Nuffnang Ads

Monday, June 3, 2013

Enhance Brute Force Attack Charset

Choosing a custom charset of 0123456789abcdefghijklmnopqrstuvwxyz you'll get passwords much faster than the standard a-z0-9 charset. With a charset of a-z0-9, password cracking program will tries aaaaaaa baaaaaa caaaaaa and so on.

But with 0-9a-z, program will try 00000000 10000000 2000000 and so on - so you'll get the passwords with numbers at the end first. In other words, whereas the default numbers-last charsets will only reach the passwords with numbers at the end after almost the maximum time, a custom charset with numbers first will start with passwords with numbers at the end. It's not much but I find it does help.

Another common technique is use eatoinsrhldcumfpgwybvkxjqz instead abcdefghijklmnopqrstuvwxyz.

Everyone knows that 'e' is the most commonly used letter in the english language, so it makes sense to try it before the less commonly used letters. In fact, 'j', 'q' and 'z' are so uncommon, I sometimes leave them off the list altogether since it makes such a significant improvement on cracking time.

No comments:

Post a Comment