brute-force

There are several useful answers on SO regarding prevention of brute forcing a password of a web service by applying throttling. I couldn't find any good numbers though and I have little expertise in this area, so the question is: How many attempts does it usually take to brute-force an average password of 6 or more characters (with no additional knowledge that may help, but taking into account that passwords are probably prone to dictionary attacks) and based on that, what are meaningful limits to apply to the throttling algorithm without disrupting the user experience? This is my current

I would like to randomly iterate through a range. Each value will be visited only once and all values will eventually be visited. For example: class Array def shuffle ret = dup j = length i = 0 while j > 1 r = i + rand(j) ret[i], ret[r] = ret[r], ret[i] i += 1 j -= 1 end ret end end (0..9).to_a.shuffle.each{|x| f(x)} where f(x) is some function that operates on each value. A Fisher-Yates shuffle is used to efficiently provide random ordering. My problem is that shuffle needs to operate on an array, which is not cool because I am working with astronomically large numbers. Ruby will quickly

In an attempt to write a brute force maze solving C program, I've written this java program first to test an idea. I'm very new to C and intend to convert it after getting this right in java. As a result, I'm trying stick away from arraylists, fancy libraries, and such to make it easier to convert to C. The program needs to generate a single width path of shortest steps to solve a maze. I think my problem may be in fragmenting a path-storing array passed through each recursion. Thanks for looking at this. -Joe maze: 1 3 3 3 3 3 3 3 3 3 3 0 0 0 3 3 0 3 3 3 0 3 3 3 2 Same maze solved by this

I'm making a password brute forcing tool as a learning exercise, and I want it to be resumable. So, what I want is to be able to say, this is the set of possible characters, if I computed the Cartesian set of every possible combination of this set up to length n, what is the set at point x? However, I want to do this without computing the entire set. I've seen similar logic in one place online but I was unable to generalise this to fit. Any help would be fantastic, thanks! I'm fluent in C# if that helps. Edit: Here's the question I mentioned earlier: How to select specific item from cartesian

I have this homework assignment to make a recursive method to crack a password of a given length, n (unlimited and unknown!) made of small English letters, a-z ONLY. Here's the class "Password" that creates a random password: import java.util.Random; public class Password { private String _password = ""; public Password(int length) { Random generator = new Random(); for (int i = 0; i < length; ++i) { this._password = this._password + (char) (generator.nextInt(26) + 97); } } public boolean isPassword(String st) { return st.equals(this._password); } public String getPassword() { return this.

I'm trying to write a word combination generator, I mean to print all the possible combinations of "X" amount of characters with "X" string length, First of all I need to say I saw a question in StackOverFlow about exactly this problem which have a lot of answers of word generators to do exaclty this (on different languages), but please, don't mark this as duplicate or don't comment my question only to reference-me that link 'cause I've tested ALL the C# and VBNET codes of that question and really none works 100% as expected, see the combinations I need: For example, If I have "a","b" and "c"

I have a bunch of encrypted files that I want to decrypt (duh). I found out they are encrypted with Blowfish using a 224-bit key after some research. I know what the first few bytes of the plaintext looks like (it's kind of a header). Noting that I am not NSA nor do I have ridiculous computing power, is there any chance of me brute forcing the key within a reasonable time (eg: not the life of the universe)? I read somewhere that someone published an attack on the full-blown Blowfish (no pun intended) that reduces the search to 2^(n/2) but it mysteriously disappeared. Apparently it was some