Jump to content

Cowpatty And Genpmk


azazel
 Share

Recommended Posts

Hi everyone 1st sorry for my english i´m portuguese :) sunny place at the end off europe with many beaches and great people. :rolleyes:

I work as an IT on a company in portugal and since the news that the state's computers were hacked walk a certain paranoia with network security as a good worker sought solutions to test the networks that i am administrator and found found solutions with BT4 but also got a big problem as i am working systems are in Portuguese dictionaries and rainbow tables attacks or lookuptables they do not work because the dictionaries and rainbow tables were made with English phrases and we are Portuguese and we do not use English words so i wonder if anyone has any idea how to create a dictionary well structured in order to use with genpmk a tool off cowpatty to do rainbow or lookuptables and if someone has an idea what program to used to modify the pass which already have like ex: from password to pa$$w0rd or p4SSw0rd in 1 hak5 program in June 17, 2009 they spoke in jon the riper then what do i want :) ?

1 - how to make god dictionaries well structured

2 - some small lights around the time it takes to run with the genpmk dictionary ex: 40 mb and which commands are more to use on genpmk ex: genpmk -f dictionaries -d test -s linksys is this right ?

3- some small lights about the program jon the ripper what he does and if there is some better, i am assuming that the program is to modify passwords

Link to comment
Share on other sites

You could generate your own rainbow tables using wintgr.exe, for instance if the password is vermelho with capitals or special characters, the rainbow table should be able to crack the password, just like a brute force password cracker that tries every possible combination. You could also do a google search for the most used passwords in Portuguese and compile your own list or try downloading a Portuguese dictionary that contains all the Portuguese Language spoken words. And that's what I basically did before I searched through websites that contained the most common used password and created my own password file which its over 400mb long.

I have also found this link that provides information about JTR (john the ripper)

http://r00tsecurity.org/forums/topic/5643-...ipper-tutorial/

Let me know how you go.

Link to comment
Share on other sites

You could generate your own rainbow tables using wintgr.exe, for instance if the password is vermelho with capitals or special characters, the rainbow table should be able to crack the password, just like a brute force password cracker that tries every possible combination. You could also do a google search for the most used passwords in Portuguese and compile your own list or try downloading a Portuguese dictionary that contains all the Portuguese Language spoken words. And that's what I basically did before I searched through websites that contained the most common used password and created my own password file which its over 400mb long.

I have also found this link that provides information about JTR (john the ripper)

http://r00tsecurity.org/forums/topic/5643-...ipper-tutorial/

Let me know how you go.

Thank´s for the reply

I have wintgr.exe but dos cowpatty read .rt files ? and if cowpatty reads what do i use md5 / wps-psk / lm ???

I also have a tool given to me by the isp provider that is my friend that gives you the wpa default key for the router

Thomson router´s only ex: Thomson65C749 speedtouch.exe -i 65C749 -v and gives you the default password for the router good wen you need to reset the router and do not have the label containing the password

Had no idea that wep key was so easy, on 2 test router smc 7 minutes on a cisco "wep key also" with deautentication ON 2 hours, in all three routers did injection packages with no clients ON, even with a powerful router cisco it was possible to penetrate.

Edited by azazel
Link to comment
Share on other sites

Thank´s for the reply

I have wintgr.exe but dos cowpatty read .rt files ? and if cowpatty reads what do i use md5 / wps-psk / lm ???

I also have a tool given to me by the isp provider that is my friend that gives you the wpa default key for the router

Thomson router´s only ex: Thomson65C749 speedtouch.exe -i 65C749 -v and gives you the default password for the router good wen you need to reset the router and do not have the label containing the password

Had no idea that wep key was so easy, on 2 test router smc 7 minutes on a cisco "wep key also" with deautentication ON 2 hours, in all three routers did injection packages with no clients ON, even with a powerful router cisco it was possible to penetrate.

It should be able to read .rt files, but I am not 100% sure on that one. However you can download the tables from this link and use them for cracking the wep keys.

http://www.offensive-security.com/wpa-tables/

In addition, wep keys are so easy to crack nowadays that wireless networks should be secured with WPA instead.

Edited by Infiltrator
Link to comment
Share on other sites

http://www.offensive-security.com/wpa-tables/

I left a laptop connected to download one week and only got 2 rainbow tables functional stopped all the rest between 50% and 85% because there is no seed.

That's one of the issues that frustrates the shit out of me, when using Torrent Files is that it can take time to download depending where you are downloading it from. I usually search around, for instance just do a search in google for "rainbow table torrents " or something similar you will be able to find torrent websites that offer a torrent download of over 20 to 100+ seeds.

Edited by Infiltrator
Link to comment
Share on other sites

That's one of the issues that frustrates the shit out of me, when using Torrent Files is that it can take time to download depending where you are downloading it from. I usually search around, for instance just do a search in google for "rainbow table torrents " or something similar you will be able to find torrent websites that offer a torrent download of over 20 to 100+ seeds.

No matter I'd rather do a rainbow table and test it, is also to be able to better understand the different levels of security against different rainbow tables and dictionaries, will generate the dictionaries with winrtgen using different encryptions ex alpha numeric / alpha numeric symbol / alpha numeric symbol space, i have a loot off computer and i'm studying how to make a cluster with different interconnected computers that was also reported in an episode of hak5 using a software and swich a conection to make the rainbow tables faster

Link to comment
Share on other sites

No matter I'd rather do a rainbow table and test it, is also to be able to better understand the different levels of security against different rainbow tables and dictionaries, will generate the dictionaries with winrtgen using different encryptions ex alpha numeric / alpha numeric symbol / alpha numeric symbol space, i have a loot off computer and i'm studying how to make a cluster with different interconnected computers that was also reported in an episode of hak5 using a software and swich a conection to make the rainbow tables faster

I like how you think, I have the same approach as you, I have given up downloading rainbow tables ages ago now I just generate my own tables.

One of the advantages of using raibow tables over brute force password crakers is that rainbow tables are much faster and efficient, it uses memory trade off techniques to reduce the amount of time it takes to crack a passwords, as opposed to a brute force tool that only uses the CPU power.

Link to comment
Share on other sites

I like how you think, I have the same approach as you, I have given up downloading rainbow tables ages ago now I just generate my own tables.

One of the advantages of using raibow tables over brute force password crakers is that rainbow tables are much faster and efficient, it uses memory trade off techniques to reduce the amount of time it takes to crack a passwords, as opposed to a brute force tool that only uses the CPU power.

Yes that is my point to, like i have a lot off computer power i dont care iff i spend a few time computing tables

Link to comment
Share on other sites

Yes that is my point to, like i have a lot off computer power i dont care iff i spend a few time computing tables

I have spent $6000 dollars just to build my computer and it still has got plenty of power, I at times only manage to consume between 20% to 40% of the entire system resources. But I have also used "The World Fastest MD5 cracker BarsWF" to run up my CPU from 40% to 100% of usage.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...