TRIPCODE CRACKING THREAD (88)

1 Name: !JqK7T7zan. 1993-09-4292 15:25 [no]

ITT WE CRACK PEOPLES' TRIPCODES AND POST THEM. LIKE THIS:
Mr VacBob#avisucks

39 Name: inst 1993-09-4329 11:45 [no]

okay, just crashed retard winxp netcafe machine trying to crack own tripcode.

40 Name: asdf!BbuuSkRm6I 1993-09-4329 15:26 [no]

5ibG0jiWNc

41 Name: asdf!hMrc.fQPR6 1993-09-4329 15:28 [no]

5ibG5ibG5ibG

42 Name: inst 1993-09-4330 12:04 [no]

lets see...

~370 trillion bytes of tripcode
10 digit trip...

~37 trillion tripcodes
125,000 / sec / ghz

google says 296,000,000 secs/ghz
4,933,333.33/min/ghz
82,222/hr/ghz
3,425/days/ghz

but there's a flaw in the encryption scheme right?

43 Name: Not in Employment, Education or Training 1993-09-4330 13:03 [no]

The flaw is that people use lowercase dictionary words for their trips.

44 Name: Not in Employment, Education or Training 1993-09-4331 12:30 [no]

Osaka#somethin

45 Name: !8FVFEBTVK2 1993-09-4331 12:33 [no]

orly?

46 Name: Not in Employment, Education or Training 1993-09-4331 13:18 [no]

>>42

yup. secure tripcodes.

48 Name: CAPS LOCK IS CRUISE CONTROL FOR COOL 1993-09-4406 18:12 [no]

Relevant:

http://4dist.yi.org/_darcs/current/
http://www.blackmage.org/bm/wakaba/sandbox/res/293.html#i293

special wtfux tripcode edition:

"/viWp5eJ7M" == am "ramakand" for Tradition
"1cw3yHQWPU" == os "loser" for hitsugi-chan
"40wTp2SuQA" == 38 "4386" for Casey Benedict
"40wTp2SuQA" == 38 "4386" for Whitefire_Phoenix
"7YNjkQXRoY" == ol "holms" for shlom
"90DqOMAzzQ" == ea "peachesa" for pizza
"ApW7h3/alM" == FK "NFK" for Hiryu
"BFMQOBVsq2" == HA "WHAM" for flaminspatula
"Cv4F.Ton2s" == 0m "z0mG" for t00t
"FEZKlA6o6g" == la "blarg" for ?Man_of_Mystery ?
"IFQSknf/N." == in "ninja" for z0s
"IHz1xNo7cY" == yu "nyuu" for Zweihander
"MtPxH6aT8A" == sx "asx145" for leo
"NFQrQpaohQ" == ea "Yeah!" for HoodyVader
"SDh0.MH382" == an "cantstop" for HandsomeMatt
"VAPEnPev9o" == lu "fluffi" for Meggy
"YTVxxKH.bU" == ss "asshole" for haruko
"ZxA9b/rk0g" == ea "deathscy" for Silas
"a6/9fF6Eqg" == ig "nigga" for Sol-Badguy
"gBeeWo4hQg" == H. "^" for hmuryj
"hEpdoZ.tHU" == ri "trip" for iPodNano
"j1Ylk0gFC2" == il "pilcrow" for ?lieu
"k/ML0Ouw/A" == na "anacardi" for Lacquer
"kxrJVlZ8OE" == ah "hahaha" for washer
"nqprlgUDj6" == uh "buh" for ?Normal-chan
"o7IoaYt5UM" == he "cheese" for Thirdfold
"ozOtJW9BFA" == as "password" for Kamui_Moteuchi
"ozOtJW9BFA" == as "password" for Worm
"tsGpSwX8mo" == H. "1" for Not
"upWm/KiLZA" == an "panis" for ?Eric
"upWm/KiLZA" == an "panis" for Eric
"wmSvemWhS2" == ar "harrison" for Whitey
"xBtXOIdfsk" == ia "miaow" for strifeheart
"xJvxIGZ1bg" == as "casbah" for Genin

49 This post sucks.

51 Name: !S1.EVnWByA 1993-09-4411 07:21 [no]

this thread delivers

52 Name: !7d9OhDX71o 1993-09-4411 07:22 [no]

testing

53 Name: !Ep8pui8Vw2 1993-09-4497 20:25 [no]

testing

54 Name: Osaka!8FVFEBTVK2 1993-09-4497 20:52 [no]

õ

55 Name: dontwork!z.umLmB/fo 1993-09-4498 22:51 [no]

dontwork#BFMQOBVsq2

56 Name: moot!Ep8pui8Vw2 1993-09-4518 13:58 [no]

hmm?

57 Name: MODD!5JrU4QOlH6 1993-09-4519 17:44 [no]

>>56 BAN!

58 Name: Captain Obvious 1993-09-4519 23:24 [no]

BANKAI!

59 Name: Captain Obvious 1993-09-4520 07:35 [no]

BAN
DAI

60 Name: Captain Obvious 1993-09-4520 08:09 [no]

makes shitty overpriced merch

and wants to die
BECAUSE ITS WINTER
turned the gun on itself

61 Name: Captain Obvious 1993-09-4520 20:24 [no]

I have cracked MODD it is MODD!withtripcode

62 Name: MODD!5JrU4QOlH6 1993-09-4520 20:25 [no]

>>61 is assigned banned status.

63 Name: Captain Oblivious 1993-09-4524 06:06 [no]

So those crazy "custom" tripcodes are the hardest to crack
because they follow the rules of a good password.
Unless the user is DQN enough to do a sequential search
and take the first match that pops up.

64 Name: Captain Obvious 1993-09-4525 07:58 [no]

Even people with custom tripcodes barely scratch the surface of the possibilities. 56 bit key(8 characters of 7 bits, 8th bit discarded) -> cannot use # character (you only lose a tiny bit here) -> further reduced to something like [0-9a-zA-Z!@$%^&*()-=+;'/.?><:"`~]

Then again, the keyspace really doesn't matter, as the tripcode's pretty tiny too. Honestly, i'm surprised there are not any known collisions.

>>42
Yes, DES has been "broken". The problem is you need a lot of known or chosen plaintexts for the key, and a tripcode always uses the same plaintext (all 0x00) thus that isn't going to help.

65 Name: Captain Obvious 1993-09-4525 10:25 [no]

2^56 72057594037927936
128^8 72057594037927936
2^7 ^8
98^8 8507630225817856
94^8 6095689385410816 (typable)
2^53 9007199254740992
64^10 1152921504606846976
2^60 1152921504606846976
Now we start killing the keyspace
First things first, no # or we would hit secure tripcodes
127 possible characters
clean_string will kill 0x00-0x08, 0x0b-0x0c, 0x0e-0x1f 29 characters total
Thats a lot of characters you say, yeah, total down to 98 (98^8 8507630225817856) basically an order of magnitude
And since the salt is chosen from the key, no help there

Now, crypt(3) returns a 13 character string, only the last 10 characters are saved. The first two were the salt anyways
So now we have 10 characters that have 64 possible combinations ( 0x2e-0x39 [./0-9] (12 characters), 0x41-0x5a [A-Z] (26 characters), 0x61-0x7a [a-z] (26 characters)
64^10 1152921504606846976
Thus, we should be able to find a collision in 2^30

My low-end a64 can do ~900,000 des operations a second, but 2^20 (1,048,576) is certainly a reasonable number.
So finding a collision would take 2^30/2^20 time, or 2^10 1024 seconds... yay?
It would take 2^60/2^20 = 2^40 seconds on average for a first-preimage attack, or 34,842.1652 years.
(And theorhetically, found any novelty tripcode you wanted)
Lets try to exhaust the keyspace, remember that 98^8 number? It is ~ 2^53 (9007199254740992)
2^53/2^20 = 2^32 = 4294967296 seconds or 136.102208 years.. still seems like a long time. Get 150 computers (or friends with them) and you end up with 331 days.. 1500 computers and just over a month..hey if you have $750,000 burning a hole in your pocket you could do it in under a month (assuming ~$400 for a computer that does 2^20 a second)
Does this sound familar to anyone though? In '98 the EFF made Deep Crack for $250,000 and it could do over 9,000,000,000 DES operations a second. 2^56 took ~ 5 days, 2^53 would take a lot less.. and that isn't even taking into account Moore's law (Assuming 8 years, thus 96 months, 96/18 5.333... 'doubling' of computing power) it would only cost ~$7500 for 5 days or take only 3.5 hours for $250,000

I certify this post as VIP quality

66 Name: Captain Obvious 1993-09-4526 11:46 [no]

>>64 Lets collide.

67 Name: !vGbYR5E5Ys 1993-09-4539 07:13 [no]

dfg

68 Name: !1wxzbbwPmQ : 1993-09-4920 17:11

lol internet

69 Name: !5/2kkxYfkE : 1993-09-4920 17:13

test

70 Name: !HOldTEstcs : 1993-09-4920 17:52

Hold this test

71 Name: ⊂二二二( ^ω^)二二二⊃ : 1993-09-4920 18:02

>>61
Thank you, Captain Obvious.

72 Name: trip code!pVsNW7Hx9w : 1993-09-4921 00:33

I've got a trip code, I'm a piece of toast, LOOK AT ME!

73 Name: moot!Ep8pui8Vw2 : 1993-09-4921 12:21

whats going on in this thread?

74 Name: !2pCM3LeaQY : 1993-09-4921 13:17

my trip

75 Name: !!JJYYs87i : 1993-09-4940 18:53

hax plz

76 Name: HAVE A POO!TK/UA49EzE!!sFVhwBIa : 1993-09-4940 20:46

HAVE A POO

77 Name: ­­ ­­ : 1993-09-4957 01:17

­­ ­­

78 Name: ­­­­ : 1993-09-4957 03:10

I cant fucking crack Snacks.

79 Name: ckx!miko9YC7m. : 1993-09-5003 02:53

uguu

80 Name: Ted!c0RBin.rN. : 1993-09-5006 04:58

>>64

It gets worse, actually. DES is insanely resistant to key recovery, and the known-plaintext and chosen-plaintext attacks are essentially worthless. Even implementing the chosen-plaintext attack for tripcodes would reduce the complexity to 2^49, at most. That keyspace is far too large to search.

The good news is that the reduced hash nature of crypt() means that collisions actually can happen, if you search long enough. Essentially, your best bet is to use the fasttrip approach: use rand() to pseudorandomly iterate through possibilities of 8-character keys, and use a regex to search for the tripcodes you want.

81 Name: ⊂二二二( ^ω^)二二二⊃ : 1993-09-5006 06:40

Regex? If you're trying to crack a tripcode a regex is a waste of cycles; you'd want strcmp() instead.

82 Name: God!vBOFA0jTOg : 1993-09-5006 13:41

Can't crack mine... cuz I'm God.

83 Name: MODD!!SPtr2l96 : 1993-09-5006 14:00

>>62 is assigned banned status.

84 Name: MODD!5JrU4QOlH6 : 1993-09-5006 19:05

>>83 is

85 Name: MODD!be8zipsUOs : 1993-09-5006 21:17

>>84 is

86 Name: MODD!WO5a7iLdSY : 1993-09-5006 22:19

>>85 isn't

87 Name: SovietRussia!lM51PoudCg : 1993-09-5022 10:02

test

88 Name: Moot!Ep8pui8Vw2 : 1993-09-5022 21:43

sup, guys?

This thread has been closed. You cannot post in this thread any longer.