Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

webappsec logo WebApp Sec mailing list archives

RE: MD5 math question
From: "Jeff Robertson" <jeff.robertson () digitalinsight com>
Date: Fri, 6 Jan 2006 09:16:44 -0500
-----Original Message-----

Without knowing the correct password there is no way of 
knowing that the 
collision isn't it, and from a practical point of view it 
doesn't matter 
in the slightest.


It matters if the purpose of the "cracking" isn't to allow an attacker
to log into the system, but to recover lost passwords for legitimate
purposes. No one needs to tell me this is a bad idea, I was just looking
to find out how bad it is in this particular regard.

-------------------------------------------------------------------------------
Watchfire's AppScan is the industry's first and leading web application
security testing suite, and the only solution to provide comprehensive
remediation tasks at every level of the application. See for yourself.
Download AppScan 6.0 today.

https://www.watchfire.com/securearea/appscansix.aspx?id=701300000003Ssh
-------------------------------------------------------------------------------

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]