1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Math help...?

Discussion in 'Members' Lounge' started by VTECin5th, May 2, 2006.

  1. VTECin5th

    VTECin5th Administrator

    Messages:
    2,182
    Likes Received:
    4
    Joined:
    Apr 17, 2005
    Location:
    Phoenix Az
    Ok, im looking to find out a number and then a ratio.
    I have a character set of 93 characters ...
    I have this character set running in 3 loops to get every possible combination.
    This c-set in one loop takes less than a second, in two loops it takes less than a second.
    In 3 loops it takes 7 seconds...
    I'm trying to figure out how many possibilites there are for 4 digits with a 93 character set.
    (93^4?)
    [ so far if right? ]
    1 = 93
    2 = 8649
    3 = 804357 equals 7 seconds
    4 = 74805201 would equal ..?
    5 = 6956883693
    []
    And if possible a ratio of
    1: .xseconds
    2: .xseconds
    3: 7seconds
    4:xxxx seconds
    Thanks for any help
     
  2. pissedoffsol

    pissedoffsol RETIRED

    Messages:
    49,693
    Likes Received:
    53
    Joined:
    Sep 28, 2002
    Location:
    Retirement Home
    there's no way to define it.

    loops rely on server processing, and since it's constantly changing, the speed in which it produces the results will always be different.
     
  3. GSRCRXsi

    GSRCRXsi Super Moderator Moderator VIP

    Messages:
    9,622
    Likes Received:
    345
    Joined:
    Nov 13, 2002
    Location:
    MD
    10 mins 51 seconds for the 4th loop.

    (651 seconds) assuming everything is working at the same speed,

    just set up an equality: (7/804357) = (X/74805201)
    cross multiply....
    (7*74805201) = (X*804357)
    divide by 804357 to get X alone, compute.

    X= 651 s = 10m51s
     
  4. VTECin5th

    VTECin5th Administrator

    Messages:
    2,182
    Likes Received:
    4
    Joined:
    Apr 17, 2005
    Location:
    Phoenix Az
    thank you.
    5 digit possibilities would take 42 days?
    Then all 6 digit combinations would take 10.7 years correct?

    This is being done to compute every possible md5 in a database...obviously if it's going to take 10 years for 6 digits, this would be super stupid to attempt.

    And thanks B, but i am using perl on the command line, not on a server, i know better.

    I already have every possible (from ! to }) 3 character combo.
    chr(33) to chr(126) didn't know whether 4 was worth trying... 11 minutes isn't too bad.
    Thanks GSRCRX
     
  5. GSRCRXsi

    GSRCRXsi Super Moderator Moderator VIP

    Messages:
    9,622
    Likes Received:
    345
    Joined:
    Nov 13, 2002
    Location:
    MD
    making a password breaker? lol
     
  6. VTECin5th

    VTECin5th Administrator

    Messages:
    2,182
    Likes Received:
    4
    Joined:
    Apr 17, 2005
    Location:
    Phoenix Az
    Was just a test for times really.
    I used two different scripts to do the same thing.
    One was opening a txt file after each try and writing it- took like 20? seconds to do all 3 char combos.
    One was pushing each try to an array and writing the array to the text file after it completed.- took 7 second to do all 3 char combos.

    the 3 char is a 31MB file .. I'm guessing the 4 char will be HUGE.

    I know about Rainbow Crack, was just doing some minor testing to see how much improved over before.
    Maybe by 2010 they'll have an affordable computer capable of doing this in seconds...then it will be md6 and i'll have to start over :p

    I don't really have the desire to make a "password breaker", i usually find easier ways to get them.. this was just a test. it would be nice to have a giant md5 database i guess. :p
     
  7. pissedoffsol

    pissedoffsol RETIRED

    Messages:
    49,693
    Likes Received:
    53
    Joined:
    Sep 28, 2002
    Location:
    Retirement Home
    md5 is a one-way hash.

    even if you get a match, it won't give you the password.


    and i assure you it won't take 42 days....
     
  8. VTECin5th

    VTECin5th Administrator

    Messages:
    2,182
    Likes Received:
    4
    Joined:
    Apr 17, 2005
    Location:
    Phoenix Az
    B, I know.
    I know what md5 is, and i know how it works...
    This is what i am doing though.
    Code:
    #!/usr/bin/perl
    use Digest::MD5 qw(md5_hex);
    $omg = time;
    print $omg . "\n";
    for ($i = 33; $i < 126; $i++) {
    $terd = chr($i);
    $try = md5_hex("$terd");
    push (@list,"$terd:$try\n");
    }
    
    Notice I push the plaintext and the md5 into the textfile?
    examples:
    Code:
     :23b58def11b45727d3351702515f86af
    !:220c1c252883eadad5590fc9e6a61739
    ":acd4ae93163b0fdc340ef8c45ecb7672
    #:497442f7cc9080cc9a8f8ee32ce07bab
    $:38bfa9b8c49f61389bcae20715268d30
    %:0bf3e450879bce5a7cd0b5926cfce3b6
    &:340d3976502f18df7a2a0fe5a900450c
    ':d9027a94bf0b00bbd16870b5c86092dd
    (:bbee82c7d7ba77f5fe2ed68e18998f29
    ):fe3c3478a12aab63c68b3958adf533e6
    *:b411bc68095e33f5c1e9ac287007d8e4
    +:bf9cc056a2e2c1bcf1e6a676dc66b4d1
    ,:a8d371749a821b0ca952ba236f45d5da
    -:64c4f363a405efa2eb0217a18cdb9765
    .:bb38b5c72a367e0fbbf98bfe4efdcbc2
    /:cce9940712af9392818df7ae2ec368a8
    0:0bad51c0b9b2ba77c19bf6bfbbf88dc3
    1:54cafa3a6d69c189cf2df3978fbdd435
    
    And so on with every possible combo for the character set between 33 and 126 up to 3 chars.

    If 93^4 will take 10.7 minutes, wouldn't 93^5 take 42 days?
     
  9. pissedoffsol

    pissedoffsol RETIRED

    Messages:
    49,693
    Likes Received:
    53
    Joined:
    Sep 28, 2002
    Location:
    Retirement Home
    right... and 1:54cafa3a6d69c189cf2df3978fbdd435 cannot be translated into a text string.

    and when you enter
    1:54cafa3a6d69c189cf2df3978fbdd435 into a password field, it will md5 that, and thus won't match.

    please pass the salt :p
     
  10. VTECin5th

    VTECin5th Administrator

    Messages:
    2,182
    Likes Received:
    4
    Joined:
    Apr 17, 2005
    Location:
    Phoenix Az
    No,no no, you're thinking too logically.
    lol@pass the salt </nerd>

    The idea is to have the md5 database for cross referencing...
    Getting md5 hashes (as im sure you know having a forum) is much easier to do than running a typical cracker on a site for 10 years and hoping for a match.
    The idea is for SQL/Cookie exploits- Get the md5 hash and then cross reference it back the the database..
    Let's say i stole your cookie (example here, i don't think IPB holds the hash in the cookie)
    Ok so i got your cookie, it's probly base64'd
    So i debase it and i come up with
    2:4:56:red:blue:mexico:54cafa3a6d69c189cf2df3978fbdd435

    So i copy the md5 hash and go cross reference it back into the big ass list i have...
    So i run "54cafa3a6d69c189cf2df3978fbdd435" thru my DB checker and it tells me
    MATCH FOUND FOR: 54cafa3a6d69c189cf2df3978fbdd435
    Password is: 1
     
Verification:
Draft saved Draft deleted

Share This Page