[plug] Apache & htpasswd
Matt Kemner
zombie at wasp.net.au
Mon May 21 12:26:05 WST 2001
On Mon, 21 May 2001, Christian wrote:
> Your only hope of reversing them would be mounting a
> brute force dictionary attack which would likely be successful against a
> good percentage of them but would take some time against 1400 passwords
> and you would never get 100%.
Give it a crack[1] anyway, I'd say there's a chance you'll get a very
large number of them very quickly - because many people choose simple
passwords when given the choice, and if you get 90% of them, then that
means there's only 140 people you need to contact about the new password
you've generated them.
Shouldn't take _too_ long on a recent machine anyway.
I suggest grabbing "john the ripper" and trying that in single mode first
(which should only take a few minutes) and then dictionary mode with a
largeish dictionary (which I can supply if you want)
It might not bring you the results, but it's worth a try, I would think.
- Matt
[1] Pun intended
More information about the plug
mailing list