I spend 4 days from Tuesday to Friday to re-structure and complete two parts of Hash kit.
Include:
[Brute-force attack and Dictionary attack]
-Dictionary attacks
-Search attacks
-Role-based search attacks
-Brute-force attacks
[Hash chain]
-Specific chain analyzer
-Normal chain analyzer
Let me explain and summary again these function in Hash kit
[Brute-force attack and Dictionary attack]
Pre-image resistant For any given Y, it is difficult to find an X such that H(X)=Y.
In here given Y, which means hash value, we try to find X. By using [Brute-force attack and Dictionary attack]
Dictionary attacks:
A dictionary file might contain words, we try to find H(word) == Y, if H(word) = Y, the word is X.
Search attacks:
Random string instead of a list of dictionary file, random string characters include number 0~9, English letters a~z A~Z, other symbols like %*$..., covers all possible combinations of a character set, but password length is fixed by user.
Rule-based search attacks
If user know a part of fragment of X, and ((fragment of X) + random string ) as key word, try to find the whole value X
Brute-force attacks
Try all possible combinations(no selection by user), the password length is not fixed, a range of password length can be setup by user. Actually it is similar as search attacks, but the combination rate is higher than search attacks. It might take some time because of the large number of possible combinations.
[Hash chain]
Given a string X or Y, X stand for password, Y stand for H(password)
In current hash chain analyzer on Hash kit, only support Y, may be I will add it in next few days or only support input X
[Specific chain analyzer]
To find the specific Y, if equal to H(H(...(H(Y)))
It is difficult to find, the chain index is 0 to n
[Normal chain analyzer]
To find any chain, if H(H(...(H(Y))) equal to H(H(......(H(Y)))
The chain index is n1 to n2
I hope my team mates can finish their parts as soon as possible.
Week 8 is prototype day~~~So we need to finished most of part of Hash kit before that date
