|
Search Results
|
| Post |
Author |
Forum |
Replies |
Views |
Posted
[asc]
|
| |
|
Thread: Minimum investment on a descent rig for 16+ character NTLM passwords
Post: RE: Minimum investment on a descent rig for 16+ ch...
|
phildo Wrote: (05-08-2018, 11:52 PM)
--
(Sorry if this post is about to go off topic- but now I'm curious!)
Wait- how? Just to make sure- a dictionary is a list of password possibilities ("MyPa5... |
|
mrfancypants |
Hardware
|
10 |
26,773 |
05-09-2018, 12:47 AM |
| |
|
Thread: Minimum investment on a descent rig for 16+ character NTLM passwords
Post: RE: Minimum investment on a descent rig for 16+ ch...
| For reference. I've just grabbed a list of 7500 NTLM hashes (which is what you'd dump from a SAM database) from another forum and hit it with my dictionaries using a NVIDIA GeForce 980 Ti.
It took ... |
|
mrfancypants |
Hardware
|
10 |
26,773 |
05-08-2018, 11:02 PM |
| |
|
Thread: Mask starting with a dash
Post: RE: Mask starting with a dash
|
mrfancypants |
hashcat
|
4 |
10,929 |
05-08-2018, 07:59 PM |
| |
|
Thread: Mask starting with a dash
Post: RE: Mask starting with a dash
| But, as my examples show, hashcat won't honor any attempts to escape the leading dash. If I write '-?d' or \-?d instead of -?d, that $ or \ goes straight into the mask.
And besides, it should be ab... |
|
mrfancypants |
hashcat
|
4 |
10,929 |
05-08-2018, 07:03 PM |
| |
|
Thread: Mask starting with a dash
Post: Mask starting with a dash
| Looks like hashcat has a problem with masks that start with a dash:
Code:
--
e:\hashcat-4.1.0>hashcat64 -O -w 3 -m 0 -a 6 --gpu-temp-disable 66343_left.txt files -?d
hashcat64: unknown option -- ... |
|
mrfancypants |
hashcat
|
4 |
10,929 |
05-08-2018, 09:39 AM |
| |
|
Thread: Keyspace List for WPA on Default Routers
Post: RE: Keyspace List for WPA on Default Routers
|
fart-box Wrote: (04-23-2018, 01:04 AM)
--
And one last thing regarding four alpha characters in a row... The last character in the password is added to the key, almost as an afterthought, at the end ... |
|
mrfancypants |
User Contributions
|
212 |
805,208 |
04-24-2018, 08:32 PM |
| |
|
Thread: Keyspace List for WPA on Default Routers
Post: RE: Keyspace List for WPA on Default Routers
|
fart-box Wrote: (04-16-2018, 01:17 AM)
--
For anyone who is interested, or for anyone who would like to dig deeper, here is my complete list of keys with the passwords they produce.
Code:
--
... |
|
mrfancypants |
User Contributions
|
212 |
805,208 |
04-20-2018, 10:02 PM |
| |
|
Thread: Keyspace List for WPA on Default Routers
Post: RE: Keyspace List for WPA on Default Routers
|
taxil Wrote: (04-19-2018, 09:29 PM)
--
Is it possible to identify which model is being used for a ATTXXXXXXX AP from a handshake? Specificlly NVG589 vs NVG599 vs neither?
----UPDATE I found my ans... |
|
mrfancypants |
User Contributions
|
212 |
805,208 |
04-20-2018, 09:52 PM |
| |
|
Thread: Keyspace List for WPA on Default Routers
Post: RE: Keyspace List for WPA on Default Routers
|
fart-box Wrote: (04-08-2018, 01:17 AM)
--
On a different note, it seems you have no interest in working with the keys I showed you, or in sharing your complete list of known working ATT passwords. If... |
|
mrfancypants |
User Contributions
|
212 |
805,208 |
04-08-2018, 09:50 PM |
| |
|
Thread: Keyspace List for WPA on Default Routers
Post: RE: Keyspace List for WPA on Default Routers
| Arris TG2472 routers
SSID: 6 hex upper (e.g 89ABCD)
Observed key formats:
?u?d,?1BULACC3?d?d?d?d?d
?u?d,?12ULAED3?d?d?d?d?d
?u?d,?12ULAEG3?d?d?d?d?d
?u?d,?1BUL7583?d?d?d?d?d
?u?d,?1BUL6463?... |
|
mrfancypants |
User Contributions
|
212 |
805,208 |
04-07-2018, 11:23 PM |
| |
|
Thread: Hashcat WPA web UI
Post: RE: Hashcat WPA web UI
| It's similar, but much smaller and lighter (300 lines of code), with no dependencies other than python and hashcat, and aimed at Windows.
I'll take a look at yours. |
|
mrfancypants |
User Contributions
|
2 |
11,109 |
04-07-2018, 10:41 PM |
| |
|
Thread: Hashcat WPA web UI
Post: Hashcat WPA web UI
| If you spend enough time cracking WPA passkeys with hashcat, you may have noticed that handling the grabs is a bit of a hassle. You typically do the grabbing on a laptop and it produces .cap files, bu... |
|
mrfancypants |
User Contributions
|
2 |
11,109 |
04-06-2018, 01:03 AM |
| |
|
Thread: Keyspace List for WPA on Default Routers
Post: RE: Keyspace List for WPA on Default Routers
|
fart-box Wrote: (03-14-2018, 11:08 PM)
--
Acording to my research, regardless of manufacturer or model number, (NVG-589, NVG-599, NVG-510, or 5268ac), all ATT passwords are available from the same gi... |
|
mrfancypants |
User Contributions
|
212 |
805,208 |
03-18-2018, 06:46 AM |
| |
|
Thread: Keyspace List for WPA on Default Routers
Post: RE: Keyspace List for WPA on Default Routers
| I think I got the rounding in the 589 generator correct now.
Code:
--
void genpass589(uint32_t x, unsigned char *psk) {
static const char CHARSET[] = "abcdefghijkmnpqrstuvwxyz23456789#%+=?";
... |
|
mrfancypants |
User Contributions
|
212 |
805,208 |
03-15-2018, 01:51 PM |
| |
|
Thread: Keyspace List for WPA on Default Routers
Post: RE: Keyspace List for WPA on Default Routers
| I'm gone for less than a year and you guys have already added 5 more pages!
Let's recap.
* I am easily distracted.
* AT&T firmwares were ridden with holes and backdoors (even I, not a security ... |
|
mrfancypants |
User Contributions
|
212 |
805,208 |
03-13-2018, 01:47 AM |
| |
|
Thread: Keyspace List for WPA on Default Routers
Post: RE: Keyspace List for WPA on Default Routers
| I am not sure I even understand your difficulty.
Let's take NVG589 specifically. We have an algorithm that takes in a 64-bit integer 'x' and spits out a 12-letter password:
for n in range(0,6):
... |
|
mrfancypants |
User Contributions
|
212 |
805,208 |
08-15-2017, 02:26 AM |
| |
|
Thread: Keyspace List for WPA on Default Routers
Post: RE: Keyspace List for WPA on Default Routers
| Since there are 2.1 billion 599-type passwords and 37^6 ~ 2.6 billion possible 6-character strings, odds are good that there's a 599-type password that starts at any randomly picked 6-char string. So,... |
|
mrfancypants |
User Contributions
|
212 |
805,208 |
07-25-2017, 07:41 AM |
| |
|
Thread: Keyspace List for WPA on Default Routers
Post: RE: Keyspace List for WPA on Default Routers
|
devilsadvocate Wrote: (07-12-2017, 02:52 AM)
--
Regarding the 2 that were almost correctly calculated, the passphrase with the exception of the last 2 characters were guessed correctly, but the last ... |
|
mrfancypants |
User Contributions
|
212 |
805,208 |
07-13-2017, 08:54 PM |
| |
|
Thread: Keyspace List for WPA on Default Routers
Post: RE: Keyspace List for WPA on Default Routers
| That's a 599-type password (my previous code snippet) (some 589s have these) and the complete password should be b=+#gc5qr9gt
https://repl.it/JMbi/4 |
|
mrfancypants |
User Contributions
|
212 |
805,208 |
07-10-2017, 02:37 AM |
| |
|
Thread: Keyspace List for WPA on Default Routers
Post: RE: Keyspace List for WPA on Default Routers
| Give me the first 8 letters of the key from your 589. |
|
mrfancypants |
User Contributions
|
212 |
805,208 |
07-10-2017, 12:07 AM |
