[CrackMonkey] OT
Bob Bernstein
bobbern at delphi.com
Tue Jul 11 07:38:50 PDT 2000
On Tue, Jul 11, 2000 at 01:50:45AM -0700, Seth David Schoen wrote:
> > > > nseductionpl
> Non-brute-force Crack might even have gotten that one, for that
> reason, with rulesets you might use on a current fast machine -- and
> MD5 passwords wouldn't help against that, if you had the hashes.
Exactly, on both counts. The last "if" is an interesting one. If I have the
hashes then presumably I have root access, unless MD5 was being used without
shadowing, an unlikely (one would hope) event. But if I have root access why
bother with password cracking at all? I can set up a clandestine user with
root privileges and forget about passwords.
Does password cracking have a future? If not, then what have I won with my
MD5, Blowfish and 127 char pass[word|phrase]s?
--
Bob Bernstein
at obsd2.7 woohoo! and, it's canadian.
Esmond, R.I., USA
More information about the Crackmonkey
mailing list