I would imagine that if using a-z and 0 to 9, with 8 characters there would be 8 to the power 36 combinations (I think). Trouble is those numbers are getting too large for me to have any concept of how long it would take to hack. We'd need to get an idea of how long each attempt takes.
Looking back at the original password it was very similar to yours. His unix box had been going for 4 hours when we stopped it to do those tests, so much harder to crack. I'm going to set one off later to see how long it takes. This is not scare mongering by the way. To accomplish this you already need to have the MD5 hash. I think it's just better to avoid complacency - make the passwords longer and use special characters if possible. I didn't realise the amount of difference between dictionary passwords and the alternative. I suppose something as simple as "kittens/1" would cut out the dictionary searches. Gareth ""Maissen Sacha"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Anh, > Sorry for my question about your test below. This program "john the > ripper", is > it working with dictionaries or not? Because my question is, if I use > passwords > like "12eldkvi", which are not in any dics, how long you need then to > crack a > MD5-password? > > Regards > Sacha > > -----Urspr|ngliche Nachricht----- > Von: Anh Lam [mailto:[EMAIL PROTECTED]] > Gesendet: Sonntag, 21. Oktober 2001 20:46 > An: [EMAIL PROTECTED] > Betreff: Re: OT: Enable secret hacking [7:23670] > > > Gareth, > I create an "enable secret" password on a Cisco router 2610 with the > password as you mentioned "kittens". Remember this is an MD5 encrypted > string ($1$Em47$DEsFfXv/Px6y/cEmjMwfE0). You know what, I take this > string > and use the program called "john the ripper" running on my linux box to > crack it. This linux is a pentium 200MHz with 64MB of RAM. It takes > exactly 5 minutes to crack this password. I would imagine for longer > "enable secret" password, it takes longer but not as difficult as it > sounds. > > Regards, Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=23707&t=23670 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]