Building Dictionaries and Destroying Hashes Using Amazon EC2

Presented at DerbyCon 2.0 Reunion (2012), Sept. 30, 2012, 9 a.m. (50 minutes).

By aggregating and creating new dictionaries and manipulating them to guess plaintext and hashed passwords in high profile password exposures, we’ll demonstrate which dictionary attacks are the most effective. Further research will allow for the building of passphrase dictionaries from commonly accessible sources and their effectiveness will be analyzed.


Presenters:

  • Steve Werby
    Steve is an independent information security consultant and researcher. He was formerly the Chief Information Security Officer at the University of Texas at San Antonio (UTSA), as well as enterprise information security officer for the Virginia Department of Corrections and Virginia Commonwealth University. Before making the shift to information security program management, he operated an information security consultancy with an international client base largely consisting of ISPs, web hosting firms and ecommerce businesses. He has an engineering degree, an MBA and numerous certs, but is prouder of the fact he hasn’t signed his name the same way twice since 2009.

Similar Presentations: