Think Complex Passwords Will Save You?
Date: July 25 2017
Publication: BSidesLV 2017
Source 1: http://crack.sh/bsideslv2017.pdf
Abstract or Summary:
Have you ever tried to crack a password that was just too difficult to crack? This talk will focus on some new techniques for cracking passwords that work 100% of the time. In 2012 I released an FPGA-based DES cracking service with Moxie Marlinspike for cracking MSCHAPv2 and quickly started seeing it being used for cracking other things besides MSCHAPv2. In this presentation we'll take a look at some of the research we've done into other widely used protocols and services that still rely on DES for security and provide an quick intro into the https://crack.sh API so you too can use this service for your own projects.
Specifically, we will demonstrate tools for doing exhaustive brute-force cracking of MSCHAPv2 (PPTP VPNs, WPA-Enterprise), des_crypt() hashes, Kerberos5, and release a free real-time service for cracking MSCHAPv1 (Windows Lanman and NTLMv1 authentication) in a matter of seconds.
PasswordResearch.com Note: Video of presentation: https://www.youtube.com/watch?v=6rhLJTc71gE
Do you have additional information to contribute regarding this research paper? If so, please email firstname.lastname@example.org with the details.