Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
T
T
timur1022018-07-02 16:10:31
Mathematics
timur102, 2018-07-02 16:10:31

How many passwords + rainbow-tables can there be?

For example, I have already intercepted handshakes with the aircrack-ng utility (or rather airodump-ng).
I have a .cap file. I wondered how many password options there could be, but because I don’t know combinatorics well, I would like to make sure that I think correctly.
32 *2 (Cyrillic = lower and upper case) + 26*2 (Latin = lower and upper case) +

. , ! @ # $ % ^ & * ( ) _ - + = / " ' № : ? < > { } [ ]
28 (didn't forget anything?) + 10 (digits) = 154
So the options for an 8-digit password are 154^8 = 316348490636206336
Usually passwords make 8 - 16 characters.
c = sum([154**i for i in range(8,17)])
print(c)

It turns out: 100730461433216424107205973413148416. 36 digit number.
My video card can sort out, for example, 50,000 passwords / s.
In total it will take 2.0146092286643285e+30 seconds.
sec = c/50000.0
Or 5.5961367462898016e+26 hours or 2.331723644287417e+25 days (that's how long they live?)
Now the questions are: did I count everything correctly? Does it make sense to sort out passwords in this way?
There are also rainbow-tables. Do they speed things up?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

2 answer(s)
Report
L
Lander, 2018-07-02
@timur102

I did not check the received numbers, but the message is correct.
Here you have answered your own question. :)
Brute force is a very reliable attack (it always works sooner or later), but an extremely inefficient attack. :)

Report
M
Mercury13, 2018-07-02
@Mercury13

1. What is a rainbow table? Once computed, it is reused by others for the "reverse hash" task.
2. Wi-Fi uses two parameters: ANonce and a password - so we have a challenge-response protocol designed specifically to make rainbow tables impractical - a hacking problem solved for one session will not help to hack another.
3. So how much to break? If you are trying to hack into someone else's network and put reasonable limits on someone else's password, you are. If you are setting up a security policy, it is better to take into account only the shortest of the options: if the limit is 8 ... 24 characters, then take exactly 8 for calculations.

Similar questions
I
Islam2017-08-23 23:42:55
What is abstract mathematics, and what is practical? 3Reply
Y
ya_yshel_rabotati_v_teleg2017-09-03 17:08:43
How to calculate the value of a currency? 2Reply
C
claus_bor2017-09-04 19:07:54
How to find all addition options for the number 610 in java? 1Reply
S
speckolya2017-09-05 14:35:42
Number sequence limit (mathematics)? 2Reply
R
Richard Hendrix2017-09-14 22:00:57
Where to start studying mathematics if you skipped school for 11 years but want to understand complex algorithms in programming? 7Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question