[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] Large password list

To: Sanguinarious Rose <SanguineRose@xxxxxxxxxxxxxxxxx>
Subject: Re: [Full-disclosure] Large password list
From: Jeffrey Walton <noloader@xxxxxxxxx>
Date: Fri, 2 Dec 2011 14:14:04 -0500

On Thu, Dec 1, 2011 at 10:59 PM, Sanguinarious Rose
<SanguineRose@xxxxxxxxxxxxxxxxx> wrote:
> I am at a lack of words for this, why pay $4.99 when you can just do
> some simple googling? You can even search pastebin and get a mass
> collection of password lists from dbases. Add a dash of awk and maybe
> a pinch of sed and viola!
>
Why even spend the CPU cycles to process the password list? See Jon
Callas' post on the Random Bits mailing list: "No one bothers cracking
the crypto (real life edition)",
http://lists.randombit.net/pipermail/cryptography/2011-December/001870.html.

Interestingly (sadly?), googling the hash worked quite well for me on
a number of test cases, including common words and proper names.

Jeff

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Follow-Ups:
- Re: [Full-disclosure] Large password list
  - From: Charles Morris
- Re: [Full-disclosure] Large password list
  - From: GloW - XD

References:
- [Full-disclosure] Large password list
  - From: Addy Yeow
- Re: [Full-disclosure] Large password list
  - From: Sanguinarious Rose

Prev by Date: Re: [Full-disclosure] Large password list
Next by Date: Re: [Full-disclosure] Large password list
Previous by thread: Re: [Full-disclosure] Large password list
Next by thread: Re: [Full-disclosure] Large password list
Index(es):
- Date
- Thread