Preferences on cracking dictionaries?

General technological topics without their own forum go here

Preferences on cracking dictionaries?

Post by hellow533 on Fri Apr 19, 2013 3:43 pm
([msg=75226]see Preferences on cracking dictionaries?[/msg])

I know of a ton of dictionaries I can use, but does anybody have an actual preference?
“Teach me how to hack!”
"What, like, with an axe?"
User avatar
hellow533
Contributor
Contributor
 
Posts: 508
Joined: Thu Jan 29, 2009 3:27 pm
Blog: View Blog (0)


Re: Preferences on cracking dictionaries?

Post by brutal_hacker on Fri Apr 19, 2013 4:01 pm
([msg=75228]see Re: Preferences on cracking dictionaries?[/msg])

Alot of people these days just mix and match. So it doesn't tend to be just one list it may be multiple lists put together. Also depends on purpose. I have my own list that consists of a standard dictionary I picked up years ago and just kept adding to it. It also contains every default password for pretty much all machines routers etc.

Some people do spend time making modern dictionaries based on bands mixed with numbers or modern phrases that may be popular. I personally don't have the time for it lol.

You could always point your cursor over to here http://www.skullsecurity.org/wiki/index.php/Passwords its not overly outdated but it is a few years old
brutal_hacker
Experienced User
Experienced User
 
Posts: 58
Joined: Fri Apr 19, 2013 1:03 pm
Blog: View Blog (0)


Re: Preferences on cracking dictionaries?

Post by hellow533 on Fri Apr 19, 2013 4:40 pm
([msg=75231]see Re: Preferences on cracking dictionaries?[/msg])

Looks nice, I'll add the Cain one to my list of dictionaries.
“Teach me how to hack!”
"What, like, with an axe?"
User avatar
hellow533
Contributor
Contributor
 
Posts: 508
Joined: Thu Jan 29, 2009 3:27 pm
Blog: View Blog (0)


Re: Preferences on cracking dictionaries?

Post by sordidarchetype on Fri Apr 19, 2013 6:51 pm
([msg=75233]see Re: Preferences on cracking dictionaries?[/msg])

It's always a good idea to roll your own, but a very nice place to start is the public dictionary at crackstation. It's 4.5 GB compressed. It is every cracked password they could find from all the major password leaks on the net. That should be some good ammo to get you going.
User avatar
sordidarchetype
New User
New User
 
Posts: 47
Joined: Wed Dec 22, 2010 12:46 pm
Blog: View Blog (0)


Re: Preferences on cracking dictionaries?

Post by limdis on Thu Apr 25, 2013 1:30 pm
([msg=75370]see Re: Preferences on cracking dictionaries?[/msg])

Take your time with dictionaries and craft your own based off your target. If that fails then go with your massive (insert number) gig generic ones. But as far as preference for those, not really. A lot of places claim to have the biggest and best. Well, sometimes and you don't want 500gig word lists. Plus they take forever to run.
But, take note of those submitted by users that harvested them themselves. Don't ask the source because most of the time you don't want to know. Recently cracked lists tend to hold a lot of frequently and recently used passwords.
"The quieter you become, the more you are able to hear..."
"Drink all the booze, hack all the things."
User avatar
limdis
Moderator
Moderator
 
Posts: 1384
Joined: Mon Jun 28, 2010 5:45 pm
Blog: View Blog (0)


Re: Preferences on cracking dictionaries?

Post by -Ninjex- on Thu Apr 25, 2013 7:55 pm
([msg=75384]see Re: Preferences on cracking dictionaries?[/msg])

limdis wrote:Take your time with dictionaries and craft your own based off your target. If that fails then go with your massive (insert number) gig generic ones. But as far as preference for those, not really. A lot of places claim to have the biggest and best. Well, sometimes and you don't want 500gig word lists. Plus they take forever to run.
But, take note of those submitted by users that harvested them themselves. Don't ask the source because most of the time you don't want to know. Recently cracked lists tend to hold a lot of frequently and recently used passwords.



Here is a post I made not too long ago, along the lines of what limdis was saying...

viewtopic.php?f=37&t=9909
If you're not willing to learn, no one can help you. If you're determined to learn, no one can stop you.⠠⠵
The absence of evidence is not evidence of absence.
I can explain it for you, but I can't understand it for you.
User avatar
-Ninjex-
Addict
Addict
 
Posts: 1342
Joined: Sun Sep 02, 2012 8:02 pm
Blog: View Blog (0)


Re: Preferences on cracking dictionaries?

Post by hellow533 on Thu Apr 25, 2013 10:36 pm
([msg=75391]see Re: Preferences on cracking dictionaries?[/msg])

I have two lists that I use plus a list I made which makes 3 total. All together they take maybe 30 minutes to run under the most impossible settings (namely case perms, that's the only thing that holds the dictionary back).

596a96cc7bf9108cd896f33c44aedc8a md5
12 seconds dictionary attack, brute force took 3 minutes 6 seconds with Cain (lower case only, running windows on this computer and Cain isn't really the quickest cracker.)
It all depends, a 5 digit password will be cracked far quicker with brute force than a 12 digit, which would be favorable to a dictionary attack first. Though, you never know how many digits, so generally I run a go through with a dictionary attack, if not that I'll brute force it for a couple hours or over night. If not done by then fuck it.
“Teach me how to hack!”
"What, like, with an axe?"
User avatar
hellow533
Contributor
Contributor
 
Posts: 508
Joined: Thu Jan 29, 2009 3:27 pm
Blog: View Blog (0)


Re: Preferences on cracking dictionaries?

Post by 3vilp4wn on Thu Apr 25, 2013 10:47 pm
([msg=75392]see Re: Preferences on cracking dictionaries?[/msg])

hellow533 wrote:30 minutes to run [sinp] 596a96cc7bf9108cd896f33c44aedc8a md5
12 seconds dictionary attack
brute force took 3 minutes 6 seconds


My time was 30 seconds
steps:
1.) Type http://tools.benramsey.com/md5/ into firefox (I usually use http://md5.noisette.ch, but it was down :( )
2.) Input "596a96cc7bf9108cd896f33c44aedc8a"
3.) ???
4.) PROFIT!!!

The password is "fuckyou"
Do not mistake understanding for realization, and do not mistake realization for liberation
Evil Ninja Hackers
???
٩(͡๏̯͡๏)۶

1A4EAMboaXpgvUSmtRbVRqbfJrbyuGhyoo
User avatar
3vilp4wn
Poster
Poster
 
Posts: 144
Joined: Sun Feb 10, 2013 2:05 am
Location: The darkness.
Blog: View Blog (0)


Re: Preferences on cracking dictionaries?

Post by 0phidian on Thu Apr 25, 2013 11:39 pm
([msg=75396]see Re: Preferences on cracking dictionaries?[/msg])

3vilp4wn wrote:
hellow533 wrote:30 minutes to run [sinp] 596a96cc7bf9108cd896f33c44aedc8a md5
12 seconds dictionary attack
brute force took 3 minutes 6 seconds


My time was 30 seconds
steps:
1.) Type http://tools.benramsey.com/md5/ into firefox (I usually use http://md5.noisette.ch, but it was down :( )
2.) Input "596a96cc7bf9108cd896f33c44aedc8a"
3.) ???
4.) PROFIT!!!

The password is "fuckyou"


Looking up the hashes is definetly much faster than a standard dictionary attack. It took me literaly 1 second to crack using the method in the article I wrote, and thats without even using threads. Took 5 seconds with a standard dictionary attack. Note: the wordlist I used was only about 12mbs.(I usually use smaller dictionaries dependent on the target like limdis said)
User avatar
0phidian
Poster
Poster
 
Posts: 270
Joined: Sat Jun 16, 2012 7:04 pm
Blog: View Blog (0)



Return to General

Who is online

Users browsing this forum: No registered users and 0 guests