500, Erik Parker wrote:
> > > if you take the 94 displayable ascii characters.. and do 
> > 94^8 you have 
> > > a possible 6,095,689,385,410,816..  So about 6 quadrillion 
> > passwords 
> > > to try..
> > 
> > i think that's not the issue. the real problem is that people 
> > think they can block access by changing a password from 
> > foobar111 to foobar123.
> > 
> > --gotcha
> >

Next message: Mariusz Mazur: "RE: Wlan @ bestbuy is cleartext?"
Previous message: Ron DuFresne: "Re: SECURITY CAMERA WAR DRIVING"
In reply to: Fab Siciliano: "RE: AOL passwords / crypt() and online brute forcing"
Next in thread: Muhammad Faisal Rauf Danka: "Re: AOL passwords / crypt() and online brute forcing"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed May 01 2002 - 16:14:06 PDT