home.social
Sign in Create account

#passwordcracking — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #passwordcracking, aggregated by home.social.

  1. ResearchBuzz: Firehose @[email protected] ·

    The Register: 60% of MD5 password hashes are crackable in under an hour. “Using a dataset of more than 231 million unique passwords sourced from dark web leaks – including 38 million added since its previous study – and hashing them with MD5, researchers at security firm Kaspersky found that, using a single Nvidia RTX 5090 graphics card, 60 percent of passwords could be cracked in less than an […]

    https://rbfirehose.com/2026/05/10/the-register-60-of-md5-password-hashes-are-crackable-in-under-an-hour/
    #encryption #hashes #md5 #passwordcracking #passwords #privacy
  2. Royce Williams @[email protected] ·

    So atom, main developer of @hashcat, used the "rapid prototyping in Python" plugin of the new "assimilation bridge" in the new hashcat 7¹, with some success in our DEF CON password CTF win this past weekend (hosted by @jabbercracky).

    Afterwards, atom realized it would make a good case study for how to use the new feature, so he wrote it up:

    hashcat.net/forum/thread-13346

    If you do exploration of mystery hash types (either for CTFs, or in the real world) ... this approach should absolutely be in your toolbox.

    ¹Note that some work was done during the contest to make the Python bridge plugin better for these use cases; next minor release of 7 will have it, or grab hashcat.net/beta/ or the latest GitHub main branch.

    #PasswordCracking #HashCracking
    #hashcat #hashcat7

    #passwordcracking #hashcracking #hashcat #hashcat7
  3. MalwareLab @[email protected] ·

    One example why to use strong #passwords for users who use file sharing over #SMB even when the file transfers are #encrypted.
    If the SMB traffic is captured/eavesdropped, then the attacker can try to crack the user password.
    The attacker is able to extract challenge/response values from the Session Setup and then use #passwordcracking tools such as #hashcat

    If the attack is successful, the attacker will gain not only the access to the user account, but it is also possible to decrypt the captured SMB file transfers. There is lack of perfect forward secrecy in this encryption.

    For more details and practical examples, see this blog post:

    malwarelab.eu/posts/tryhackme-

    #networktrafficanalysis #networktraffic #encryption #netntlmv2 #netntlm #ntlm #windows #fileshare #pentesting #cybersecurity #hardening #password #cracking #offensivesecurity #offsec #blueteam #purpleteam

    #passwords #smb #encrypted #passwordcracking #hashcat #networktrafficanalysis