This project demonstrates how password entropy saved alongside a password hash can be used to significantly reduce the time required to crack hashed passwords.
For a further explanation see: http://gavinmiller.io/2016/a-tale-of-security-gone-wrong/
- Clone the project:
git clone git@github.com:gavingmiller/entropy-password-cracker.git
- You may need to install SQLite3 bindings, e.g.:
port install sqlite3 +universal
yum install sqlite-devel
apt-get install libsqlite3-dev
- Install the required libraries:
bundle install
- Crack the user database:
ruby crack_user_database.rb
generate_user_database.rb
is available for you to modify/play with