The Ethical Hacker Network

prats84

Newbie

Offline

Posts: 41

Re: WordList

« Reply #15 on: October 05, 2012, 03:26:12 AM »

Recently I have been having issues cracking some of the hashes.
After about a 4 days running a attack found the hash and as such was a german word written in english.

So I have started to make list of some comman words in couple languages like german, french and adding complexity to them... and creating a list.

Anyone got some better solutions


	Logged

Cyber.spirit

Sr. Member

Offline

Posts: 351

The World is sick, Save your mind...

Re: WordList

« Reply #16 on: October 05, 2012, 03:39:13 AM »

BruteForce attacks are much better than dictionary attacks totally because of many reasons such as wordlist doesnt include all of words, it takes much more time to crack the password and so on.

However you can find good wordlists here:
http://www.skullsecurity.org/wiki/index.php/Passwords/

But u perform dictionary or bruteforce attack use the ncrack tool first. Its a very fast pass cracker open terminal in backtrack and type this command:

Ncrack -v --user <username><target address>:<service port>

Example:
Ncrack -v --user admin 127.0.0.1:21

Goodluck and let me know if u have any problem.

CyberSpirit


« Last Edit: October 05, 2012, 03:41:36 AM by Cyber.spirit »	Logged

ICS Academy Network Security Certified

prats84

Newbie

Offline

Posts: 41

Re: WordList

« Reply #17 on: October 05, 2012, 04:24:01 AM »

Not really a fan of live bruteforce attack.
issue with live attach is most apps would suspend the user account if multiple failed attempts in short time.
Some apps/services could also suspend a IP and log it the admin.


	Logged

shadowzero

Full Member

Offline

Posts: 120

It's a UNIX system, I know this!

Re: WordList

« Reply #18 on: October 05, 2012, 10:19:59 AM »

ncrack is actually no longer under development (http://seclists.org/nmap-dev/2012/q3/605). Hydra and medusa are still supported, so we'll continue to see bugfixes and enhancements.

Here are some comparisons on their performance:
http://www.thc.org/thc-hydra/network_password_cracker_comparison.html
http://www.foofus.net/~jmk/medusa/medusa-compare.html


	Logged

Cyber.spirit

Sr. Member

Offline

Posts: 351

The World is sick, Save your mind...

Re: WordList

« Reply #19 on: October 05, 2012, 04:19:23 PM »

Quote from: shadowzero on October 05, 2012, 10:19:59 AM

You are right about ncrack but it doesnt that ncrack is useless. U can stil use it and hydra is a pro cracker as i've mentioned before i just want him/her to search for some chances with ncrack so fast then if he failed he can perform dict or bruteforce attack.


	Logged

ICS Academy Network Security Certified

Yet

Jr. Member

Offline

Posts: 70

Re: WordList

« Reply #20 on: October 05, 2012, 06:46:00 PM »

Hmm you don't need to ask those questions, simple say no period, don't make big deal out of nothing .

author=m0wgli link=topic=9334.msg52552#msg52552 date=1349425123]

Quote from: Yet on October 04, 2012, 10:31:13 PM

Hey is it possible for you to share? i mean no offensive .

No offense, but remember you're on the ethicalhacker.net forums, the keyword here being "ethical".

If you want it, is $4.99 really too much to pay?
[/quote]


	Logged

BillV

Hero Member

Offline

Posts: 1892

Re: WordList

« Reply #21 on: October 18, 2012, 08:25:32 AM »

No.


	Logged

Pages: 1 [2] Go Up

« previous next »