Keyspace List for WPA on Default Routers
(04-08-2018, 01:17 AM)fart-box Wrote: On a different note, it seems you have no interest in working with the keys I showed you, or in sharing your complete list of known working ATT passwords. If this is the case, please let me know so I can move on to other projects.

Did you show me something? You made a somewhat cryptic post a couple of weeks ago, but did not elaborate when I asked for clarification. I'd like to get 5268s cracked, but it's on my backburner, because my last attempt did not go anywhere and I haven't gotten any new data since I tried it last.

Here's my complete list of ATT passwords: https://pastebin.com/KewK10uf
Reply
Is it possible to identify which model is being used for a ATTXXXXXXX AP from a handshake? Specificlly NVG589 vs NVG599 vs neither?

----UPDATE I found my answer, I was able to search the packet bytes for strings = NVG589, NVG599
Reply
(04-19-2018, 09:29 PM)taxil Wrote: Is it possible to identify which model is being used for a ATTXXXXXXX AP from a handshake? Specificlly NVG589 vs NVG599 vs neither?

----UPDATE I found my answer, I was able to search the packet bytes for strings = NVG589, NVG599

If it has digits at positions 4,6,8,10: probably NVG589
If it has a letter at the position 4: probably NVG599 or more recent
If it has a digit at 4 but at least one letter at 6, 8, and 10: probably 5268AC

You can also run the first 3 bytes of the MAC through OUI lookup; 5268AC will return as 'Pace' and NVGxxx will return as 'Arris'
Reply
(04-16-2018, 01:17 AM)fart-box Wrote: For anyone who is interested, or for anyone who would like to dig deeper, here is my complete list of keys with the passwords they produce.


Code:
4283457191012690433     2c7p482e7w3=
4286567750714385920     2dsmmcf4=%ya
5431393268271177728     8vvjgyf8a%zs
5438089164362080601     8w%6uk#ypk7a

I see what you're saying. Unfortunately, I am almost certain that it is not how 5268AC passwords are generated.

There are certain features in their passwords that can't arise naturally if they just generate a key in some unknown way and then convert it into a password the way it's done for 599s. Here are three features that I've verified with high confidence:

* There are never more than three letters in a row
* There are never two non-alphanumeric symbols next to each other
* The last character is always alphanumeric

For example, it is statistically impossible to have no four-letter sequences the middle of the password, unless you actively prevent that from happening. Since letters comprise 24 out of 37 possible symbols, there should be about a 18% chance ( (24/37)^4 ) for any four consecutive symbols to be letters at the same time. Even if digits are oversampled, there should be lots of 4 and 5 letter sequences.  I've collected something like 50 passwords in the last few days alone, by going through every eBay listing with a photo, and, by random chance, there should be dozens of 4-letter subsequences among them. There were exactly zero.

You see the same thing with their SSIDs. There, it's even more unlikely: charset size 57 or 58, only 8 of them digits, but you never see more than 3 letters in a row: usually there's a digit at #4 and another at #8.

[Though here's something really strange. I do have two 5268AC passwords which do have 4 letters in a row, in both cases it's at the very end: '7t5c3ws=iqhq' and '9s2vac8?jeqt'. I've even downloaded the caps and personally verified them. Both were reported by Wolfe at hashkiller.]

I suspect that they do some kind of context-switching, changing charsets at each symbol depending on previously generated symbols. (You are assuming in your calculations that the charset is the same 37 characters at every location.) Without knowing the exact rules and the exact charsets, it's tough to figure out what keys are supposed to be. I tried to work out charsets through statistics, but results are confusing.

I'd really like to ping Wolfe and ask him how he did it, but they won't let me use PMs on hashkiller, my reputation's too low..
Reply
Hi, I'm sure most of the folks following this thread already know about this:
http://www.nomotion.net/blog/sharknatto/
Does someone with this service happen to do/download firmware image? If yes, please put it somewhere online so we can examine this a bit...
Reply
I found those:
https://mirrors.napshome.net/ATTGatewayFirmware/
Checked several of the images, they are easy extracted with recent version of binwalk like this:
binwalk -eM [fw.image.bin]
Of course, hw specific info is stored in NVRAM, so no separate file in image Smile
Those in 599 dir come with default ESSID in form Frontier[last 4 bytes from SN][_5G]
Two utilities reference function to get wpa key: sdb and cwmpsuper(for TR-69 provisioning). This happens with system.mfg-wireless-key.
Those utilities import both md5 and sha1, also AES, so if there is algo implemented in them, those can be used in it.
Gave a quick look, nothing interesting. Those are stripped, so it will require more digging.
For now I think the default PSK and SN are written in the factory, which is better from security point of view. This doesn't mean we cant reduce the keyspace further, eg. like in Thomson case.
Reply
(04-23-2018, 01:04 AM)fart-box Wrote: And one last thing regarding four alpha characters in a row... The last character in the password is added to the key, almost as an afterthought, at the end of the key building process, that's why four characters in a row can happen at the end of a password.

In other words, an eleven character key is built, (which shares a common divisor with all other keys), then the key is modified by adding one more character, making it so there's no common divisor/multiplier.

What makes you say that?
Reply
Well, I found the answer to my local Ubee problem. It seems someone's been tampering with the model numbers prior to distribution.

And Soxrok2212, I finally had a half hour to play with Fancy. I was expecting to see output streaming through my terminal, but all I got was the help screen. I've probably done something stupid, but I did follow your printed instructions.
Reply
I'm guessing you made a typo somewhere? I just checked the fancy branch and ran pskracker from the local directory and had no problems.

"a" is just an arbitrary test key to check that the output works. I would recommend running on a linux system, or a windows system with git installed and clone the repo that way. Then just
Code:
git checkout fancy
make clean
make
./pskracker -t att -f | grep "a"
to switch to the new branch, remove old version from local directory, compile fancy version, and run it. Just replace "a" with your keys.
Reply
(05-06-2018, 04:34 AM)soxrok2212 Wrote: ./pskracker -t att -f | grep "a"

Again, that did not work for me. I did resolve the problem though. Without the '-f' (force) option, the program is running smoothly.

Thanks again, I know you've been busy!
Reply