//
you're reading...
Security

File Passwords

One of the great arguments in security is whether admitting that cracking a password is simply a matter of resources.
No matter what has been done to the encryption, the password can be cracked with enough resources.
File passwords are even more prone to this as they can be cracked offline. All that is required is a coy of the file – and they rarely block many brute force attempts.
But how do you get enough “grunt” to do the deed fast enough?

CPUs of Unusual Size
Well, we can leverage our own systems, CPUs, GPUs, NPUs etc., better but still we’d be looking at years to crack good passwords.

Power for Hire
Of course if you have the money you can leverage large computing arrays on which time can be purchased. Amazon for example. You might even be able to construct an engine to work on Google Sites or such. The amout of resources available here is hard to fathom and though it won’t make short work of complex passwords it would certain bring the timescale into the ‘reasonable’. T&C may actually ban this kind of activity of course.

Zombie Brainstorming
The approach used by the Black Hats is to use innocent, corrupted systems to process small offloaded segments. Whilst the system is idle the CPU quietly gets on munching the numbers and then reporting back to the hacker. This can be extremely effective as the number of machines can be massive, vying with the big mainframes and data centres.
This is illegal in most countries, however.

Online Decryption
The final option, pay for someone else to specifically perform the task for you.
The first thing you must do is find a provider you can trust.
You want the data in the encrypted file for a reason, I presume the contents are valuable. Therefore worth stealing?
So you need to investigate the provider. There is a catch, the process you are trying to purchase is considered by some to be a hacking tool and thus classified as malware or indeed hacking. Always check the reputation of the site you are purchasing/using for cracking services before accessing them.
Some examples include:

If you have any experiences of using any decryption techniques, please let me know.

– Posted using BlogPress

About harlekwinblog

"Thoughts of an idle mind." Information Security professional.

Discussion

No comments yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: