|
|
Automated Creation of Password Mangling Rules
Drdák, Dominik ; Zobal, Lukáš (oponent) ; Hranický, Radek (vedoucí práce)
In the process of password cracking by a dictionary attack, the password repertoire is limited by the used dictionary. With the help of rules that can modify passwords from a dictionary, it is possible to extend such a dictionary with additional passwords. In order to maximize the benefits of these rules in password cracking, the rules can be generated based on existing data. Frequent patterns, such as capitalization, numbers at the end or frequently used substrings in passwords can be found in databases of leaked passwords. Based on the patterns obtained, a set of clever rules can be created that can significantly improve the success of a password cracking by dictionary attack. The gist of the work is based on this knowledge and presents specific methods for the implementation of these procedures. The work describes the design and implementation of such tool that can create a set of rules from existing passwords based on their similarity. The functionality of the tool and especially the benefits of the chosen method are shown experimentally.
|
|
|
Interaktivní nástroj na tvorbu pravidel pro modifikaci hesel
Mládek, Jiří ; Pluskal, Jan (oponent) ; Hranický, Radek (vedoucí práce)
Cílem mojí bakalářské práce bylo vytvořit interaktivní nástroj na tvorbu pravidel pro modifikaci hesel a integrovat ho do systému Fitcrack. V práci se zabývám pravidly, která pomocí několika dostupných funkcí modifikují hesla a mohou sloužit pro obohacení slovníkového útoku. Implementovaný nástroj také nabízí živý náhled výsledných hesel po modifikaci pravidly a umožňuje tak vytvářet nové účinnější slovníky. Motivací pro tvorbu nástroje byl dosavadní způsob vytváření pravidel, kdy existující nástroje nenabízejí kombinaci grafického uživatelského rozhraní a velkého výběru funkcí pro tvorbu pravidel. Na experimentech jsou poté předvedeny případy užití a přínosy nástroje. Součástí práce je také uživatelské testování.
|
|
|
Automated Creation of Password Mangling Rules
Drdák, Dominik ; Zobal, Lukáš (oponent) ; Hranický, Radek (vedoucí práce)
In the process of password cracking by a dictionary attack, the password repertoire is limited by the used dictionary. With the help of rules that can modify passwords from a dictionary, it is possible to extend such a dictionary with additional passwords. In order to maximize the benefits of these rules in password cracking, the rules can be generated based on existing data. Frequent patterns, such as capitalization, numbers at the end or frequently used substrings in passwords can be found in databases of leaked passwords. Based on the patterns obtained, a set of clever rules can be created that can significantly improve the success of a password cracking by dictionary attack. The gist of the work is based on this knowledge and presents specific methods for the implementation of these procedures. The work describes the design and implementation of such tool that can create a set of rules from existing passwords based on their similarity. The functionality of the tool and especially the benefits of the chosen method are shown experimentally.
|
host ::
RSS.