Home page logo
/

pen-test logo Penetration Testing mailing list archives

RE: Blowfish cracker
From: "Levenglick, Jeff" <JLevenglick () fhlbatl com>
Date: Thu, 6 Jul 2006 16:06:52 -0400

Karyn,

Your link is the blog about the show 24. (they had mentioned blowfish
and as true to tv, were in fantasy land ) Everybody
Blogging got a kick out of it.

Does not matter on the system or application. Des,blowfish ...ect are
ported to many different systems, but the result is always the same. If
someone has a file or even an encrypted string, they can attempt to
crack it.

Ie: you can cut/paste something from a unix box from your pc. Jack The
Ripper is a very good cracker. (as are others) Des,Blowfish..ect have
Been around for a while and so are the 'new' cracking programs.


-----Original Message-----
From: Karyn Pichnarczyk [mailto:karyn () sandstorm net] 
Sent: Thursday, July 06, 2006 02:43 PM
To: donald.mccoy () gmail com
Cc: pen-test () securityfocus com
Subject: Re: Blowfish cracker

You didn't mention what system these passwords were on, or what
application they were in.  The cracking tool would depend upon that. I
don't know of any blowfish decrypters, but there's always the bruteforce
method.

Here's a quote by Bruce Schneier about cracking Blowfish:

http://www.schneier.com/blog/archives/2005/04/blowfish_on_24.html

For cracking tools, google on these terms: "bruteforce" "cracking"
"password".
You'll get hits.  Select the one that delights you the most.

karyn

donald.mccoy () gmail com wrote:

I got tasked with trying to crack a couple of blowfish encrypted
passwords and I now need a cracker. I know that this is pretty
impossible but my boss wants a demonstration on how long it would take
to crack this. Could someone suggest a good cracker? 

----------------------------------------------------------------------
--------
This List Sponsored by: Cenzic

Concerned about Web Application Security? 
Why not go with the #1 solution - Cenzic, the only one to win the 
Analyst's Choice Award from eWeek. As attacks through web applications

continue to rise, you need to proactively protect your applications 
from hackers. Cenzic has the most comprehensive solutions to meet your

application security penetration testing and vulnerability management 
needs. You have an option to go with a managed service (Cenzic 
ClickToSecure) or an enterprise software (Cenzic Hailstorm). Download 
FREE whitepaper on how a managed service can help you: 
http://www.cenzic.com/news_events/wpappsec.php
And, now for a limited time we can do a FREE audit for you to confirm 
your results from other product. Contact us at request () cenzic com for
details.
----------------------------------------------------------------------
--------



-- 

Karyn Pichnarczyk
Sandstorm Enterprises, Inc.
______________________________________________________________

Be advised that all electronic communication with Sandstorm
Enterprises(R) is subject to monitoring by NetIntercept(R), our
full-content network forensics analysis tool. More information about
NetIntercept can be found at www.sandstorm.net. Please direct any
questions to privacy () sandstorm net 
______________________________________________________________




------------------------------------------------------------------------
------
This List Sponsored by: Cenzic

Concerned about Web Application Security? 
Why not go with the #1 solution - Cenzic, the only one to win the
Analyst's Choice Award from eWeek. As attacks through web applications
continue to rise, you need to proactively protect your applications from
hackers. Cenzic has the most comprehensive solutions to meet your
application security penetration testing and vulnerability management
needs. You have an option to go with a managed service (Cenzic
ClickToSecure) or an enterprise software (Cenzic Hailstorm). Download
FREE whitepaper on how a managed service can help you:
http://www.cenzic.com/news_events/wpappsec.php
And, now for a limited time we can do a FREE audit for you to confirm
your results from other product. Contact us at request () cenzic com for
details.
------------------------------------------------------------------------
------



-----------------------------------------
This e-mail message is private and may contain confidential or
privileged information.


------------------------------------------------------------------------------
This List Sponsored by: Cenzic

Concerned about Web Application Security?
Why not go with the #1 solution - Cenzic, the only one to win the Analyst's
Choice Award from eWeek. As attacks through web applications continue to rise,
you need to proactively protect your applications from hackers. Cenzic has the
most comprehensive solutions to meet your application security penetration
testing and vulnerability management needs. You have an option to go with a
managed service (Cenzic ClickToSecure) or an enterprise software
(Cenzic Hailstorm). Download FREE whitepaper on how a managed service can
help you: http://www.cenzic.com/news_events/wpappsec.php
And, now for a limited time we can do a FREE audit for you to confirm your
results from other product. Contact us at request () cenzic com for details.
------------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]