brute-force

问题 I am having a thin gateway/portal application based on Node.js and express . It is managing sessions, user authentication and routing (to the actual application). According to https://www.owasp.org/index.php/Session_Management_Cheat_Sheet#Session_ID_Guessing_and_Brute_Force_Detection it is recommended to block IP-adresses once the application detects multiple failed login attempts in a given period. Now I am having 2 questions: 1) In what part of the infrastructure should those IP-Adresses be

问题 Hi I have the 3 dimensional matrix in the code below. I am trying to sum all the 24 elements of "n" for every "number_panels" and "number_turbines" combination. what I have below doesn't sum across the 3rd dimension for number_panels = 0:5 for number_turbines = 0:2 for n = 1:24 % number of hours per day hourly_deficit(number_panels + 1, number_turbines + 1, n) = Demand(n) -... (PV_supply(n)*number_panels) - (WT_supply(n)*number_turbines); if hourly_deficit(number_panels + 1, number_turbines +

问题 Will it shut down & lock up after repeated false password tries, and/or will it add lags in-between retries? Or does this depend on which modules you or your provider install? Thanks! 回答1: default Apache installation does not do that. usually this is better done by your web application (eg, PHP/JSP) for account attack. for network attack, better not for web servers because it's hard to identify the source due to so many anonymous / transparent proxy / VPN / NAT stuff. once you've implement

问题 So I was looking at http://codahale.com/how-to-safely-store-a-password/# and became curious how fast different hash could be bruteforced on a somewhat powerful desktop computer and was tempted to test it Most of the algorithms I've seen though are single-threaded and it struck me that this would be a really interesting challenge in using c# 4.0 Parallel.net/Plinq extensions and concurrent structures (like ConcurrentBag and IProducerConsumer). So my task is as follows, build the most efficient

问题 I have the following homework task: I need to brute force 4-char passphrase with the following mask % % @ @ ( where @ - is a numeric character, % - is an alpha character ) in several threads using OpenMP. Here is a piece of code, but I'm not sure if it is doing the right thing: int i, j, m, n; const char alph[26] = "abcdefghijklmnopqrstuvwxyz"; const char num[10] = "0123456789"; #pragma omp parallel for private(pass) schedule(dynamic) collapse(4) for (i = 0; i < 26; i++) for (j = 0; j < 26; j

问题 I have a triangle with two-hundred rows, where I have to find the maximum distance to get from the top to the bottom of the triangle. 5 9 8 5 4 6 9 7 3 4 Here, the shortest distance would be 5+8+4+3=20. The maximum distance would be 5+9+5+9=28. I have a good idea of the algorithm I want to implement but I am struggling to turn it into code. My plan is: start at the 2nd to last row, add the maximum of the possible paths from the bottom row, and iterate to the top. For instance, the above

问题 I need to make program that solves bin packing problem, but I already made first fit and greedy algorithms, but my lecturer says in some cases it won't find the minimal solution to the problem. So i decided to try bruteforce, but I have no clue how it should check all possible solutions. So yea.. can someone explain to me or give pseudo-code or something. I would appreciate a lot. 回答1: Note that bin-packing is an NP-hard problem, basically meaning it will take excessively long to run brute

问题 I have set up my db to log every failed login attempt. I thought I would multiply the number of failed attempts with 0.05 seconds or something. Something like: time_nanosleep(0, (50000000 * $failed_attempts ) ); More attempts a hacker uses to guess a password, more time does it take to check every time. After checking a 100 passords he must wait 5 sec between each try. Is this a good way to stop bruteforcing? I identify the users by IP. So I guess you can bruteforce the application by using

问题 I'm making a password brute forcing tool as a learning exercise, and I want it to be resumable. So, what I want is to be able to say, this is the set of possible characters, if I computed the Cartesian set of every possible combination of this set up to length n, what is the set at point x? However, I want to do this without computing the entire set. I've seen similar logic in one place online but I was unable to generalise this to fit. Any help would be fantastic, thanks! I'm fluent in C# if

问题 I'm making a password brute forcing tool as a learning exercise, and I want it to be resumable. So, what I want is to be able to say, this is the set of possible characters, if I computed the Cartesian set of every possible combination of this set up to length n, what is the set at point x? However, I want to do this without computing the entire set. I've seen similar logic in one place online but I was unable to generalise this to fit. Any help would be fantastic, thanks! I'm fluent in C# if