Crowbar cracks SD cards and retrieves data without a trace

Crowbar cracks SD cards and retrieves data without a trace
Crowbar cracks SD cards and retrieves data without a trace

  This message is in MIME format.  The first part should be readable text,
  while the remaining parts are likely unreadable without MIME-aware tools.

Content-Transfer-Encoding: QUOTED-PRINTABLE

By John Breeden II
Aug 21, 2009

Pros: Easy to use, can set up password crack groups for greater hacking speed
Cons: Only works with MMC/SD cards
Performance: A
Ease Of Use: A
Features: C
Value: C
Price: $2,300

Sometimes breaking into a place requires a lock pick, and sometimes it 
requires a crowbar. In this case, the crowbar is not a chunk of steel 
but a handheld device used to crack even the most complex passwords.

There is one extremely effective way of breaking into a 
password-protected computer, especially one without a lockout timer or a 
security subsystem that looks for attacks: You simply need a program to 
perform a dictionary attack against the password, trying every possible 
word from the dictionary to see if any fit. You would be surprised at 
how many people use a big word like "disestablishmentarianism" and think 
that it can=E2=80=99t be hacked.

Sorry, but if it=E2=80=99s a real word, a dictionary attack will find it. If the 
dictionary attack fails, the next step is to try dictionary words with 
numbers after them, because a lot of people will use something like 
Password1 and think that the number makes them secure. It does, but only 
by a few seconds on a hack.

Barring that, there is the tedious process of trying every possible 
character and letter combination in existence. This will work 
eventually, though it might take hours or even days. These attacks can 
be stopped if a program is monitoring for too many log-in tries. But 
most handheld devices don=E2=80=99t have that protection, making them vulnerable 
to attack.


Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

Subscribe to InfoSec News 

Site design & layout copyright © 1986-2015 CodeGods