hacker12345 Posted June 23, 2012 Share Posted June 23, 2012 sir please tel me,How the password crackers are working,,say i want to access a router and it asking for a password and username,how can i get the real password's hash code ,i know about brute force ,but i want to know how the password crackers get the hash code???? Quote Link to comment Share on other sites More sharing options...
SPoF Posted June 23, 2012 Share Posted June 23, 2012 Easiest way would probably be to call 911 and tell them your problem... Seriously, do you really think that you'll get answers on how to do illegal stuff? Quote Link to comment Share on other sites More sharing options...
digip Posted June 23, 2012 Share Posted June 23, 2012 They get it by taking a word list and using the same algorithm to create the hash, build a table of matching words and hashes, then look them up. Its not illegal to have knowledge, its illegal to break into someone else's equipment. If you want to break the law, that is on you. Have fun in jail if you get caught. Quote Link to comment Share on other sites More sharing options...
hacker12345 Posted June 24, 2012 Author Share Posted June 24, 2012 Thank you sir,I'm not breaking any low just i need to know how are they working.and sir how they know what algorithms are used to convert password by router? as i think when the password is entered by us,,router convert it to hash codes and match the two passwords is it correct? Quote Link to comment Share on other sites More sharing options...
Infiltrator Posted June 24, 2012 Share Posted June 24, 2012 as i think when the password is entered by us,,router convert it to hash codes and match the two passwords is it correct? Correct, when you enter the clear-text password in your router, it takes it and then uses a hash algorithm such as an MD5 for example, to generate a hash of your clear-text password and uses it to match against the hash already saved in the database. If they are a match, you are authenticated, if they don't then you will get an authentication error. Quote Link to comment Share on other sites More sharing options...
Radau Posted June 24, 2012 Share Posted June 24, 2012 Easiest way would probably be to call 911 and tell them your problem... Seriously, do you really think that you'll get answers on how to do illegal stuff? There's no need to be hostile here, he gave router authentication as an example. Just because someone says "Like if I did this", doesn't mean they are actually doing it. Wireless routers are usually the first entry point into hacking nowadays for most people, even if it is their personal router or one they set up on the side. I believe in the end he phrased is as, how are people going to get my hash and how are they going to use it to gain entry to my networks core, not "Hey guys how do I break into my neighbors router login page". I understand your concern with people doing illegal things, but in the end it is going to happen and that is a risk they agreed to take on their own terms, I believe the user agreement for this website even states that it and its affiliates are not responsible for what you do with the info you find here. Either way, Infiltrator pretty much nailed it with his answer. Quote Link to comment Share on other sites More sharing options...
hacker12345 Posted June 25, 2012 Author Share Posted June 25, 2012 Thank you sir..sir i think you all are know about kon-boot software i download and install it to my pen drive ,,first time computer boot from the pen drive it say "COULD NOT FOUND KERNEL IMAGE:MENU.C32" and then i download it from internet and copy it to pen drive and boot again, now it boot and boot and boot nothing happen ,it comes BOOTING-UP and restart again ...and again...what is the reason for this and what is the solution??? Quote Link to comment Share on other sites More sharing options...
Dazzle Posted June 25, 2012 Share Posted June 25, 2012 Thank you sir..sir i think you all are know about kon-boot software i download and install it to my pen drive ,,first time computer boot from the pen drive it say "COULD NOT FOUND KERNEL IMAGE:MENU.C32" and then i download it from internet and copy it to pen drive and boot again, now it boot and boot and boot nothing happen ,it comes BOOTING-UP and restart again ...and again...what is the reason for this and what is the solution??? If you would like to get a password for a user on windows you can probably best use Ophcrack. Ophcrack will actually crack the password hash, where kon-boot will just remove the password. What exactly would you like to do? Quote Link to comment Share on other sites More sharing options...
Infiltrator Posted June 25, 2012 Share Posted June 25, 2012 If you want to reset the password, I'd recommend NT Offline password, burn the ISO image to a CD and boot the computer off it. Quote Link to comment Share on other sites More sharing options...
Dazzle Posted June 25, 2012 Share Posted June 25, 2012 NT Offline password is a great tool indeed, I used it on Hiren's BootCD, maybe you can download and burn Hiren's BootCd, that way you've got NT Offline password live Infiltrator suggested and aslo a lot of different tools that will come in handy ;) Quote Link to comment Share on other sites More sharing options...
bobbyb1980 Posted June 25, 2012 Share Posted June 25, 2012 How can the OP use chntpw or ophcrack or any of the aforemetioned tools to get the hash from a router? Quote Link to comment Share on other sites More sharing options...
digip Posted June 25, 2012 Share Posted June 25, 2012 How can the OP use chntpw or ophcrack or any of the aforemetioned tools to get the hash from a router? I think it was in reference to a separate question in this same thread - http://forums.hak5.org/index.php?showtopic=26835&view=findpost&p=205112 Quote Link to comment Share on other sites More sharing options...
bobbyb1980 Posted June 25, 2012 Share Posted June 25, 2012 Oh ok I didn't see that, thanks for clearing that up digi. Quote Link to comment Share on other sites More sharing options...
hacker12345 Posted June 26, 2012 Author Share Posted June 26, 2012 I already register with few forums and asking my problems ,but this is the only one forum i got reply fast...thank u sir. :D Quote Link to comment Share on other sites More sharing options...
hacker12345 Posted June 26, 2012 Author Share Posted June 26, 2012 (edited) sir,,i generated my own word list for brute-force AET2 software ,,but it does not working properly,,i configure this for a lan network there is error in some where ..sir can you help me?????? :P it gives all the words in the list as password. :( Edited June 26, 2012 by hacker12345 Quote Link to comment Share on other sites More sharing options...
bobbyb1980 Posted June 26, 2012 Share Posted June 26, 2012 Sir, Have you tried any other programs like hydra? Quote Link to comment Share on other sites More sharing options...
hacker12345 Posted June 27, 2012 Author Share Posted June 27, 2012 (edited) Hmmmm...hydra...it's a mess ^m^ Edited June 27, 2012 by hacker12345 Quote Link to comment Share on other sites More sharing options...
Infiltrator Posted June 28, 2012 Share Posted June 28, 2012 Hmmmm...hydra...it's a mess ^m^ Yes it can be a mess, but its quite good from experience. It will also need a decent password list, to be successful in cracking the router's password. Quote Link to comment Share on other sites More sharing options...
hacker12345 Posted June 30, 2012 Author Share Posted June 30, 2012 Sir ,,can you give me brief introduction how to use hydra? or a link of tutorial? i searched all over the internet but they are hard to understand! Quote Link to comment Share on other sites More sharing options...
Infiltrator Posted June 30, 2012 Share Posted June 30, 2012 (edited) Sir ,,can you give me brief introduction how to use hydra? or a link of tutorial? i searched all over the internet but they are hard to understand! If you put a bit of effort, nothing it's hard. Hydra for Linux: http://www.securitytube.net/video/953 Hydra for Windows: Edited June 30, 2012 by Infiltrator Quote Link to comment Share on other sites More sharing options...
ghosthunter007 Posted October 13, 2012 Share Posted October 13, 2012 If your trying to get into a router this will depend what type of router. Wireless router just crack the WPA2 its easier than trying to password guess the login. Once in you can use meterpreter to remote keylog a host system as part of the backtrack metaploit package. Not including steps there all over the net sadly to say. Once you get remote keyboard logging going just be patient and what for the user name and loggin of the users Windows box then remote in to it enable telnet so you can upload a ghost keylogger which emails you a keylog daily of what they did. Sooner or later they will access the router, but at this point you probably have email bank and other site usernamesn and passwords. No actual steps given just enough info to reseach on. I generally dont rely on default brute force list, I would research teh person learn their habits in some cases dumpster dive for information. All trash placed on the curb is public use, The police use it all the time to bypass getting a warrant. Once you learn about your subject its easier to create a bruteforce list. In my case my passwords are all alpha numeric alt+code 25 characters in length. Example: !GiL9Ω+n0@0bOmä4Æ Brute force would never get this. Or pass phrase : Normal view: "Hi there im a girl" h! 3hRe *m ä ♀ (now this is assuming the device can handle the password special characters.) But I think you get the point. Quote Link to comment Share on other sites More sharing options...
Pwnd2Pwnr Posted October 13, 2012 Share Posted October 13, 2012 The reason Hak5 is better than those other guys. I just wanted to say that. This thread I think is already done... Darren and Shannon Keeps it reals! lols Quote Link to comment Share on other sites More sharing options...
h41duk Posted October 13, 2012 Share Posted October 13, 2012 (edited) Bruteforcing is the surefire method. Instead of CPU processed bruteforcing, we can process bruteforcing through the GPU in order to arrive at a rate of about 380M * 1.4M passwords per second, allowing us to guess a 7-character password in maybe 1-2 days. In this sense, the GPU works with a package called CUDA, available for downloading from nVidia. Certainly we would need to have the hashed versions of the passwords beforehand. Search for GPU CUDA BRUTEFORCE PASSWORDS or similar There are many paid and free projects that use bruteforcing processed on the GPU. I think this is what you wanted to know by your inquiry: "how the password crackers get the hash code". Cryptohaze is one of the projects which function in this way. https://www.cryptoha...multiforcer.php Edited October 14, 2012 by h41duk Quote Link to comment Share on other sites More sharing options...
Infiltrator Posted October 16, 2012 Share Posted October 16, 2012 Bruteforcing is the surefire method. Instead of CPU processed bruteforcing, we can process bruteforcing through the GPU in order to arrive at a rate of about 380M * 1.4M passwords per second, allowing us to guess a 7-character password in maybe 1-2 days. In this sense, the GPU works with a package called CUDA, available for downloading from nVidia. Certainly we would need to have the hashed versions of the passwords beforehand. Search for GPU CUDA BRUTEFORCE PASSWORDS or similar There are many paid and free projects that use bruteforcing processed on the GPU. I think this is what you wanted to know by your inquiry: "how the password crackers get the hash code". Cryptohaze is one of the projects which function in this way. https://www.cryptoha...multiforcer.php I personally like Cryptohaze a lot, but have found it to be slower than HashCat. CryptoHaze uses Nvidia, which is a lot slower than ATI in this respect, so I would recommend Hashcat instead. Hashcat also support distributed networking, which can push the performance envelop to the extreme. Quote Link to comment Share on other sites More sharing options...
k3ntreed Posted October 20, 2012 Share Posted October 20, 2012 Manhattan Website Design Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.