MD5 Bruteforcer - BarsWF
Dieser Eintrag stammt von Alexander Kornbrust Am 8 Dez 2008 @ 11:32 In Oracle Security | 3 Kommentare
Last week at the DOAG conference I published a few numbers about the MD5 cracking speed of [1] BarsWF. Today I found a new record on the web. 3.6 billion (!!!) password hashes per second can calculated with BarsWF. This configuration was using 4x [eVGA 9800GX2] without overclocking.
Here are some calculations how long it takes to break MD5 hashes.All passwords (lowercase or uppercase, alpha, 26^1+26^2+26^3+…)
- up to 8 characters => 60 seconds
- up to 9 characters => 26 minutes
- up to 10 characters => 11 hours
All passwords (mixed case, alphanum, 62^1+62^2+62^3+…)
- up to 7 characters => 16 minutes
- up to 8 characters => 17 hours
- up to 9 characters =>44 days
Several Oracle products like OID, OVS (Oracle Virtual Server) or Apex (until 2.2.) are using plain MD5 for hashing passwords. But even the usage of salt (like Apex 3.0) does not help against this computing power….
Dieser Artikel wurde ausgedruckt ab Alexander Kornbrust Oracle Security Blog: http://blog.red-database-security.com
URL zum Artikel: http://blog.red-database-security.com/2008/12/08/md5-bruteforcer-barswf/
URLs in this post:
[1] BarsWF: http://3.14.by/en/md5
Klicken hier zum Drucken.