WordList

Viewing 21 reply threads
  • Author
    Posts
    • #7941
      Yet
      Participant

      Hello, please i wanted to buy Dictionary Wordlist does anyone have good idea, where i can get one? thus i saw this UNIQPASS i don’t know if anyone have used it before? also i get few questions about JtR can i crack many hashes in one list at once ? i mean all the hashes put together .

    • #50234
      MaXe
      Participant

      This company is famous for selling rainbow tables:
      http://www.objectif-securite.ch/en/products.php

      (It’s even mentioned in a GIAC certification.)

    • #50235
      Yet
      Participant

      Thanks but it’s for big men .

      @MaXe wrote:

      This company is famous for selling rainbow tables:
      http://www.objectif-securite.ch/en/products.php

      (It’s even mentioned in a GIAC certification.)

    • #50236
      MaXe
      Participant

      Big men?  ;D If you work for a company, get them to buy it for you in case you have a legitimate business purpose for using rainbow tables. (We have several rainbow tables.)

      Anyway, there’s plenty other places you can obtain wordlists (or rainbow tables) from, and since I forget where they are, I would start with Google and Twitter.

      Make sure you search for what you are looking for. There’s a difference between using wordlists (online bruteforcing) and rainbow tables (offline cracking).

    • #50237
      Jamie.R
      Participant

      If you just want word list then do a Google search there are a lot on a site cant remember full name skull security it might be. They have some good word list on that alternative you can buy them from the people behind john the ripper.

    • #50238
      Yet
      Participant

      Yeah that was where i found this UNIQPASS, but also can someone tell me if JtR can crack more than one hashes at a time?

    • #50239
      MaXe
      Participant

      @Yet wrote:

      Yeah that was where i found this UNIQPASS, but also can someone tell me if JtR can crack more than one hashes at a time?

      As the CPU is working sequentially, but you can have 4 cores trying to crack 4 hashes at a time, the answer is yes and no. John however, works sequentially, and if you supply it with a list of hashes, it will try to crack the first hash in the list first.

    • #50240
      superkojiman
      Participant

      skullsecurity.org has a large list of dictionaries: http://www.skullsecurity.org/wiki/index.php/Passwords

    • #50241
      cd1zz
      Participant
    • #50242
      BillV
      Participant

      I have uniqpass – I haven’t had an opportunity to use it enough to really form an opinion on it yet. What little I have used it, I haven’t been too impressed – more so in the fact of what it missed that other wordlists I have identified.

    • #50243
      rance
      Participant

      I’ve got some specialized wordlists here: http://stormthe.net/wordlists

    • #50244
      Yet
      Participant

      Wow thanks guys this is really huge .

    • #50245
      Malachai
      Participant

      Thank you… that was great links… Will have to check them out.

    • #50246
      Yet
      Participant

      Hey is it possible for you to share? i mean no offensive .

      @BillV wrote:

      I have uniqpass – I haven’t had an opportunity to use it enough to really form an opinion on it yet. What little I have used it, I haven’t been too impressed – more so in the fact of what it missed that other wordlists I have identified.

    • #50247
      m0wgli
      Participant

      @Yet wrote:

      Hey is it possible for you to share? i mean no offensive .

      No offense, but remember you’re on the ethicalhacker.net forums, the keyword here being “ethical”.

      If you want it, is $4.99 really too much to pay?

    • #50248
      prats84
      Participant

      Recently I have been having issues cracking some of the hashes.
      After about a 4 days running a attack found the hash and as such was a german word written in english.

      So I have started to make list of some comman words in couple languages like german, french and adding complexity to them… and creating a list.

      Anyone got some better solutions

    • #50249
      cyber.spirit
      Participant

      BruteForce attacks are much better than dictionary attacks totally because of many reasons such as wordlist doesnt include all of words, it takes much more time to crack the password and so on.

      However you can find good wordlists here:
      http://www.skullsecurity.org/wiki/index.php/Passwords/

      But u perform dictionary or bruteforce attack use the ncrack tool first. Its a very fast pass cracker open terminal in backtrack and type this command:

      Ncrack -v –user :

      Example:
      Ncrack -v –user admin 127.0.0.1:21

      Goodluck and let me know if u have any problem.

      CyberSpirit

    • #50250
      prats84
      Participant

      Not really a fan of live bruteforce attack.
      issue with live attach is most apps would suspend the user account if multiple failed attempts in short time.
      Some apps/services could also suspend a IP and log it the admin.

    • #50251
      shadowzero
      Participant

      ncrack is actually no longer under development (http://seclists.org/nmap-dev/2012/q3/605). Hydra and medusa are still supported, so we’ll continue to see bugfixes and enhancements.

      Here are some comparisons on their performance:
      http://www.thc.org/thc-hydra/network_password_cracker_comparison.html
      http://www.foofus.net/~jmk/medusa/medusa-compare.html

    • #50252
      cyber.spirit
      Participant

      @shadowzero wrote:

      ncrack is actually no longer under development (http://seclists.org/nmap-dev/2012/q3/605). Hydra and medusa are still supported, so we’ll continue to see bugfixes and enhancements.

      Here are some comparisons on their performance:
      http://www.thc.org/thc-hydra/network_password_cracker_comparison.html
      http://www.foofus.net/~jmk/medusa/medusa-compare.html

      You are right about ncrack but it doesnt that ncrack is useless. U can stil use it and hydra is a pro cracker as i’ve mentioned before i just want him/her to search for some chances with ncrack so fast then if he failed he can perform dict or bruteforce attack.

    • #50253
      Yet
      Participant

      Hmm you don’t need to ask those questions, simple say no period, don’t make big deal out of nothing .

      author=m0wgli link=topic=9334.msg52552#msg52552 date=1349425123]
      @Yet wrote:

      Hey is it possible for you to share? i mean no offensive .

      No offense, but remember you’re on the ethicalhacker.net forums, the keyword here being “ethical”.

      If you want it, is $4.99 really too much to pay?
      [/quote]

    • #50254
      BillV
      Participant

      No.

Viewing 21 reply threads
  • You must be logged in to reply to this topic.

Copyright ©2021 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.

Sending

Sign in with Caendra

Forgot password?Sign up

Forgot your details?