You may reprint or publish this article free of charge as long as bylines are included.Original URL (The Web version of article)
------------
Crack The Code - That's A Direct Challenge
Title
-----
Crack The Code - That's A Direct Challenge
I Challenge You To Crack The Code
-----------------------------------------------
I had quite an interesting experience recently. I was hired by a company to perform a vulnerability assessment and penetration test on their network. During initial meeting, one of key technical staff presented me with a challenge; He handed over NTLM hash of domain Administrator account and challenged me to decipher it. He explained that complexity and length of password would prevent me from deciphering it during time allotted for project. He was actually quite confident in my impending failure.
In most cases, this individual would have been right on mark. On other hand, I'm not sure he expected to challenge someone who has close associates with discretionary time on some of most powerful computers in world.
6 Hours, 2 Servers, 64GB of Memory, and 32 Processors Later and.....
--------------------------------------
It took just under six hours to decipher password. Of course, my 'associates' were using a program of my choice on servers with 32 processors and 64GB of RAM a piece. It's nice to have friends with access like this. Especially in my line of work. Needless to say, my client was shocked when I called him next day and gave him password.
Let's Have Some Fun: A Challenge For You
----------------------------------------------
(In order for you to do this, you need to go to: http://www.defendingthenet.com/NewsLetters/ CrackTheCode-ThatsADirectChallenge.htm)
Shortly after this experience, I started thinking about writing an article about it. Then I thought to myself, why write just an article? Why not come up with a challenge for our readers?