Keyspace List for WPA on Default Routers - Printable Version +- hashcat Forum (https://hashcat.net/forum) +-- Forum: Misc (https://hashcat.net/forum/forum-15.html) +--- Forum: User Contributions (https://hashcat.net/forum/forum-25.html) +--- Thread: Keyspace List for WPA on Default Routers (/thread-6170.html) |
RE: Keyspace List for WPA on Default Routers - soxrok2212 - 02-01-2018 (01-31-2018, 11:36 PM)fart-box Wrote: Long ago, someone contributing to this thread purchased an NVG router from E-bay to use for testing. Was that you, soxrok2212? I do have an NVG589 or 599, don’t remember which one. I don’t have time to work with it right now but at the next opportunity I will get that information for you. RE: Keyspace List for WPA on Default Routers - Codsworth - 02-06-2018 Do you have any info on ASUS routers? RE: Keyspace List for WPA on Default Routers - another - 02-12-2018 (02-06-2018, 10:22 AM)Codsworth Wrote: Do you have any info on ASUS routers? I met one ASUS RT-N11P and it has WPA2-PSK that looks like this: ?l?l?l?d?d?d?l?l?l (The characters involved are: 8,2,4,k,f,t,s,w and one letter shows up two times in a row). I guess the worst case keyspace is [0-9, a-z], 9 characters long... RE: Keyspace List for WPA on Default Routers - jurasjo - 02-13-2018 Do you have any info on Pegatron routers? RE: Keyspace List for WPA on Default Routers - TheBogeyman - 02-14-2018 Pegatron has 9 (nine) digits. RE: Keyspace List for WPA on Default Routers - jurasjo - 02-14-2018 Thank You. RE: Keyspace List for WPA on Default Routers - another - 02-17-2018 (02-13-2018, 11:23 AM)jurasjo Wrote: Do you have any info on Pegatron routers? In my experience they are almost always 27?d?d?d?d?d?d?d or 28?d?d?d?d?d?d?d. But they definitely start with number 2, for the second number I've never seen anything but 7 or 8... RE: Keyspace List for WPA on Default Routers - mrfancypants - 03-13-2018 I'm gone for less than a year and you guys have already added 5 more pages! Let's recap. * I am easily distracted. * AT&T firmwares were ridden with holes and backdoors (even I, not a security researcher in any way, found two different holes, which is how I managed to collect enough passwords to work out algorithms for the 589 and the 599 in the first place.) I had even submitted one CVE report (CVE-2017-10793) but was not sure what to do with it afterwards. * About two months later, a real security researcher blew the whistle on this and found both of my holes and several others, which evidently led to some outcry and AT&T promptly got the most glaring holes patched. See https://www.nomotion.net/blog/sharknatto/. * It does not look like AT&T got wise to the fact that we know how they do passwords (or did they?) * I gave up before figuring out the remaining rounding-error effects in the 589 and the 599, which is why algorithms only work most of the time. * I did not work out the 5268 algo at all, but I see that some guy on Hashkiller managed to crack a couple of them. No one seems to know how exactly he did it. Am I missing anything? RE: Keyspace List for WPA on Default Routers - soxrok2212 - 03-13-2018 Nope. You pretty much hit the nail on the head. Glad to see you back! RE: Keyspace List for WPA on Default Routers - soxrok2212 - 03-15-2018 I actually just got back to where the box is. I’ll take it with me when I leave and see if I can JATG this thing. Hopefully I’ll get back to you by next week if I can figure it out. |