Posts: 723
Threads: 85
Joined: Apr 2011
Posts: 18
Threads: 3
Joined: Jun 2012
Thanks so much for taking the time, some pretty good stuff in there (can't wait to check out Naxxatoe, hopefully it's good).
Posts: 723
Threads: 85
Joined: Apr 2011
(06-10-2012, 11:54 PM)Socapex Wrote: Thanks so much for taking the time, some pretty good stuff in there (can't wait to check out Naxxatoe, hopefully it's good).
You're welcome
There are further links as you go through those pages but I thought it best not to post everything. Any way you seem to have managed to dig down enough to find "Naxxatoe" !
I used to think that HUGE lists were best but I have a completely different view on it now. I prefer small, clean targeted lists rather than the monster overkill ones.
I modify my lists much more than most people would think necessary, I assume some would say I go too far as I remove all prefixed / suffixed numbers and lower case everything. There are many reasons I do this but its a bit long to explain now. atom is completely the opposite to me on this as far as I remember him saying. He uses lists as they are and rules to change them. I like base words and then rules to modify them in a particular way.
You might want to think about that Naxxatoe list, as I can get 30GB of passwords from a very small list when using multi rules.
If you don't know about multi-rules you are in for a treat !
Posts: 21
Threads: 5
Joined: Jun 2012
Posts: 18
Threads: 3
Joined: Jun 2012
06-11-2012, 01:53 AM
(This post was last modified: 06-11-2012, 01:56 AM by Socapex.)
OMG thanks for the scripts! French lists are so hard to find (where accents weren't screwed up). This is very kind I'll definitely share my french dict with correct UTF-8 accents when it's done.
Hash-IT I think I agree (have to test it thoroughly first). As you know I'm just getting up to speed here. My current plan is one huge list of captured passes (Rockyou, phpbb, myspace, facebook, others... occurrence filtered) and then maybe 2 or 3 other mangling lists (names, cities, and words). I used to have one huge list, the first part all sorted by occurrence, the other just a merge of many many lists... As I intend to go after the old 2011 korelogic (just for fun), this will hinder me a lot. I think agility will help considering my hardware.
Any thoughts? Thanks for all the great info BTW guys!
Posts: 723
Threads: 85
Joined: Apr 2011
fizikalac thanks for the contribution, nice find !
@Socapex
I personally keep all my lists individually. However I probably spend too much time on this sort of thing !!
If you put them all into one list you do get the benefit of making sure you have no duplications as you can "sort -u" the whole list (see what I did there ?) However you will have to have some method that is reliable enough to sort a multi GB text file !!
Whatever you do, don't bother with the "Hate List", pure junk !! I cleaned that up and was left with 112MB, I'm not sure how big it was to start with but I remember it was huge.
Posts: 21
Threads: 5
Joined: Jun 2012
It is actually my website, not a find :$ You're welcome. I also prefer custom, small, language specific targeted wordlists.
WARNING: Be careful with sort -u because it can mess up UTF-8 unicode characters in your wordlist! Check if your locale / collation settings are correct before you do such sorting.
Posts: 723
Threads: 85
Joined: Apr 2011
(06-11-2012, 01:39 PM)fizikalac Wrote: It is actually my website, not a find :$ You're welcome. I also prefer custom, small, language specific targeted wordlists.
Nice site !
(06-11-2012, 01:39 PM)fizikalac Wrote: WARNING: Be careful with sort -u because it can mess up UTF-8 unicode characters in your wordlist! Check if your locale / collation settings are correct before you do such sorting.
This is the sort of thing that scares me, I never really know whats going on. I am worried I will ruin my lists, oh I do wish someone would make a new ULM !
Posts: 247
Threads: 59
Joined: Mar 2011
Posts: 1
Threads: 0
Joined: Aug 2015
08-06-2015, 04:42 PM
[Please, I need Help]
Hi there! Hey Hash-IT,
Firstly, forgive-me by my approach once I don't know you. Indeed, I'm a newbie here .
I need to discover, decrypt I meant, wifi WPA2PSK AES password. Have laptop, with OS win7 pro x64 pach1 and adapter intel Centrino Advanced N6205 15.15.0.1 from 17/11/2014 [driver], with also WinPcap and WinDump installed.
Also have Elcomsoft Wireless Security Auditor and Proactive Password Recovery , AirPcap (Riverbed) both installed, but not have the usb wifi device capture (Riverbed), so, what is the same of has nothing installed.
Therefore, I have downloaded oclhashcat-1.20 up to 1-36, but, with none skills to operate it. But at other hand, once guidance is received, with a huge easily to learn up fast.
I have the router manufactory name and device model, I know that the target is a 10 digit password, numbers and letters or only numbers and I already discover, the MAC number, HEX key, plus the full web address of "patient's router", saved in .xml file.
Hope may hear from you soon.
Thanks in advance.
Ozerov
(06-11-2012, 12:08 AM)Hash-IT Wrote: (06-10-2012, 11:54 PM)Socapex Wrote: Thanks so much for taking the time, some pretty good stuff in there (can't wait to check out Naxxatoe, hopefully it's good).
You're welcome
There are further links as you go through those pages but I thought it best not to post everything. Any way you seem to have managed to dig down enough to find "Naxxatoe" !
I used to think that HUGE lists were best but I have a completely different view on it now. I prefer small, clean targeted lists rather than the monster overkill ones.
I modify my lists much more than most people would think necessary, I assume some would say I go too far as I remove all prefixed / suffixed numbers and lower case everything. There are many reasons I do this but its a bit long to explain now. atom is completely the opposite to me on this as far as I remember him saying. He uses lists as they are and rules to change them. I like base words and then rules to modify them in a particular way.
You might want to think about that Naxxatoe list, as I can get 30GB of passwords from a very small list when using multi rules.
If you don't know about multi-rules you are in for a treat !
|