Think Complex Passwords Will Save You?
Authors: Ian Foster, David Hulton

Date: July 25 2017
Publication: BSidesLV 2017
Source 1: http://crack.sh/bsideslv2017.pdf

Abstract or Summary:
Have you ever tried to crack a password that was just too difficult to crack? This talk will focus on some new techniques for cracking passwords that work 100% of the time. In 2012 I released an FPGA-based DES cracking service with Moxie Marlinspike for cracking MSCHAPv2 and quickly started seeing it being used for cracking other things besides MSCHAPv2. In this presentation we'll take a look at some of the research we've done into other widely used protocols and services that still rely on DES for security and provide an quick intro into the https://crack.sh API so you too can use this service for your own projects.

Specifically, we will demonstrate tools for doing exhaustive brute-force cracking of MSCHAPv2 (PPTP VPNs, WPA-Enterprise), des_crypt() hashes, Kerberos5, and release a free real-time service for cracking MSCHAPv1 (Windows Lanman and NTLMv1 authentication) in a matter of seconds.


PasswordResearch.com Note: Video of presentation: https://www.youtube.com/watch?v=6rhLJTc71gE


Do you have additional information to contribute regarding this research paper? If so, please email siteupdates@passwordresearch.com with the details.

<-- Back to Authentication Research Paper Index





[Home] [About Us] [News] [Research]

Copyright © 2019 PasswordResearch.com