Collaborate Disseminate
A security value called Restriction of Repeated Characters for Passwords (QPWDLMTREP) can be configured in IBM i. If QPWDLMTREP has a value of 1, then "the same character cannot be used more than once in a password, even if the repeat… Continue reading Does a password policy with a restriction of repeated characters increase security?
How can I crack WiFi credentials WITHOUT using the traditional method of capturing a PKMS or Handshake?
When I connect to a WiFi network, I simply enter a password into a text box just like any other login form. Only with the difference th… Continue reading Cracking WiFi credentials without handshake or PKMS
I’m currently learning about password cracking, and I have a set of passwords with their respective hash values. I used Hashcat to crack the hash values, just to see how it works, but I got different passwords. After some research, I found… Continue reading How can I identify the salt value used in a password hash?
For the past six months, I have been trying to remember the password to a zip file I encrypted in 2021. It contains memories of friends, teachers and some personal photos. I decrypted it three or four times and deleted photos each time. I … Continue reading Is there any reverse engineering technique available to know the password of zip file which uses ZipCrypto encryption and deflate compression? [closed]
I’m creating a wordlist with uppercase letters A-Z and numbers 0-9. The length is exactly 8 characters long. Using the tool crunch, preinstalled in Kali, I was able to generate a wordlist that doesn’t contain any consecutive characters, fo… Continue reading Creating wordlist with no more than 2 repeating characters [migrated]
I’m learning about password attacks, and doing TryHackMe labs.
User: penny
Pass: leo1234
When using Hydra to find the password for the SMB user, I get no valid results:
I know the valid password is present in the wordlist, and the dicti… Continue reading Why does Hydra SMB attack not work while Metasploit does?
I want to store a password hash in plain sight. If I am using a dictionary to crack an Argon2 hashed password that I am storing in plain sight, how long would it take (assuming my password is reasonably complex)? Further, are there any oth… Continue reading How long would it take to crack hashed password stored in plain sight?
I have been trying to recover the password of my old Point of Sale system.
I have the password file that I generated containing all possible combinations of numbers from 0000-0000 to 9999-9999 called combinations.txt. I know that the passw… Continue reading John returns invalid UTF-8 and askes for HMAC-Sha256 and HMAC-sha512 [closed]
Let’s assume person A chooses 15 words for a passphrase with an average length of 5. The passphrase meets following conditions.
Word conditions:
The first word is not a valid word and can’t be found in any dictionary. It’s twice the lengt… Continue reading How to analyze the security of a custom passphrase?
From some posts I read here:
Regarding keygen protected software:
As long as the user has full control of the hardware where the software is running on (i.e. typical PC) it is impossible to fully protect the software.
Regarding password … Continue reading How do password protected files differ from keygen protected software?