Abstract: By aggregating and creating new dictionaries and manipulating them to guess plaintext and hashed passwords in high profile password exposures, we'll demonstrate which dictionary attacks are the most effective. Further research will allow for the building of passphrase dictionaries from commonly accessible sources and their effectiveness will be analyzed. Outline: 1. Overview of recent high profile passwords exposures and analysis of exposed passwords 2. Analysis of available dictionary files 3. Setup of Amazon EC2 for password cracking 4. Analysis of effectiveness of various dictionary files and cracking rulesets 5. Analysis of effectiveness of Amazon EC2 for password cracking 6. Building passphrase dictionaries 7. Analysis of effectiveness of passphrase dictionaries and cracking rulesets 8. Demonstration and release of passphrase dictionaries and tool for building passphrase dictionaries 9. Q&A (though this will be an interactive presentation and there will be audience engagement throughout)

 Steve Werby

Back to Hack3rcon 3 video list