Jump to content

Alias

Active Members
  • Posts

    116
  • Joined

  • Last visited

About Alias

  • Birthday 07/14/1993

Contact Methods

  • MSN
    smalik_crab@hotmail.com
  • Website URL
    http://stewartmalik.net
  • ICQ
    0

Profile Information

  • Gender
    Male
  • Location
    Adelaide, Australia
  • Interests
    Computing (no shit right!!)
    Cryptography
    LINUX!!!
    GNU/Linux!!!

Recent Profile Visitors

5,230 profile views

Alias's Achievements

Newbie

Newbie (1/14)

  1. Well I wrote some code to generate the Rainbow tables, each entry uses 40 bytes total. 8 bytes for the unencrypted cc numbers, and 32 bytes for the sha256 hash. Working it out though, just generating for a single bank branch number it will take around 350GB of space. 40b * 9999999999 = 399999999960b 399999999960b / 1024 = 390624999.9609375k 390624999.9609375k / 1024 = 381469.726524353M 381469.726524353M / 1024 = 372.529029809G Total: 372.529029809 Gigabytes If you have any ideas of how to store the information in a smaller space, let me know. Not to mention compute time, it took me around a minute to get to 0.000255790000026%, then again my computer is fairly slow. You could try various options for speeding it up. Rewrite in C or Assembly Modify Pyrit to generate your hashes instead. The code below is fairly simple to use, I'm sure you can figure out how to use it on your own. I left implementing the searcher up to you. Although if you do need help, don't hesitate to ask. #!/usr/bin/env python3 # -*- coding: utf-8 -*- # # rtgen.py # # Copyright 2011 Alias <mali0037@gmail.com> # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2 of the License, or # (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program; if not, write to the Free Software # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, # MA 02110-1301, USA. # # # Perform imports import sys, time, hashlib, struct, math # Makes sure that the bankNum is always 10 digits def convertK(k): size = len(str(k)) if(size < 10): k = ("0" * (10 - size)) + str(k) return k # Generates the SHA256 hashes and writes to a file def genTable(bankNum): # Convert bankNum to certain forms bankNum_int = int(bankNum) bankNum_str = str(bankNum) # Open the file fp = open("bank" + bankNum_str + ".rt", "wb") # Main loop for k in range(9999999999): # Concatenates the banknumber and the accunt number string = bankNum_str + convertK(k) string_int = int(string) # Convert bankNum to a C integer in bytes string_bytes = struct.pack('q', string_int) # Encrypt the string encryptedString = hashlib.sha256(string_bytes) # Write everything to a file fp.write(string_bytes) fp.write(encryptedString.digest()) # Print the output percentage = k / 9999999999 if((k % 100) == 0): print(string, ": ", encryptedString.hexdigest(), "\t", percentage, "% Complete", sep = '') return 0 def main(): genTable(sys.argv[1]) return 0 if __name__ == '__main__': main()
  2. The number of unknowns you have is only 10 right? And assuming they are all numbers howsecureismypassword.net guesses that it would take a modern PC 40 seconds. If I get interested enough I may write some Python code to do it.
  3. Pyrit is Python based.
  4. While I love Pyrit and would use it for any WPA cracking I needed doing I have to admit it doesn't scale very well compared to Elcomsofts products.
  5. Mmm, by no means do I know C, but it taught me about integers, the size of integers, etc. What happens with the computer at a low level. I love PHP as well, it's very clean, it get's hated on a lot for being slow, and it is but it's a fun language.
  6. I would definitely recommend learning a little bit of C as it gives you a good grasp of how the computer works with integers, floats, endianess etc. Then start learning Python. Although as both Jason and Infiltrator have said it really depends on what type of programming your going to be doing. Python is a good all round language but if you're doing something algorithmic that needs to be completed FAST then choose C or even Assembly if you want to torture yourself.
  7. Yes but Pyrit (which is the main OpenCL based WPA cracking tool) does not support MPI. There was a patch floating around about a year ago that made pyrit support it, but I've looked for it everywhere and can't find it. If you do manage to find it please post it here.
  8. I use TuneUp Utilities which has lots of awesome features, such as defragging, however it also cleans the registry, performs visual and network optimisations and much, much more. If I were actually going to buy and defrag software, that would be the one I would buy.
  9. I would use Nginx instead of Apache. It's lighter than Apache and can do this sort of stuff really easily. Although it might be a bit of a challenge to convert your rulesets from Apache to Nginx once you get the hang of it you really begin to realise the power that Nginx has. Once my server comes back online again I'll test this out for you but this is what I reckon you'll need to do what you need to do. server { listen 1234; server_name _; access_logs /var/log/nginx/domain2.com.access.log main; root /var/www/domain.com; index index.php index.html index.htm; # Some PHP support? Check these parameters. location ~ .php$ { fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME /var/www/domain.com$fastcgi_script_name; include /etc/nginx/fastcgi_params; } } server { listen 80; server_name ~^(.*)\.domain\.com$ ; access_logs /var/log/nginx/domain.com.access.log main; location / { proxy_pass http://domain.com:1234/$1 break; } } Note that you will have to have A records for each subdomain. An A record takes a human recognisable name and converts it into an IP Address. For example what you will need to setup is an A record for webhop.yourdomain.com, then Nginx will interpret that request at port 80, take the subdomain and the proxy_pass it to yourdomain.com:1234/webhop. Hopefully that should work (yeah right)
  10. Don't quote me on this one either but I though that XTS was only for Disk encryption?
  11. If the implementations are both correct then both will be fine, however the cipher is not the only thing you need to worry about. The Block Cipher Mode of Operation is another thing you need to find out. For example if 7zip is using EBC (Electronic CodeBook) then you shouldn't use 7zip. Only use an encryption program that lets you choose the cipher mode. There is no most secure cipher mode but if you have a choice then use CBC (Cipher-block Chaining) If you want to see the difference then go here http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Electronic_codebook_.28ECB.29 and scroll down until you can see the images.
  12. I got my dad's old computer when I was 8. It was a Packard Bell with 660Mhz Pentium III processor, 128MB RAM, 12GB Harddrive but it's main feature was a 128-bit sound card :D It was running Win 98 SE when i got it but eventually I put XP on it. It still runs.
  13. Welcome to the forums, nice to see some fellow Aussies on here. Also Swordfish is a great movie but about as inaccurate as it gets.
  14. The whole reason they got pwned was cause they screwed up their crypto. In the ECDSA functions instead of using a random number they used the same number. Which means with a bit of math you don't even need to brute force it, you can just figure out the keys. Fail Sony, just fail.
  15. You could try using interrupts which the Teensy does support but they are extremely, extremely complex to use. Not for the novice programmer although if you want to have a crack here is the documentation.
×
×
  • Create New...