PHDays video




Brute-Forced in Sixty Seconds

Want to visit   +73

Author: Nikolay Anisenya

The vast majority of users prefer dictionary passwords, modified according to certain rules, instead of randomly generated. Such rules can be found on the internet, but they are compiled semi-automatically or manually by using password hashes from leaked databases without considering some peculiarities (e.g. how such personal data as name and birth date are used in passwords). The moderator will describe a rule-based bruteforce attack, suggest a method of shortening a list of rules for attack optimization, and compare his approach with other existing solutions.

  • Language
  • Russian

Nikolay is a mobile application security specialist at Positive Technologies. He is a postgraduate of the Information Security and Cryptography Department at Tomsk State University. Graduated from the Faculty of Applied Mathematics and Cybernetics. Since 2011, he’s been participating in CTF contests as a member of SiBears.

Nikolay Anisenya Nikolay Anisenya

Back to the list