Collaborate Disseminate
Reset token contains lower case a-z, 0-9 number, there will be at maximum 5 number, at minimum there will be 0 number.
It is randomly generated.
How many possiblities do we have?
How much time does this take to brute force?
Example: x8h1w7… Continue reading How to guess 8 character long reset token [closed]
Password length/complexity only mitigates a brute force attack, correct? In the event of a hash leak, since any algorithm is a fixed length, there could potentially be a pre-image* with a very short / not complex string? Salting notwithsta… Continue reading Does password length / complexity make any difference if hashes are leaked?
I’m new to this, I’m trying to run a BruteSploit attack, I’m pretty sure the files are where I specified them to be, but I get the error, check your word list path. What could have gone wrong ?
Continue reading Error: check your word list path file [closed]
I am about to use OWASP CRS rules with mod_security on my WHM/cPanel enabled CentOS server (with apache). But I fear that accidentally Googlebot may be blocked by one rule or the other. After enabling OWASP CRS, If I add the below custom r… Continue reading mod_security with OWASP CRS: Custom rule for whitelisting googlebot
As some in here might know, there is/was a ransomware attack going on worldwide that used 7z to encrypt all files <20MB for a ton of users world wide.
Each user has a unique 32 char password (Upper & lowercase & Numbers – 62 pos… Continue reading 7z "Copy 7zAES" algo brute force with 32 char password for when original file is available (QNAP QLocker ransomware) [duplicate]
I´m trying to brute force attack a WPA2 Network with Hashcat and a wpa2.hccpax file, but when I do it says that it can take 45years to brute force it. So I had the idea that probably the network I´m trying to brute force has 2 probable wor… Continue reading How can I add some probable Keywords to hashcat, so I can Brute-Force attack a WPA2 Network faster
I have a 60-bit RSA public key and a file encrypted with it. Since RSA with keys under 256 bits should be crackable with even limited computational resources, is it possible to obtain the decrypted file?
I am trying to use "Crowbar" to brute-force RDP login information. The command I am running (on Kali Linux) is:
sudo crowbar -b rdp -U usernames.txt -C rdp_passlist.txt -s <Target IP>
and the result is Crowbar saying every… Continue reading "Crowbar" brute-force tool giving "success" result to every username/password combination for RDP [closed]
I’m trying to get into my friend’s email (he is okay with it, we discussed it) and I’m using Hydra, but it has a limit to its bruteforcing that I can’t seem to bypass, does anyone know how I can?
Continue reading Bypassing Hydra’s 4 billion password limit [duplicate]
Background
When using most brute-force tools, there is usually an option to set thread count. What is the maximum thread count we can set in those programs. Say gobuster a directory buster based in go
Question
What determines the maximum t… Continue reading What determines maximum thread-count when using Bruteforce programs?