Is there right way to crack php hashed password ?
I used to hash a password php password_hash() method. Php version 7.3
Then i create a word list using python script. It’ s size around 1GB.
Then i crete a php script to read that word list and verify the password. To do that i used password_verify() method in php.
Finaly i execute the php script using terminal.
Its worked fine. But getting too much time to crack the password.
As a student i like to write my own scripts and tools. So any one has a idea to get much performance and efficiant way to do this kind of work.
I also searched about clustering and , gpu using for password cracking.
But i didn’t get any chance to learn breefly above concepts.
I can see a few options for open source macOS password manager:
Is any of these 3 more secure than the others?
I tried to browse for a while, but I couldn’t find anything meaningful on this subject. Does anyone technically competent have an opinion on this subject?
Trying to figure out the patterns of passwords. I’m new to ML, but was inspired by PassGan, a ML tool that generates sample passwords. The likelihood is low enough that it’s not very useful for password cracking, but I’d like to take the technique and use it for password discovery.
My intention is to train a model to understand what a password is, then compare that against words found on services (Slack, File Shares, etc.) to detect instances of people being sloppy and leaving passwords where they shouldn’t be.
My core assumptions are that passwords are far from random, and if analyzed appropriately many share a common pattern(s). This pattern could be used to identify and hopefully eradicate poor operational security practices.
Ideally, I’d like to choose something that evaluates words and provides a probability of that word being a password, then given the likely hood, I could have the application make some kind of a decision.
Is there an algorithm or model that works well for this kind of task? It’s single dimensional data, I’d assume unsupervised learning is really the only approach.
Microsoft Windows 10 password forgot but have a hint of OneTwoThreeFour
I am trying to decode a zip file password decoded form of: %3C%7C%3D3r%28Strong%29 I have tried to convert in to MD5 hash and use john the ripper to crack the password. Can someone explain how to do it?
I am working on bug bounty program for which they have given a test postgres DB environment with only one username and password … So I am using that for my testing purposes. Later I found out that the postgres DB that was provided has some more users in it (from the default table pg_user) … There’s one user “rdsadmin” for which I was able to guess the password.
So just wanted to know. What is the use of rdsadmin user in a postgres DB. Can we do anything impactful using that. Can any damage be done to DB using that user
On my d-link router, a DIR-819, there is by default an open SSH port (22), which accepts a default username and password, namely root/root and admin/admin.
I found this by running a network scanner and it identified these default login credentials.
So I logged in and the file system says it is read-only when I tried to change the password file to override the default values for those users. It runs BusyBox 1.6.1.
Via the web interface, I tried to configure some sort of re-routing of port 22 requests to another (static) IP on my network that doesn’t run SSH and never will, but it doesn’t seem to work (maybe only re-routes the WAN traffic?)
Any ideas for how to disable this flaw?
Although the file system is read only, a logged on root user can still run a tonne of BusyBox commands, including killing and rebooting. I know this risk is unlikely given it’s a home network and only has trusted users, but it’s the principle of it.
I had an idea to assign my keyboard’s macro keys to various passwords so I can just hit the key and it will paste in (the passwords are long and random so I won’t remember them). This is on a home desktop PC. Are there any reasons this is a bad idea security wise? Thanks
i want to create a password list by crunch and then pass it to hashcat but first of all i have a custom password list and i want to add numbers to my characters in that passlist with crunch before pass it to hashcat, like there is a name on the list eg. paul,Bryan & … and then i want to add numbers like 12345… to the names to makes them
how can i add characters and etc to a passlist in crunch?
crunch 8 15 (passwordlist)+1234567890 | hashcat -m 16800 pmkid_1218.16800
and who knows how to combine pass word lists with each other in example like : crunch 8 15 (names passwordlist) + (phone numbers list) | hashcat -m 16800 pmkid_1218.16800
We use the Windows 10 file/folder sharing feature to share files between two computers (A and B) that are on the same wifi network. In this network there are several infected computers (computers C).
Computer A and B are on Windows 10 and up to date and Windows firewall is on. Some computers infected are on Windows 7. It’s a home network (not work or public network).
To protect the computers this link recommends that we turn off file sharing and network discovery. But without “Network discovery” we can’t share the file between A and B…
So we turned on “Network discovery” and protected the files sharing between A and B with a strong password.
Is there still a risk being contaminated by computers C? How?