.

WordList

<<

prats84

User avatar

Jr. Member
Jr. Member

Posts: 73

Joined: Thu Nov 18, 2010 7:03 pm

Post Fri Oct 05, 2012 3:26 am

Re: WordList

Recently I have been having issues cracking some of the hashes.
After about a 4 days running a attack found the hash and as such was a german word written in english.

So I have started to make list of some comman words in couple languages like german, french and adding complexity to them... and creating a list.

Anyone got some better solutions
Image
<<

cyber.spirit

User avatar

Sr. Member
Sr. Member

Posts: 356

Joined: Sun Feb 26, 2012 8:07 am

Location: in your heart!

Post Fri Oct 05, 2012 3:39 am

Re: WordList

BruteForce attacks are much better than dictionary attacks totally because of many reasons such as wordlist doesnt include all of words, it takes much more time to crack the password and so on.

However you can find good wordlists here:
http://www.skullsecurity.org/wiki/index.php/Passwords/

But u perform dictionary or bruteforce attack use the ncrack tool first. Its a very fast pass cracker open terminal in backtrack and type this command:

Ncrack -v --user <username><target address>:<service port>

Example:
Ncrack -v --user admin 127.0.0.1:21

Goodluck and let me know if u have any problem.

CyberSpirit
Last edited by cyber.spirit on Fri Oct 05, 2012 3:41 am, edited 1 time in total.
ICS Academy Network Security Certified
<<

prats84

User avatar

Jr. Member
Jr. Member

Posts: 73

Joined: Thu Nov 18, 2010 7:03 pm

Post Fri Oct 05, 2012 4:24 am

Re: WordList

Not really a fan of live bruteforce attack.
issue with live attach is most apps would suspend the user account if multiple failed attempts in short time.
Some apps/services could also suspend a IP and log it the admin.
Image
<<

shadowzero

User avatar

Full Member
Full Member

Posts: 120

Joined: Sat Jun 02, 2012 10:03 pm

Post Fri Oct 05, 2012 10:19 am

Re: WordList

ncrack is actually no longer under development (http://seclists.org/nmap-dev/2012/q3/605). Hydra and medusa are still supported, so we'll continue to see bugfixes and enhancements.

Here are some comparisons on their performance:
http://www.thc.org/thc-hydra/network_pa ... rison.html
http://www.foofus.net/~jmk/medusa/medusa-compare.html
<<

cyber.spirit

User avatar

Sr. Member
Sr. Member

Posts: 356

Joined: Sun Feb 26, 2012 8:07 am

Location: in your heart!

Post Fri Oct 05, 2012 4:19 pm

Re: WordList

shadowzero wrote:ncrack is actually no longer under development (http://seclists.org/nmap-dev/2012/q3/605). Hydra and medusa are still supported, so we'll continue to see bugfixes and enhancements.

Here are some comparisons on their performance:
http://www.thc.org/thc-hydra/network_pa ... rison.html
http://www.foofus.net/~jmk/medusa/medusa-compare.html

You are right about ncrack but it doesnt that ncrack is useless. U can stil use it and hydra is a pro cracker as i've mentioned before i just want him/her to search for some chances with ncrack so fast then if he failed he can perform dict or bruteforce attack.
ICS Academy Network Security Certified
<<

Yet

Jr. Member
Jr. Member

Posts: 70

Joined: Fri Aug 03, 2012 4:40 pm

Post Fri Oct 05, 2012 6:46 pm

Re: WordList

Hmm you don't need to ask those questions, simple say no period, don't make big deal out of nothing .



author=m0wgli link=topic=9334.msg52552#msg52552 date=1349425123]
Yet wrote:Hey is it possible for you to share? i mean no offensive .


No offense, but remember you're on the ethicalhacker.net forums, the keyword here being "ethical".

If you want it, is $4.99 really too much to pay?
[/quote]
<<

venom77

User avatar

Hero Member
Hero Member

Posts: 1905

Joined: Mon Dec 11, 2006 3:23 pm

Post Thu Oct 18, 2012 8:25 am

Re: WordList

No.
Previous

Return to Other

Who is online

Users browsing this forum: No registered users and 1 guest

cron
.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software