Free Rainbow Tables | Forum

Home of the Distributed Generator and Cracker
It is currently 29 May 2015, 22:04

All times are UTC + 1 hour [ DST ]




Post new topic Reply to topic  [ 52 posts ]  Go to page Previous  1, 2, 3, 4  Next
Author Message
 Post subject: Re: GARR mirror update
PostPosted: 31 Aug 2010, 18:21 
Offline
Perfect Table

Joined: 02 Apr 2008, 15:10
Posts: 927
Location: Bucharest, Romania
PowerBlade wrote:
PapaSmurf wrote:
I've added the trackers to the files that I have and I'm still getting others. sumotracker and thepiratebay don't appear to be working, but it could be temporary will check again in a few days. Peer Exchange and DHT are enabled (339 nodes?).

I understand about the tracker, I can only imagine how many odd things people tried to add to any given tracker. I wonder if there is a way to limit it to only the files we want to track? I'll take a look at some stuff later this week and if I find a solution, I'll let you know.

It appears that the #, %29, _ thing is what throws off the Web seed in uTorrent. I'm just going with wGet and I'll seed.

I bid on an eBay clunker (LOL) and it should be here later this week. I'll get some drives for it and spin up something on it then see if I can go host that in FDC.


Hmm, maybe we should file it as a bug report then? It would be cool to use the GARR mirror as a web seed.
When you got all of the torrent files ready, then please upload them somewhere so i can put them on the website as official torrents.
The pirate bay stopped their tracker some months ago. They are only using DHT and Peer Exchange now.


http://btreannouncer.net/

Btw, after you add the new trackers to the torrent, the torrent file isn't modified.
You should create new torrents with all those trackers just to be sure. And it's easier that way.

LE: how about licensing all the tables and uploading the torrents to http://www.clearbits.net/ ? (it's the former legaltorrents.com)
It's a tracker for open licensed media. The trackers should be alive for a long long long long time.
this should be nice : http://creativecommons.org/licenses/by-nc-sa/3.0/

_________________
a2480f25 blog.


Top
 Profile  
 
 Post subject:
Posted: 01 Sep 2010, 17:11 


Top
  
 
 Post subject: Re: GARR mirror update
PostPosted: 01 Sep 2010, 17:11 
Offline
Site Admin

Joined: 26 Aug 2010, 02:40
Posts: 105
I will get the torrents redone with the new trackers once I have all the files. It appears that opentracker (http://erdgeist.org/arts/software/opentracker/) will run with a whitelist so if there is server love and interest we could bring the local tracker online again and limit it to ONLY those files we are distributing.

I won one of the eBay auctions for an old server and will let you know how that goes when it arrives. I've ordered some drives for it (being an optimist) and will colo it to fdcservers like the VPS (but will probably drop the VPS once the dedicated box is there).

Do we have any idea regarding file popularity from GARR? If not, I'll let you know what I see once I have something to see with (and it could be useful for xtothec's post above).


Top
 Profile  
 
 Post subject: Re: GARR mirror update
PostPosted: 30 Sep 2010, 15:57 
Offline
Site Admin

Joined: 11 Oct 2007, 21:17
Posts: 1618
Location: Copenhagen, Denmark
PapaSmurf wrote:
I will get the torrents redone with the new trackers once I have all the files. It appears that opentracker (http://erdgeist.org/arts/software/opentracker/) will run with a whitelist so if there is server love and interest we could bring the local tracker online again and limit it to ONLY those files we are distributing.


I can't see a reason for running our own tracker.. Using public trackers and DHT should be suffient.

PapaSmurf wrote:
Do we have any idea regarding file popularity from GARR? If not, I'll let you know what I see once I have something to see with (and it could be useful for xtothec's post above).


No, we don't have a clue which can be a problem.
If we knew what files was the most popular, we should focus more on that hash routine - Give the people what they want! :D


Top
 Profile  
 
 Post subject: Re: GARR mirror update
PostPosted: 04 Oct 2010, 04:14 
Offline
Total Hash Enlightenment

Joined: 15 Jul 2009, 22:38
Posts: 1486
Location: Dallas, TX, USA
PowerBlade wrote:
I can't see a reason for running our own tracker.. Using public trackers and DHT should be suffient.

PapaSmurf wrote:
Do we have any idea regarding file popularity from GARR? If not, I'll let you know what I see once I have something to see with (and it could be useful for xtothec's post above).


No, we don't have a clue which can be a problem.
If we knew what files was the most popular, we should focus more on that hash routine - Give the people what they want! :D


I agree on skipping running a tracker. However, some torrents I've been seeding for the sha-3 NIST competition (preserving the revisions for each round which NIST isn't doing) and using both http and udp openbittorrent and publicbt has been very unreliable the last week. On the upside one can add and remove trackers from a torrent without altering the info hash.

Besides download popularity we can always look at the cracked/uncracked hashes on the site. (The success rate for sha-1 is missing btw.) Everyone seems to continue to be mostly obsessed with md5 but as vista/2008/7 continue to increase in use we're going to have to start looking at more NT tables, likely RTI2. mysqlsha1 is a bit of a misnomer since mysql isn't the only place that uses double sha-1 but to be fair iirc double md5 is still more popular in general.


Top
 Profile  
 
 Post subject: Re: GARR mirror update
PostPosted: 04 Oct 2010, 09:04 
Offline
Site Admin

Joined: 11 Oct 2007, 21:17
Posts: 1618
Location: Copenhagen, Denmark
quel wrote:

Besides download popularity we can always look at the cracked/uncracked hashes on the site. (The success rate for sha-1 is missing btw.) Everyone seems to continue to be mostly obsessed with md5 but as vista/2008/7 continue to increase in use we're going to have to start looking at more NT tables, likely RTI2. mysqlsha1 is a bit of a misnomer since mysql isn't the only place that uses double sha-1 but to be fair iirc double md5 is still more popular in general.


Looking at the cracked/uncracked hashes, you have to take into account where the hashes are used.
Take an example of md5. It's used in a lot of code to hash account passwords. Some users might have submitted thousands of hashes which is simply a dump of the user database.
NTLM however is used in Windows and people might just submit 1-3 hashes at once.
So looking at the cracked/uncracked hashes doesn't show the popularity as in how many of our users wants NTLM or MD5 tables.


Top
 Profile  
 
 Post subject: Re: GARR mirror update
PostPosted: 04 Oct 2010, 16:29 
Offline
Total Hash Enlightenment

Joined: 15 Jul 2009, 22:38
Posts: 1486
Location: Dallas, TX, USA
PowerBlade wrote:
Looking at the cracked/uncracked hashes, you have to take into account where the hashes are used.
Take an example of md5. It's used in a lot of code to hash account passwords. Some users might have submitted thousands of hashes which is simply a dump of the user database.
NTLM however is used in Windows and people might just submit 1-3 hashes at once.
So looking at the cracked/uncracked hashes doesn't show the popularity as in how many of our users wants NTLM or MD5 tables.


The same could apply to NTLM but I see your point.


Top
 Profile  
 
 Post subject: Re: GARR mirror update
PostPosted: 04 Oct 2010, 17:42 
Offline
Site Admin

Joined: 26 Aug 2010, 02:40
Posts: 105
The public trackers have had a rough few weeks at least according to a torrent freak post.

For what I'm seeding, ntlm remains by far the most popular, but I admit to lacking a complete cross section of the data. Also, the thing to consider with the hash database is that it is user provided data, so, slightly more prone to error (there was one last week that was all f's). And finally, there are still some MD4 hashes in the MD5 tables.

I'll finish with the updated .torrent files tonight or tomorrow.


Top
 Profile  
 
 Post subject: Re: GARR mirror update
PostPosted: 04 Oct 2010, 18:57 
Offline
Total Hash Enlightenment

Joined: 15 Jul 2009, 22:38
Posts: 1486
Location: Dallas, TX, USA
PapaSmurf wrote:
The public trackers have had a rough few weeks at least according to a torrent freak post.

For what I'm seeding, ntlm remains by far the most popular, but I admit to lacking a complete cross section of the data. Also, the thing to consider with the hash database is that it is user provided data, so, slightly more prone to error (there was one last week that was all f's). And finally, there are still some MD4 hashes in the MD5 tables.

I'll finish with the updated .torrent files tonight or tomorrow.


Thanks for the torrent freak link. That raises an interesting point in that if one tracker being overloaded, openbittorrent, causes another tracker, publicbt, to also become overloaded then it's time to start looking for more public trackers. Also, most clients for seeding appear to either stick to one tracker or periodically switch trackers. Are there clients that will seed to all the trackers in a torrent simultaneously? I end up creating a torrent with 1 tracker and then running multiple rtorrent instances to handle seeding all the trackers - which is a pain.

That actually makes quite a bit of sense that it is NTLM. LM is becoming less useful. MD5 for large sets there are a number of brute forcing tools that are more likely to be used. For that matter the number of md5 databases/lookup tools across the net is rather extensive.

The problem with hashes being posted with the wrong type is something we'll need to find some answer to. At least sha-1 isn't going to be showing up in NTLM, LM, or MD5 by mistake.


Top
 Profile  
 
 Post subject: Re: GARR mirror update
PostPosted: 04 Oct 2010, 19:10 
Offline
Perfect Table

Joined: 02 Apr 2008, 15:10
Posts: 927
Location: Bucharest, Romania
http://www.clearbits.net/

_________________
a2480f25 blog.


Top
 Profile  
 
 Post subject: Re: GARR mirror update
PostPosted: 04 Oct 2010, 19:13 
Offline
Site Admin

Joined: 11 Oct 2007, 21:17
Posts: 1618
Location: Copenhagen, Denmark
quel wrote:
The problem with hashes being posted with the wrong type is something we'll need to find some answer to. At least sha-1 isn't going to be showing up in NTLM, LM, or MD5 by mistake.


So far I removed the default md5 hash. Now the user actively has to select the hash routine.
I will also look into being able to cross submit hashes. Meaning if you detect a md5 hash as a ntlm hash and find the password for it, you can suggest it and it will be marked it in the DB as a cross suggested hash. (What are the odds of a md5 hash also having a ntlm plaintext in the 1-12 character range? ;-) )
What other character sets should i add? md4, double md4, double md5, double sha1 ?


Top
 Profile  
 
 Post subject: Re: GARR mirror update
PostPosted: 04 Oct 2010, 19:23 
Offline
Perfect Table

Joined: 02 Apr 2008, 15:10
Posts: 927
Location: Bucharest, Romania
http://www.insidepro.com/hashes.php?lang=eng

http://hashkiller.com/index.php?topic=986.0

_________________
a2480f25 blog.


Top
 Profile  
 
 Post subject: Re: GARR mirror update
PostPosted: 04 Oct 2010, 20:35 
Offline
Site Admin

Joined: 26 Aug 2010, 02:40
Posts: 105
quel wrote:
makes quite a bit of sense that it is NTLM. LM is becoming less useful. MD5 for large sets there are a number of brute forcing tools that are more likely to be used. For that matter the number of md5 databases/lookup tools across the net is rather extensive.

Maybe we should also concentrate on tables where the minimum password size is 8 characters. You can brute force 7 or under with a newer video card in under an hour (though as I think about posting this, I suspect it is an entirely separate can of worms)


PowerBlade wrote:
I will also look into being able to cross submit hashes. Meaning if you detect a md5 hash as a ntlm hash and find the password for it, you can suggest it and it will be marked it in the DB as a cross suggested hash.

That would be great as there are at least 400 (OK, 386 so far) in the MD5 database that belong in NTLM or MD4.


Top
 Profile  
 
 Post subject: Re: GARR mirror update
PostPosted: 06 Oct 2010, 08:59 
Offline
MΩth √G∑∏∫∪≤

Joined: 03 Dec 2007, 11:37
Posts: 1061
PapaSmurf wrote:
Maybe we should also concentrate on tables where the minimum password size is 8 characters.

Let's take a look at loweralpha-space#1-10 vs loweralpha-space#8-10.
The key spaces are 4,942,156,160,540,566 and 4,942,058,591,666,847 and the difference is 97,568,873,719.

97,568,873,719 / 4,942,156,160,540,566 ≈ 1 / 50,653
Let's say the whole table set takes 120 days to generate then the difference between generating loweralpha-space#1-10 and loweralpha-space#8-10 is less than 3.5 minutes.

_________________
http://www.tobtu.com/


Top
 Profile  
 
 Post subject: Re: GARR mirror update
PostPosted: 06 Oct 2010, 14:43 
Offline
Site Admin

Joined: 26 Aug 2010, 02:40
Posts: 105
Sc00bz wrote:
97,568,873,719 / 4,942,156,160,540,566 ≈ 1 / 50,653
Let's say the whole table set takes 120 days to generate then the difference between generating loweralpha-space#1-10 and loweralpha-space#8-10 is less than 3.5 minutes.

Hahahahaha. Well, clearly that idea will bring world peace, market stability and free hardware to everyone! Thank you for the perspective, Sc00bz.


Top
 Profile  
 
 Post subject: Re: GARR mirror update
PostPosted: 08 Oct 2010, 23:12 
Offline
Shoulder Surfer

Joined: 08 Oct 2010, 23:09
Posts: 4
Hey guys,
my 2 cents...
I just got a quote from FDC servers for a VPS (Virtual Private Server)

512MB RAM
3TB HDD
10Mbps unmetered
3 IP Addresses
$75/mo

That seems like a very good deal for a torrent or an HTTP host to share the tables?
What do you think? They will add storage easily I think as they must use central storage for the VPS...

P.S. I might be able to get the Uni where I work to add a few Virtual Machines and some bandwidth if you guys need it :-)

My 2 cents...
Jon


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 52 posts ]  Go to page Previous  1, 2, 3, 4  Next

All times are UTC + 1 hour [ DST ]


Who is online

Users browsing this forum: No registered users and 1 guest


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Group