bash oom problem
Patrick O'Callaghan
pocallaghan at gmail.com
Tue Oct 6 22:09:13 UTC 2009
On Tue, 2009-10-06 at 19:17 +0100, psmith wrote:
> i'm doing some pen testing of my brother's companies network he wants
> me
> to see if it's possible to get in so I'd be using the output as a
> word
> list, and yes unfortunately i'll need all of it for comparison i'm
> not
> sure if the program (aircrack) takes data from a pipe as a word list,
> but i'll look into it
If by "getting in" you mean "guessing a password" and if the password
system accepts only 8 upper-case letters, then the answer is "it depends
how long the system takes to accept or reject an attempt". There are
26^8 possible combinations i.e. 208,827,064,576 and on average you need
to check half of them, assuming they are really random. If each attempt
takes 1 second, you get on average 6621 years for a hit on a specific
password. OTOH if an attempt takes 1 microsecond, it's just under 60
hours.
Things to bear in mind:
* If these are user-generated passwords, they are not random.
* If the intruder can check against multiple users at once (i.e. he
doesn't care which one it is) the numbers drop dramatically.
* If the system is at all well-designed it will block attempts after
some number of failures from the same origin, e.g. 3. In any case, it
should report bursts of failed attempts to the administrator.
* Social engineering beats brute force a large percentage of the time.
IOW, and in the absence of more concrete information, I'd say you're not
learning anything special by doing a brute-force check like this.
poc
More information about the users
mailing list