Anything stealthy where you wouldn’t want what you’re doing to show up, hence the preference to have access to existing accounts; again - you don’t need to go to all that bother to install a rootkit or similar (the bother of having to get the hashes to begin with, etc, which means that you must have been in the system already).

(I get that there are those easily-guessable words that are likely to be used, and during any security testing you’d obviously have to emulate what any attacker would bruteforce with; then it’s a case of ‘well we found 20 people using these insecure passwords, so you’ll have to have those changed and inform them not to use such things’)

I still think that the actual generation of all possible combos is possible realistically with some more recent hardware (eg - a couple of overclocked CPUs and say 3 GPUs in SLi), but again those combos still have to be entered-in - offline that’s fairly easy, as automatic login scripts exist even if you don’t know what to write them in yourself, but online in realtime it’s obviously much more difficult to pull off. But given an anonymous high-bandwidth link to the machine the access is wanted to, it’s still in the realms of possibility, and getting more possible day by day. Even a botnet could be busy processing away for that purpose.

Using pure simple brute force isn’t practical.

Like Rainbow crack for ‘reversing’ hashes, it only works if they are unsalted.

And Windows hashes can be cracked so quickly due a flaw in the way they are stored.

So it turns out that I came across my answer while studying to take CompTIA’s security plus exam. According to the security + book, the answer is based on exponential factors. I will quote the passage:

“Passwords should be as long and as complicated as possible. Most security experts believe a password of 10 characters is the minimum that should be used if security is a real concern. If you use only the lower case letters of the alphabet, you have 26 characters with which to work. If you add the numeric values 0 through 9, you’ll get another 10 characters. If you go one step further and add the uppercase letters, you’ll then have an additional 26 characters, giving you a total of 62 characters with which to construct a password.

If you use a four-character password, this would be 62×62x62×62, or approximately 14 million password possibilities. If you use five characters in your password, this would give you 62 to the fifth power, or approximately 92 million password possibilities. If you used a 10-character password, this would give you 64 to the tenth power, or 8.3 x 10^6 (a very big number) possibilities. As you can see, these numbers increase exponentially with each position added to the password. The four-digit password could probably be broken in a day, while the 10-digit password would take a millennium to break given current processing power.
If your password used only the 26 lowercase letters from the alphabet, the four-digit password would have 26 the the fourth powe, or 456,000 password combinations. A five-character password would have 26 to the fifth power, or 11 million, and a 10-character password would have 26 to the tenth power, or 1.4 x 10^15. This is still a big number, but it would take only half a millennium to break it.”

So in my situation if i were to create a brute force word list that only covered the MINIMUM number of characters required in a WPA key, the possiblities would be 62^6, or 56,800,235,584 words in my word list. And that does not included nonalpabetic characters such as #,$, and %.
Oh well, i guess i will just stick with really large random password lists.

O.T.:

I know a lot of encryption systems say they are irreversible, I’m not so sure that’s true (ie: actually possible, although they are ‘practically’ irreversible). Is it really feasible to do anything to a number that cannot be done in reverse……maybe what they mean is that when an encrypt is being done based upon previously obtained values, and then also has some kind of randomisation of data thrown in, it’s harder to break because even if you know what the encryption standard in use is - you’re having to backwards calculate a value to fit whatever round of the encryption standard deals with that phase, hence there could be many possibilities and you then have to backwards calculate each of those also.

(there’s a certain cartoony funny quality to all this though, given that if you have an all-possibilities wordlist and an appropriate bruter (and the hw) then the ‘game’ is up, and everyone has to rely on constantly changing morphing encrypts. At least, that’s how it looks to me anyway when I’m reading through the great lengths and amount of phases that go into generating what turns out to be the usual - a keyword that unlocks the encrypted data or communication.)

“And by the way, ah hates the rabbit!”

Salt = Encryption key
Hash = Encrypted text

The salt can be changed every time the hash is queried and is irreversable.

Thats my understanding I may be way off line.

What dee hell is a ’salted hash’? I’m guessing it doesn’t come with NaCl sprinkled on it.

Oh no! It’s my Scottish English teacher!