ClamCoin (OP)
|
|
June 26, 2015, 03:31:25 PM |
|
How do people crack passwords with bitcoin miners lika antminers s5? And how can I prevent my account from being cracked?
Anyone got knowledge of this?
|
|
|
|
yoloer808
Full Member
Offline
Activity: 288
Merit: 113
Web dev for hire
|
|
June 26, 2015, 04:07:08 PM |
|
Bitcoin miners use a very specific algorithm - the bitcoin mining algo consisting of (not only) a double sha256 hash. You can't just use it to bruteforce random passwords or whatever. I don't even know what exactly you are asking - what are you afraid could be compromised?
|
|
|
|
byt411
|
|
June 26, 2015, 04:08:15 PM |
|
Passwords cannot be cracked using bitcoin miners.
|
|
|
|
|
belmonty
|
|
June 26, 2015, 04:44:58 PM |
|
After this forum got hacked theymos, the guy who runs this forum, posted this information about how long it would take the hacker to recover a password from the hash of it that he stole. If the password consists of normal words it's possible. If the password consists of 12 random characters it would take 260 years to crack one password. I don't know what software or equipment people use to crack passwords but you can prevent your account from being hacked if you make sure your password consists of 15 or more random characters like numbers, upper and lower case letters, and special characters. ... The following table shows how long it will take on average for a rather powerful attacker to recover RANDOM passwords using current technology, depending on the password's alphabet and length. If your password is not completely random (ie. generated with the help of dice or a computer random number generator), then you should assume that your password is already broken. It is not especially helpful to turn words into leetspeak or put stuff between words. If you have a password like " w0rd71 Voc4b", then you should count that as just 2 words to be safe. In reality, your extra stuff will slow an attacker down, but the effect is probably much less than you'd think. Again, the times listed in the table only apply if the words were chosen at random from a word list. If the words are significant in any way, and especially if they form a grammatical sentence or are a quote from a book/webpage/article/etc., then you should consider your password to be broken. Estimated time (conservative) for an attacker to break randomly-constructed bitcointalk.org passwords with current technology
s=second; m=minute; h=hour; d=day; y=year; ky=1000 years; My=1 million years
Password length a-z a-zA-Z a-zA-Z0-9 <all standard> 8 0 3s 12s 2m 9 0 2m 13m 3h 10 8s 2h 13h 13d 11 3m 5d 34d 1y 12 1h 261d 3y 260y 13 1d 37y 366y 22ky 14 43d 1938y 22ky 1My 15 1y 100ky 1My 160My ------------------------------------------------------- 1 word 0 2 words 0 3 words 0 4 words 3m 5 words 19d 6 words 405y 7 words 3My
......
|
|
|
|
ClamCoin (OP)
|
|
June 26, 2015, 04:50:17 PM |
|
I dont want to hack anything, i am just curious how people did it on this forum.
|
|
|
|
Next BillGates
|
|
June 26, 2015, 04:56:13 PM |
|
After this forum got hacked theymos, the guy who runs this forum, posted this information about how long it would take the hacker to recover a password from the hash of it that he stole. If the password consists of normal words it's possible. If the password consists of 12 random characters it would take 260 years to crack one password. I don't know what software or equipment people use to crack passwords but you can prevent your account from being hacked if you make sure your password consists of 15 or more random characters like numbers, upper and lower case letters, and special characters. ... The following table shows how long it will take on average for a rather powerful attacker to recover RANDOM passwords using current technology, depending on the password's alphabet and length. If your password is not completely random (ie. generated with the help of dice or a computer random number generator), then you should assume that your password is already broken. It is not especially helpful to turn words into leetspeak or put stuff between words. If you have a password like " w0rd71 Voc4b", then you should count that as just 2 words to be safe. In reality, your extra stuff will slow an attacker down, but the effect is probably much less than you'd think. Again, the times listed in the table only apply if the words were chosen at random from a word list. If the words are significant in any way, and especially if they form a grammatical sentence or are a quote from a book/webpage/article/etc., then you should consider your password to be broken. Estimated time (conservative) for an attacker to break randomly-constructed bitcointalk.org passwords with current technology
s=second; m=minute; h=hour; d=day; y=year; ky=1000 years; My=1 million years
Password length a-z a-zA-Z a-zA-Z0-9 <all standard> 8 0 3s 12s 2m 9 0 2m 13m 3h 10 8s 2h 13h 13d 11 3m 5d 34d 1y 12 1h 261d 3y 260y 13 1d 37y 366y 22ky 14 43d 1938y 22ky 1My 15 1y 100ky 1My 160My ------------------------------------------------------- 1 word 0 2 words 0 3 words 0 4 words 3m 5 words 19d 6 words 405y 7 words 3My
...... I think he's mentioned that some highly configured computer will crack like above said. But, what about super computers? Might enough half or less than half of the time taken by highly configured computers. And no idea about cracking passwords with bitcoin miners. Let me ask it at HF.
|
|
|
|
--Encrypted--
Copper Member
Legendary
Offline
Activity: 924
Merit: 1007
hee-ho.
|
|
June 26, 2015, 05:02:37 PM |
|
I dont want to hack anything, i am just curious how people did it on this forum. phishing sites, keyloggers, hacker attacks, brute force (not sure about this one), and evil friends.. did I miss something?
|
|
|
|
ClamCoin (OP)
|
|
June 26, 2015, 05:20:04 PM |
|
I dont want to hack anything, i am just curious how people did it on this forum. phishing sites, keyloggers, hacker attacks, brute force (not sure about this one), and evil friends.. did I miss something? Xss, cross site scripting?
|
|
|
|
--Encrypted--
Copper Member
Legendary
Offline
Activity: 924
Merit: 1007
hee-ho.
|
|
June 26, 2015, 05:37:55 PM |
|
I dont want to hack anything, i am just curious how people did it on this forum. phishing sites, keyloggers, hacker attacks, brute force (not sure about this one), and evil friends.. did I miss something? Xss, cross site scripting? I think XSS pretty much falls into the hacker attacks category. tho I'm sure we're save from XSS.
|
|
|
|
Next BillGates
|
|
June 26, 2015, 05:59:12 PM |
|
I dont want to hack anything, i am just curious how people did it on this forum. phishing sites, keyloggers, hacker attacks, brute force (not sure about this one), and evil friends.. did I miss something? You missed recent attack, Social Engineering.
|
|
|
|
RaginglikeaBoss
|
|
June 26, 2015, 06:05:32 PM |
|
I dont want to hack anything, i am just curious how people did it on this forum. phishing sites, keyloggers, hacker attacks, brute force (not sure about this one), and evil friends.. did I miss something? You missed recent attack, Social Engineering. The rare post by a newbie account that makes sense. It is far, far easier to crack "social recovery" methods then it is to crack SHA-256. Then again, that makes the assumption SHA-256 is used to encrypt this information. Most websites using this format use 128-bit encryption. Do the math.
|
|
|
|
digicoinuser
Legendary
Offline
Activity: 2800
Merit: 1072
|
|
June 26, 2015, 06:40:06 PM |
|
I've never heard of password cracking with miners but passwords are generally hard to crack past 12 chars unless formed with one word.
|
|
|
|
dothebeats
Legendary
Offline
Activity: 3752
Merit: 1354
|
|
June 26, 2015, 06:40:54 PM |
|
How do people crack passwords with bitcoin miners lika antminers s5? And how can I prevent my account from being cracked?
Anyone got knowledge of this?
What passwords and accounts are you referring to? If it is about the forum, there are several ways to prevent your account from being compromised like generating a strong password (usually 15 characters or more are enough, but common words or phrases can be easily guessed by attackers). Also, bitcoin miners cannot in any way crack any passwords as far as I know. I've never heard of password cracking with miners but passwords are generally hard to crack past 12 chars unless formed with one word.
Agreed, 12 char passwords or more cannot be easily cracked if it's unintelligible or made up of different combinations of letters, numbers and/or symbols. If it is a phrase or a group of words, it can be easily guessed by an attacker within hours or minutes.
|
|
|
|
lite
Legendary
Offline
Activity: 1400
Merit: 1009
|
|
June 26, 2015, 06:45:36 PM |
|
I dont want to hack anything, i am just curious how people did it on this forum. Forum was hacked by a method called social engineering. If you want to crack password buy powerful GPUs and use oclhashcat.
|
|
|
|
seoincorporation
Legendary
Offline
Activity: 3276
Merit: 3066
|
|
June 26, 2015, 06:49:28 PM |
|
How do people crack passwords with bitcoin miners lika antminers s5? And how can I prevent my account from being cracked?
Anyone got knowledge of this?
To crack passwords people can use brute force attacks with software like John the Ripper; https://en.wikipedia.org/wiki/John_the_Ripperand to avoid get cracked you can use a complex password, something like: Asd3422Gf//$X1
|
|
|
|
ClamCoin (OP)
|
|
June 26, 2015, 06:52:52 PM |
|
How do people crack passwords with bitcoin miners lika antminers s5? And how can I prevent my account from being cracked?
Anyone got knowledge of this?
To crack passwords people can use brute force attacks with software like John the Ripper; https://en.wikipedia.org/wiki/John_the_Ripperand to avoid get cracked you can use a complex password, something like: Asd3422Gf//$X1 I used burpsuite to crack my own account but it only makes 1 guess per second. To see how password cracking works, but i read it does million per second, so it is far away from that.
|
|
|
|
seoincorporation
Legendary
Offline
Activity: 3276
Merit: 3066
|
|
June 27, 2015, 01:32:13 PM |
|
How do people crack passwords with bitcoin miners lika antminers s5? And how can I prevent my account from being cracked?
Anyone got knowledge of this?
To crack passwords people can use brute force attacks with software like John the Ripper; https://en.wikipedia.org/wiki/John_the_Ripperand to avoid get cracked you can use a complex password, something like: Asd3422Gf//$X1 I used burpsuite to crack my own account but it only makes 1 guess per second. To see how password cracking works, but i read it does million per second, so it is far away from that. 1/s is really slow = 3600/hour At last brute force can take for ever if the password is complex. You can find on the net a great common passwords list called mil-dic.txt: https://code.google.com/p/mangos-crack/source/browse/trunk/dict/mil-dic.txt?r=11
|
|
|
|
satnof
Newbie
Offline
Activity: 28
Merit: 0
|
|
June 27, 2015, 04:30:40 PM |
|
the way it's done is using pregenerated rainbow tables. It takes seconds once you have the whole hash space. Nobody uses brute-force in this day and age. You can download them for free at freerainbowtables.com, they're several Gigs big, but basically you can crack any hash with them.
|
|
|
|
ticoti
|
|
June 27, 2015, 06:01:52 PM |
|
What passwords do you mean? wallet passwords?
for wallet passwords gpu or cpu can be used with btcrecover
|
|
|
|
|