hashcat Forum Misc User Contributions v
Keyspace List for WPA on Default Routers

Threaded Mode
Keyspace List for WPA on Default Routers
drsnooker Offline
Member
***
Posts: 98
Threads: 2
Joined: Jul 2016
#201
01-19-2023, 09:26 PM
(01-19-2023, 06:56 PM)alexmax62 Wrote: Do you have default keyspace for ZTE routers - ZXHN F680?

Hmm, a google image search shows 12 chars ?l?d
But there also seems to be 8 chars ?u?l?d but that might be an older model.
Probably need to develop a keygen unless you got some serious hardware!
Find
Reply
TwoLargePizzas Offline
Junior Member
**
Posts: 1
Threads: 0
Joined: May 2023
#202
05-02-2023, 09:33 AM
More from Australia
TP-Link VX420-G2v: (TPG NBN bundled WiFi 6 modem, quite common)
WiFi-XXXX [0-9][len8]
WiFi-XXXX-5G [0-9][len8]

TP-Link AX1500:
TP-LINK_XXXX [0-9][len8]
TP-LINK_XXXX_5G [0-9][len8]

TelstraXXXX [0-9][len10]
TelstraXXXXXX [0-9a-z][len10]
TelstraXXXXXX-5G [0-9a-z][len10]

BelongXXXXXX [0-9a-z][len12]
BelongXXXXXX-5G [0-9a-z][len12]
Find
Reply
calexico Offline
Junior Member
**
Posts: 16
Threads: 1
Joined: Mar 2016
#203
07-02-2023, 09:48 PM (This post was last modified: 07-02-2023, 09:48 PM by calexico.)
(07-02-2023, 08:32 PM)drsnooker Wrote: July 2023 update on the zyxel keygens
...

Wow, amazing work, thanks Dr. Snooker, et al
Find
Reply
brahim7 Offline
Junior Member
**
Posts: 9
Threads: 3
Joined: Dec 2023
#204
12-09-2023, 12:12 AM
Can anyone figure out how they generate password
Or what type of hash
[Image: Screenshot-20231208-220001-You-Tube.jpg]
[Image: 20231208-215623.jpg]
[Image: 20231208-215053.jpg]
[Image: img-2-1702062517125.jpg]
Find
Reply
drsnooker Offline
Member
***
Posts: 98
Threads: 2
Joined: Jul 2016
#205
12-09-2023, 05:52 AM
Last I looked ZTE does not include their keygen in the firmware. Next to impossible to guess the hashing mechanism without it.
Find
Reply
drsnooker Offline
Member
***
Posts: 98
Threads: 2
Joined: Jul 2016
#206
12-11-2023, 08:30 PM
But if you do find a ZTE (or Huawei) firmware that does include the keygen, please post it here. A lot of people are interested in them!
Find
Reply
brahim7 Offline
Junior Member
**
Posts: 9
Threads: 3
Joined: Dec 2023
#207
12-12-2023, 12:10 PM
(12-11-2023, 08:30 PM)drsnooker Wrote: But if you do find a ZTE (or Huawei) firmware that does include the keygen, please post it here. A lot of people are interested in them!

Normal firmware from website or that who extracted by special tools
?
Find
Reply
brahim7 Offline
Junior Member
**
Posts: 9
Threads: 3
Joined: Dec 2023
#208
12-12-2023, 02:44 PM
This router use a specific table to convert ssid to password
Can you explain to me how this schema work

[Image: s-l1600.jpg]

[Image: 20231212-124301.jpg]
Find
Reply
ZerBea Offline
Moderator
*****
Posts: 1,013
Threads: 2
Joined: Jun 2017
#209
12-12-2023, 03:02 PM (This post was last modified: 12-12-2023, 03:08 PM by ZerBea.)
It is not a translation table. The last 3 bytes of the MAC (ebd340) are negated.
Take a look at the source code of hcxpsktool:
https://github.com/ZerBea/hcxtools/blob/...ol.c#L2489

More algo's are here:
https://github.com/routerkeygen/routerke...algorithms
Find
Reply
drsnooker Offline
Member
***
Posts: 98
Threads: 2
Joined: Jul 2016
#210
12-12-2023, 08:03 PM
(12-12-2023, 12:10 PM)brahim7 Wrote: Normal firmware from website or that who extracted by special tools?

The firmware from various websites that do include a "reset to factory defaults" function pull the WIFI password from NVRAM rather than recalculate it from a seed. That does not mean the keygen is not included on the physical hardware, but far less likely.
Find
Reply