Jump to content

undersc0re

Active Members
  • Posts

    18
  • Joined

  • Last visited

Everything posted by undersc0re

  1. Thanks, I could not find if there was a command for both random numerals and uppercase for last 5 characters so I just typed out characters for it to use (A-Z and 0-9, thought there was a shortcut....gave up lol.
  2. I am attempting to make a password file in crunch in one command, I need it to be 12 characters long and always start with 0MGSM2 those first 6 characters always the same and the 7th character always being a random digit and then the last 5 characters are a mix of uppercase letters and or digits random placed. Is there one command to do this in crunch or would I have to make multiple lists and just join them together? I tried to do it from the man page and googling but can not seem to get this one. Thank-you.
  3. undersc0re

    Crunch

    It is a large provider in Canada that uses this pattern on just one of their wireless modem models. I use password files because I do not have a gpu on my cheap laptop and it is very limited with its old cpu and ram, so I try to increase performance by making password files on my persistence stick to save ram and cpu resources, I honestly have no idea if that helps as I have not compared other ways against my method, It took me a while but I have my pwd file figured out now...trial and error. I have managed to convince many local people to change their wireless passwords, especially when I tell them what can happen when some devious young kid plays on their home network when they connect to it...
  4. I have a used mark V for sale as well, bc, canada.
  5. If it is an option you could get yourself a decent usb stick and install kali on it with persistence so it saves your settings and files, once set up you just boot the computer from usb stick. As long as the stick has half decent speed and amount of memory it should work great. When you mess it up just download the latest weekly kali image and start over! I have not tried booting it on different computers all of the time, I just use my one cheap laptop, so not sure if changing computers messes up the settings or drivers somehow. If your new at it just google videos on how to make a kali persistence stick in a windows environment. I am assuming you have some sort of computer already.
  6. I used crunch to make 4 seperate password files, was not sure how to do all that I wanted with just one crunch command for one file. I then run those password files just through aircrack/cpu. Very basic and straight forward, nothing fancy. When you say exact length, I assume you mean the password length, yes it is always 12 characters. So when I made one of the files i just did --> crunch 12 12 -o START -b 50 -t 25115,0%%%%% <-- i just wanted to keep the files less than 50mb. I guess I could have run crunch with aircrack so as not to need store files, not sure if its much of an advantage, I have lots of storage space on my persistence usb stick. digip, i like that computer case you posted up above there, you should incorporate hepa filters and a carbon filter, this way you can have an air purifier and computer in one, must move a lot of air with that case.
  7. You said laughable security, well I just found out that if the password does contain a letter, it will be the sixth character only and it will be A-F. So that makes it easy for anyone with a cheap laptop to crack via just a cpu with aircrack. The sixth character discovery is just what I have found from 4 different modem/routers of this type from the same internet provider. I would assume they know about this poor security. Amazing how a little bit of investigating can help you taylor a password list, and make it quicker to crack. So it seems uncrackable at first with there being 12 character but then you find out the first 4 characters are always the same, the 5th is usually one of 2 maybe 3 numbers, not sure yet, the 6th can be an uppercase letter or number, the 7th is always a zero, and the last 5 characters so far seem to be random numbers. It would be neat to know how the password is spit out for these things by the computer, how and why it decides which characters to use where.
  8. It is not the only router model they use, they use a couple others as well. The router they use with phone and tv are different and I am not sure how those are done. It seems very insecure, but it is just the default password and the end user is ultimately responsible to change it, although when I set mine up there was nothing in bold or obvious that the default password should be changed asap. It did not take me long to figure this out, so your average tech savvy high school kid or gamer guy could easily get some free internet, or even worse, illegal activity on anothers internet. I am sure the provider and their it department could hunt down that "bad guy" and his computer somewhere down the line unless he is very very careful lol. Is aircrack and hashcat about the same speed at cracking a wpa2 handshake using just an average cpu only? I am sure a 10 core cpu would blow away my 2 core lol.
  9. Wow, so far the letters I have found to be uppercase A to F in my findings as well which would make it easier, I have to see a few more with letters mixed in the password to feel a little more sure about that fact. It would be neat to see oclhashcat fly through a large password list or crack a hash in record time but I can not afford to spend a lot of money on new devices just for that lol. I was hoping I could add a cheap video card to my cheap laptop, seems like that is a no go so far.
  10. So, say with hashcat you get 160,000 k/s and I get 1900 with aircrack, thats huge! Now what would a gamer with a good system and an nvidia 1080 get for k/s for a wpa2 handshake in hashcat? Is there a way to plug a video card into an old laptop via the usb, like you would an external storage drive, except have an external video card, just wondering if they sell something like that. I am sure it would be silly idea for a few reasons especially speed restrictions. I did some recon as you suggested on certain routers models and found that local provider passwords always have 2511 at the beginning and then 8 more characters being uppercase letters and numerals with the 5th character being a 4,5, or 6 and the 7th character being a zero all the time. In about 65% of the cases being all digits no letters, which could make an attackers job very easy with a super cheap laptop unfortunately, and I am sure the providers must know about it, and I bet most providers have weak security in some way. So I made sure that people I know with that router change their default passwords immediately. I found that with maybe a 30 mb password file created by crunch for those specific ranges and a cheap laptop could possibly find the password for 1 in 7 routers with default passwords for that provider in less than an hour, pretty crazy if you ask me. Hopefully people do not open up and share their files with anyone on their possibly own home secure network. This discovery has made me more paranoid than ever....and I have not even tried testing my own network of household computers with something basic like armitage to see what an intruder could do once inside my network.
  11. I have one more question to throw out here, does aircrack and hashcat kill processors and gpu chips eventually? Obviously the programs will push the chips to the limit to process hashes etc, just wondering if the heat kills them eventually out there, even if they limit the processing a bit by monitoring the heat sensors, thx.
  12. Thanks for the input, my laptop does not really have a gpu outside of the cpu, its a cheap built in the motherboard graphics processor. I guess if I had a higher end unit I would give it a shot. When I run the aircrack it starts winding up the internal fan like a jet taking off, then I notice after some time the speed drops to about 1000 k/s. I am afraid I am gonna kill the cheap ram or cpu with all the heat lol. I wish I could see the ram and cpu temp. That is insane how fast you can process a wordlist against a captured handshake with hashcat and a gpu! If I ever build a desktop unit I will consider buying the video cards that work best with kali/hashcat lol. Too bad you can not use some of the standalone gaming systems with compatible cards to do this! Design the game to crack routers lol, anyhow thanks for the input.
  13. My cheap laptop with an i5 processor is being used to test my network, I successfully grabbed a handshake and tested it against a password file with my pass in it that was 100mb in size. I used aircrack on the text file with my persistence usb stick loaded up with latest kali and the best I can get is 1800-1900 k/s, should I be expecting more speed out of it or am I out of luck unless I build a rig with good video cards and go the hashcat route? I am basically curious to know if 1800 k/s for aircrack is normal on a crappy 2 year old laptop.
  14. undersc0re

    Crunch

    Ok, couldn't resist, grabbed the family laptop and fired up kali, crunch spit out what I wanted as .txt files when I entered that exact command! I think I was trying to tell it the filename I wanted when I tried it before or sumthin. It works great now, and fast as heck, thanks for sharing your knowledge with me!
  15. undersc0re

    Crunch

    Yes I was just looking for the simple one with numeral digits following 2511, our local provider of internet service with their router usually sets default password of 2511 followed by 8 more random numbers most of the time, sometimes those 8 numbers have uppercase letters in the mix. My router uses numbers only and so does my parents and my friends, I just wanted to test my router to see how hard it would be for someone to come by or maybe a curious neighbour to hack into and borrow some of my internetfor evil purposes. I imagine the most common way would be for them to just capture a handshake and throw an easy passwordlist at it. I already tested other possible ways against my router such as pixiedust attack with both bully and reaver, (it seems the internet provider has protection for that now), and common passwordlists. I figure no one in their right mind would waste their time with a password list with 2511 and 8 alpha numeric following after that so I though just numerals involved would be a quick shot for someone, of course my router is hidden from the front door and any windows viewing access lol. Thanks for your help, I will give that a shot next time I fire up the kali persistence usb stick! Glad I purchased a good one with lots of available memory!
  16. undersc0re

    Crunch

    I am looking to create a crunch .txt file with the following parameters. I want a 12 digit password always starting with 2511 and the following 8 digits to be random. I would like the text files created to be 200mb or less. Is this possible with crunch? I can not seem to get crunch to spit this out in kali, would it be easier with a different program? Thanks for your help.
×
×
  • Create New...