Quote:
Originally Posted by RummyBoy
OK lets say:
Username: Antwerp (6 characters)
Password: x6NgPtRW4ua2 (12 characters)
Roughly how long to crack it, considering:
(1) You have to know both.
(2) You may only have 5 attempts per hour (assuming IP block and Account block kick in).
(3) Password may change before you find the solution.
(4) There's a good chance if over zealous, your IP is permanently blocked.
|
Correct me if I am wrong on any of the below.
I don't know much about this stuff. But I think instead of brute force, most probably use a dictionary attack (maybe that is a type of brute force, i don't know). Where the program uses a list of common passwords, usually a file of cracked passwords from something like rockyou. RockYou had a huge list of 32 million passwords that is now used to crack other sites.
I have played with OclHashcat plus. But you would need to have gotten the password hash offline somehow. Something like "x6NgPtRW4ua2" would take a long time. Depend on how many graphics cards you got running.
Many people try to use masks in OclHashCat Plus. Like before trying to brute force all possible passwords. They try all lower case five place ?l?l?l?l?l. Then all lower case 6 places. Then maybe an Upper Case followed by 4 lower case. And so on.