Crack php hashed password

Is there right way to crack php hashed password ?

I used to hash a password php password_hash() method. Php version 7.3

Then i create a word list using python script. It’ s size around 1GB.

Then i crete a php script to read that word list and verify the password. To do that i used password_verify() method in php.

Finaly i execute the php script using terminal.

Its worked fine. But getting too much time to crack the password.

As a student i like to write my own scripts and tools. So any one has a idea to get much performance and efficiant way to do this kind of work.

I also searched about clustering and , gpu using for password cracking.

But i didn’t get any chance to learn breefly above concepts.

password manager for macOS

I can see a few options for open source macOS password manager:

macpass

keepassX

keepassXC

Is any of these 3 more secure than the others?

I tried to browse for a while, but I couldn’t find anything meaningful on this subject. Does anyone technically competent have an opinion on this subject?

Thanks!

Password Pattern in ML

Trying to figure out the patterns of passwords. I’m new to ML, but was inspired by PassGan, a ML tool that generates sample passwords. The likelihood is low enough that it’s not very useful for password cracking, but I’d like to take the technique and use it for password discovery.

My intention is to train a model to understand what a password is, then compare that against words found on services (Slack, File Shares, etc.) to detect instances of people being sloppy and leaving passwords where they shouldn’t be.

My core assumptions are that passwords are far from random, and if analyzed appropriately many share a common pattern(s). This pattern could be used to identify and hopefully eradicate poor operational security practices.

Ideally, I’d like to choose something that evaluates words and provides a probability of that word being a password, then given the likely hood, I could have the application make some kind of a decision.

Is there an algorithm or model that works well for this kind of task? It’s single dimensional data, I’d assume unsupervised learning is really the only approach.

What can be done with rdsadmin password in a redshift Postgres DB [closed]

I am working on bug bounty program for which they have given a test postgres DB environment with only one username and password … So I am using that for my testing purposes. Later I found out that the postgres DB that was provided has some more users in it (from the default table pg_user) … There’s one user “rdsadmin” for which I was able to guess the password.

So just wanted to know. What is the use of rdsadmin user in a postgres DB. Can we do anything impactful using that. Can any damage be done to DB using that user

Thanks

Keep password in macro

I had an idea to assign my keyboard’s macro keys to various passwords so I can just hit the key and it will paste in (the passwords are long and random so I won’t remember them). This is on a home desktop PC. Are there any reasons this is a bad idea security wise? Thanks

create a custom password list by crunch

i want to create a password list by crunch and then pass it to hashcat but first of all i have a custom password list and i want to add numbers to my characters in that passlist with crunch before pass it to hashcat, like there is a name on the list eg. paul,Bryan & … and then i want to add numbers like 12345… to the names to makes them

paul111

paul112

paul113

Bryan1234567890

Bryan1234567891

how can i add characters and etc to a passlist in crunch?

crunch 8 15 (passwordlist)+1234567890 | hashcat -m 16800 pmkid_1218.16800  

and who knows how to combine pass word lists with each other in example like : crunch 8 15 (names passwordlist) + (phone numbers list) | hashcat -m 16800 pmkid_1218.16800

Risk of contamination when network discovery is on + file sharing password?

We use the Windows 10 file/folder sharing feature to share files between two computers (A and B) that are on the same wifi network. In this network there are several infected computers (computers C).

Computer A and B are on Windows 10 and up to date and Windows firewall is on. Some computers infected are on Windows 7. It’s a home network (not work or public network).

To protect the computers this link recommends that we turn off file sharing and network discovery. But without “Network discovery” we can’t share the file between A and B…

So we turned on “Network discovery” and protected the files sharing between A and B with a strong password.

Is there still a risk being contaminated by computers C? How?