1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

# Math help...?

Discussion in 'Members' Lounge' started by VTECin5th, May 2, 2006.

Messages:
2,180
4
Joined:
Apr 17, 2005
Location:
Phoenix Az
Ok, im looking to find out a number and then a ratio.
I have a character set of 93 characters ...
I have this character set running in 3 loops to get every possible combination.
This c-set in one loop takes less than a second, in two loops it takes less than a second.
In 3 loops it takes 7 seconds...
I'm trying to figure out how many possibilites there are for 4 digits with a 93 character set.
(93^4?)
[ so far if right? ]
1 = 93
2 = 8649
3 = 804357 equals 7 seconds
4 = 74805201 would equal ..?
5 = 6956883693
[]
And if possible a ratio of
1: .xseconds
2: .xseconds
3: 7seconds
4:xxxx seconds
Thanks for any help

2. ### pissedoffsolRETIRED

Messages:
49,468
54
Joined:
Sep 28, 2002
Location:
Retirement Home
there's no way to define it.

loops rely on server processing, and since it's constantly changing, the speed in which it produces the results will always be different.

3. ### GSRCRXsiSuper ModeratorModeratorVIP

Messages:
9,646
361
Joined:
Nov 13, 2002
Location:
MD
10 mins 51 seconds for the 4th loop.

(651 seconds) assuming everything is working at the same speed,

just set up an equality: (7/804357) = (X/74805201)
cross multiply....
(7*74805201) = (X*804357)
divide by 804357 to get X alone, compute.

X= 651 s = 10m51s

Messages:
2,180
4
Joined:
Apr 17, 2005
Location:
Phoenix Az
thank you.
5 digit possibilities would take 42 days?
Then all 6 digit combinations would take 10.7 years correct?

This is being done to compute every possible md5 in a database...obviously if it's going to take 10 years for 6 digits, this would be super stupid to attempt.

And thanks B, but i am using perl on the command line, not on a server, i know better.

I already have every possible (from ! to }) 3 character combo.
chr(33) to chr(126) didn't know whether 4 was worth trying... 11 minutes isn't too bad.
Thanks GSRCRX

5. ### GSRCRXsiSuper ModeratorModeratorVIP

Messages:
9,646
361
Joined:
Nov 13, 2002
Location:
MD
making a password breaker? lol

Messages:
2,180
4
Joined:
Apr 17, 2005
Location:
Phoenix Az
Was just a test for times really.
I used two different scripts to do the same thing.
One was opening a txt file after each try and writing it- took like 20? seconds to do all 3 char combos.
One was pushing each try to an array and writing the array to the text file after it completed.- took 7 second to do all 3 char combos.

the 3 char is a 31MB file .. I'm guessing the 4 char will be HUGE.

I know about Rainbow Crack, was just doing some minor testing to see how much improved over before.
Maybe by 2010 they'll have an affordable computer capable of doing this in seconds...then it will be md6 and i'll have to start over

I don't really have the desire to make a "password breaker", i usually find easier ways to get them.. this was just a test. it would be nice to have a giant md5 database i guess.

7. ### pissedoffsolRETIRED

Messages:
49,468
54
Joined:
Sep 28, 2002
Location:
Retirement Home
md5 is a one-way hash.

even if you get a match, it won't give you the password.

and i assure you it won't take 42 days....

Messages:
2,180
4
Joined:
Apr 17, 2005
Location:
Phoenix Az
B, I know.
I know what md5 is, and i know how it works...
This is what i am doing though.
Code:
```#!/usr/bin/perl
use Digest::MD5 qw(md5_hex);
\$omg = time;
print \$omg . "\n";
for (\$i = 33; \$i < 126; \$i++) {
\$terd = chr(\$i);
\$try = md5_hex("\$terd");
push (@list,"\$terd:\$try\n");
}
```
Notice I push the plaintext and the md5 into the textfile?
examples:
Code:
``` :23b58def11b45727d3351702515f86af
":acd4ae93163b0fdc340ef8c45ecb7672
#:497442f7cc9080cc9a8f8ee32ce07bab
\$:38bfa9b8c49f61389bcae20715268d30
%:0bf3e450879bce5a7cd0b5926cfce3b6
&:340d3976502f18df7a2a0fe5a900450c
':d9027a94bf0b00bbd16870b5c86092dd
(:bbee82c7d7ba77f5fe2ed68e18998f29
*:b411bc68095e33f5c1e9ac287007d8e4
+:bf9cc056a2e2c1bcf1e6a676dc66b4d1
,:a8d371749a821b0ca952ba236f45d5da
-:64c4f363a405efa2eb0217a18cdb9765
.:bb38b5c72a367e0fbbf98bfe4efdcbc2
/:cce9940712af9392818df7ae2ec368a8
1:54cafa3a6d69c189cf2df3978fbdd435
```
And so on with every possible combo for the character set between 33 and 126 up to 3 chars.

If 93^4 will take 10.7 minutes, wouldn't 93^5 take 42 days?

9. ### pissedoffsolRETIRED

Messages:
49,468
54
Joined:
Sep 28, 2002
Location:
Retirement Home
right... and 1:54cafa3a6d69c189cf2df3978fbdd435 cannot be translated into a text string.

and when you enter
1:54cafa3a6d69c189cf2df3978fbdd435 into a password field, it will md5 that, and thus won't match.

please pass the salt

Messages:
2,180
4
Joined:
Apr 17, 2005
Location:
Phoenix Az
No,no no, you're thinking too logically.
lol@pass the salt </nerd>

The idea is to have the md5 database for cross referencing...
Getting md5 hashes (as im sure you know having a forum) is much easier to do than running a typical cracker on a site for 10 years and hoping for a match.
The idea is for SQL/Cookie exploits- Get the md5 hash and then cross reference it back the the database..
Let's say i stole your cookie (example here, i don't think IPB holds the hash in the cookie)
Ok so i got your cookie, it's probly base64'd
So i debase it and i come up with
2:4:56:red:blue:mexico:54cafa3a6d69c189cf2df3978fbdd435

So i copy the md5 hash and go cross reference it back into the big ass list i have...
So i run "54cafa3a6d69c189cf2df3978fbdd435" thru my DB checker and it tells me
MATCH FOUND FOR: 54cafa3a6d69c189cf2df3978fbdd435