The Probabilistic Password Cracker

This is a very nice concept put to an application. Lets first see what it really is. Password cracking is the process of recovering passwords from data that has been stored in or transmitted by a computer system. A common approach is to repeatedly try guesses for the password. Password cracking software tools, are such tools that assist you in cracking passwords by employing a mixture of cracking strategies, with brute force and dictionary attacks.

The Probabilistic Password Cracker is different, such that it applies probability models to help speed up brute force attacks. This is achieves by assigning probabilities to different word mangling rules and then generate password guesses in probability order. This is advantageous because by designing a way to measure the probability of word mangling rules, we can quickly generate new rules by training our password cracker on known passwords that we feel are similar to the target. This way, we will be able to train our cracker to go against English speakers, Russian speakers, passwords created for social networking sites, passwords created with a strong password creation strategy, etc.

The package also contains an additional program – passPattern, which measures the effectiveness of input dictionaries by using the idea of edit-distance. It can be used in conjunction with our probabilistic password cracker to assign a value that should be set based on what percentage of the passwords you expect the input dictionary to crack.. In addition, this program creates a golden dictionary of all the words found that would have cracked passwords in the training set which allows you to combine several input dictionaries into a single best of breed dictionary. Also it stores all passwords that would not have been cracked in the file “unclassified.txt.” I have found this very useful for narrowing down the number of passwords I need to manually inspect when looking for new mangling rules. Finally, it records the word mangling rules used and how often they were used in the file “editFile.txt”. To run this program, first use the make option to compile it and then type

It can work on Mac OSX and Linux boxes. It consists of two basic parts – a learning model and the cracker itself. This is a mixture of Python and C and is an open source project.

Check out Probabilistic Password Cracker v2 (probablistic_cracker.tar.gz).
http://sites.google.com/site/reusablesec/Home/password-cracking-tools/probablistic_cracker

Deixe uma resposta

Preencha os seus dados abaixo ou clique em um ícone para log in:

Logotipo do WordPress.com

Você está comentando utilizando sua conta WordPress.com. Sair / Alterar )

Imagem do Twitter

Você está comentando utilizando sua conta Twitter. Sair / Alterar )

Foto do Facebook

Você está comentando utilizando sua conta Facebook. Sair / Alterar )

Foto do Google+

Você está comentando utilizando sua conta Google+. Sair / Alterar )

Conectando a %s