?

Log in

No account? Create an account
Idle hands ARE the Devil's Plaything. - Jonathan

> Recent Entries
> Archive
> Friends
> Profile

May 31st, 2003


Previous Entry Share Next Entry
07:18 pm - Idle hands ARE the Devil's Plaything.
So I wrote a perl program to crack the password file at a certain school I won't name. They use a really moronic scheme for password generation. Basically, your username is first letter of first name, then the first x letters of your last name followed by some number. (not sure how they end up deriving the last part).

Anyway, the password scheme is: [first letter of first name][first letter of last name] then the last 4 digits of your SSN. Since you know the first and last name's letters, all you have to do is dictionary-attack 10,000 times and you're done.

20 lines of perl and a half hour later (I'm a sucky coder) 84% of the [non-disabled] passwords cracked. A simple Crack 5.0 dictionary run gave me another 11 %. Yup, 95% of the passwords total, including somebody in Wheel, and 2 professors. That doesn't even count the weakness in my program: I couldn't figure out how to munge my counter to display 0000-9999 so it starts at 1000. There's probably another few % that I could have cracked. I didn't even use a fast unix box to do the work, it was a doorstop SS5/170 (obsd 3.1) that did it all in 10 seconds.

No, I didn't abuse it! I'd mail the admins at the College, but I have heard too many horror stories of people doing the Right Thing and then being snooped on, mail read, various invasions of privacy, or worse, getting tossed out. So, I'll just keep my work offsite and wait for some bozo to destroy them and they learn the hard way.

(6 comments | Speak your mind)

Comments:


[User Picture]
From:metahacker
Date:May 31st, 2003 06:03 pm (UTC)
(Link)
sprintf("%s%s%04d, $firstNameLetter, $lastNameLetter, $passwordNum);

(random driveby hacking)

TMH
[User Picture]
From:jon3
Date:May 31st, 2003 06:10 pm (UTC)
(Link)
Yeah, I can print it out fairly easily.

But how to you format the contents of the variable?

I've been doing this:

$guess = "$initials$count";

The only way I can figure to mangle count properly (0000 .. 9999)
without having 0000 be evaluated as 0 is to treat the count variable like a string and write a mini adding machine.

which is singificantly more work than $count++;

Got a graceful way around my problem?

=)
[User Picture]
From:metahacker
Date:May 31st, 2003 06:18 pm (UTC)
(Link)
sprintf ("string print formatter"), as opposed to printf, will return the value as a string. So you can say:

$foo = sprintf(blah)

and it won't print out, just put in $foo. Very handy.
[User Picture]
From:jon3
Date:May 31st, 2003 06:40 pm (UTC)
(Link)
Yeah, that DOES work. Woot!

26 seconds later... (switched to a whopping 500mhz peecee/obsd)

Still 84% Amazingly enough, very few extras.
[User Picture]
From:metahacker
Date:May 31st, 2003 06:46 pm (UTC)
(Link)
who knows, maybe the people who wrote the password-generator weren't smart enough to pad out the number either!

TMH
[User Picture]
From:adyan
Date:June 1st, 2003 04:17 pm (UTC)

Thread hijack

(Link)
Small world syndrome continues...

As friends you have jon3, whom I used to work with, and dkapell, whom is in my SCA Household.

Adyan
aka Eoghan (Evan) of Lochleven

> Go to Top
LiveJournal.com