The title probably explains the whole problem. I recently downloaded the wattpad leak but all passwords are encrypted with bcrypt. Is there any hope of cracking those hashes or is bcrypt impossible to bruteforce?
(July 20, 2022, 01:37 PM)m0st Wrote: Nothing is impossible to bruteforce, and you could've learned that if you spent 2 seconds googling. Lurk moar.
Well thanks for that sarcastic answer. I am aware of the fact that everything is able to be bruteforced, however I dont have time until the heat death of the universe. I am also aware of the fact that bcrypt is harder to bruteforce because it takes more time. I asked for the best way to decrypt it.
You asked if brute force is impossible, so it is and is not. It depends on the length of the password. Some password policy has a minimum of 8 characters. (bcrypt is slower to crack than md5 which is faster). Try to create a file for all these passwords and crack them with online tools.
I see you niggers using "encrypt" and "decrypt" while you're talking about hashes. There's no encryption or decryption involved whatsoever. Commit suicide ASAP
The way I do it is make myself a small script that reads a plaintext list of passwords and then uses the built in .compare() function of the bcrypt module and see if it is a valid. If the site is using generated salts then just parse it and add it to the function call otherwise you'll be good to go with just that. I prefer to do it this way since I can easily control the speed of which the passwords are being compared and using a language such as Go I can get way more checks per second that I was able to achieve in hashcat.
Well you can using be hashcat probably with a password list since I will see if there something more .
Those who share kindness, I will repay that payment 10-fold, and Who do injustice, try to hurt the innocent, I will repay that injustice a 1000 times over.
