1

I'm currently writing a password cracker in Python and was thinking about the best strategy for searching a dictionary of password hashes, based on a downloaded wordlist.

Password lists such as rockyou are ordered in terms of most common passwords, so my initial approach was to search the dictionary in order, in case the hash I'm trying to crack is one that corresponds to a very common password that is at the top of the list. However, I was thinking that for less common passwords this linear search could take a very long time, so I was considering implementing a binary search. Would this be faster overall, or would a linear search be quicker on average (given that many passwords will be at the top of the list?)

Would it be a sensible strategy to do a linear search over the top 100 or so passwords, and then switch to binary search if not found?

twigonometry
  • 166
  • 1
  • 9

1 Answers1

1

My method for completing this task would be the same as you to check the most common passwords first. The size of this will be depend on the size of your database, a bit of trial and error wouldn't go a miss here as the correct number we will depend on how random passwords are.

For the the full search I would search through the sorted hashes as this is often fastest.

Why is processing a sorted array faster than processing an unsorted array?

CodeCupboard
  • 1,507
  • 3
  • 17
  • 26