i8igmac Posted October 25, 2014 Share Posted October 25, 2014 a while back I was building the pyrit database and it does the duplicate filtering for you with its gpu powers... I can confirm the above post this is not a 100% uniq list. It may have been clean at one point... Quote Link to comment Share on other sites More sharing options...
Mr-Protocol Posted October 25, 2014 Share Posted October 25, 2014 That's fine and all, but just clean up the list and use it if you want. Date on that quoted post: Anton, on 19 Apr 2013 - 12:30 PM, said: Well over a year ago... Quote Link to comment Share on other sites More sharing options...
zy_zhao Posted October 26, 2014 Share Posted October 26, 2014 how to use it ??? Quote Link to comment Share on other sites More sharing options...
zy_zhao Posted October 26, 2014 Share Posted October 26, 2014 I made a 9+gb sequential numbers 00000000-999999999 file and aircrack used it fine, but I do see your issue, it would take days to crack something, so I used the linux split command (Read the help file) and made like a shit ton of 50mb files. Cracked the wifes wifi(which I already knew the range it was in since I told her that her boss was an idiot for using just numbers and only as long as 9 characters). I just did a head and a tail on the files, till I found which one I knew it was in, and it cracked in like 20 minutes on a crappy dual core laptop with BT5. Now that said, had I had to go and use the entire 9GB file, well, it would have done it, but would have had to run for days to go through all 8 characters, then all 9 until it found it. Split is your friend. So is sort if you want to sort unique or also, reverse the order of the list like say 1,2,3,4,5 becomes 5,4,3,2,1 (but with say a list of characters 8 or longer). If I had it on my home machine and I sent the pcap to the hashcat site,I could have made a file compatible for cracking using oclhashcat on my GPU. That 9+GB sequential list probably would have cracked in an hour or so. Got to love GPU computing. BT5 has the ability to use CUDA and OpenCL drivers too, but they don't work on my POS laptop, but just a heads up, you can crack with the 13gb list if you split it into chunks and run them in parallel too if you've got more than one GPU. where can i download it ? Quote Link to comment Share on other sites More sharing options...
KlingL Posted December 1, 2014 Share Posted December 1, 2014 This shows how good rar compression can be, the actually torrent is only 4.49gb I can get this down to 3.53gb with 7zip format (.7z). Quote Link to comment Share on other sites More sharing options...
behinde.shadows Posted December 16, 2014 Share Posted December 16, 2014 how i can download it Quote Link to comment Share on other sites More sharing options...
Anton Posted January 10, 2015 Author Share Posted January 10, 2015 Hey Guys, I haven't forgotten about this post i just work away allot and the list is on my desktop machine! the only time i am home is at the weekend before i need to travel again. Ill upload it the first chance i get. Thanks, -Anton. Quote Link to comment Share on other sites More sharing options...
factgasm Posted January 24, 2015 Share Posted January 24, 2015 (edited) I'm changing my original post because now I've put my pen testing hat back on all this is making a lot more sense now. I downloaded the file again, this time directly from crackstation itself, unzipped it, managed to open it and it is indeed plain text after all. It's possible the version I had earlier was corrupt hence the confusion. Edited January 29, 2015 by factgasm Quote Link to comment Share on other sites More sharing options...
Primz Posted May 12, 2015 Share Posted May 12, 2015 Hey Guys, I haven't forgotten about this post i just work away allot and the list is on my desktop machine! the only time i am home is at the weekend before i need to travel again. Ill upload it the first chance i get. Thanks, -Anton. Hey to give this topic a little bump. Am loking for a very nice cleaned up password list to use for WPA2s. can see that the links are not working in this thread so if anyone has a up to date copy of anything good and cleaned up (no dupes) that would really help a chap out. :) Quote Link to comment Share on other sites More sharing options...
cooper Posted May 12, 2015 Share Posted May 12, 2015 This page lists a stack of them: https://wifi0wn.wordpress.com/wepwpawpa2-cracking-dictionary/ You're going to have to pluck out the dupes and the ones that are too short to be valid for WPA2 though and no idea how large the end result is going to become because of it. Quote Link to comment Share on other sites More sharing options...
Primz Posted May 13, 2015 Share Posted May 13, 2015 Wow nice list. Thanks for that dude. Someone must have a nicely cleaned up word list file. Am gonna start the long painful task of going through and making my own list but if any kind soul has anything clean and good please let a brother know :) Quote Link to comment Share on other sites More sharing options...
wordem Posted July 6, 2015 Share Posted July 6, 2015 I can tell there are a lot of cracking newbs in this thread and just some newbs in general. Let me save you some time... First off, this is not full of dupes as someone suggested. It had only 300k worth of dupes in it, less than 0.001%. But that doesn't mean this list isn't rubbish because it is. There isn't a single mixed case word I saw while tailing off samples of it while it was sorting the few dupes it contained. So this list at best is only a "source list", not a cracking list. That means to have "decent" success you'll need to apply rules to it to toggle case. On a list this large the best you're going to do in volume is all lower, upper first character and all upper. If you were focusing on a single newtwork for a long time you could definetly expand it, but nothing like you can do when you can get 28G c/s on MD5. This list is just too big to run a comprehsive ruleset on for WPA, and just using it for source words is pretty bad. I have lists 10% of the size that do 400% better on average. I would call this list more of a list of last resort instead of a first choice. If you're using a CPU then this list isn't for you, just still with the openwall list or something under 5 to 10M words. Otherwise it will take you several days running nonstop to check the list as-is and you'll be lucky to have more than a 10-20% success rate. Add in just a few rules and you're talking nearly a month. For comparison, I can run this list in around 40 minutes. I get about 400,000 c/s on WPA and 28G c/s on MD5. If you don't have a GPU with fast hasing then stick to a good small list of PWs, not just a big source list of words and such. But this list is bad for a source list for WPA just because of its size, you can't make more than a few mutations from it and still be able to test the results against a large enough sample to learn anything. If you want to do more than just try to crack a single password then you're going to have to do it on GPU. You'll rarely find someone who is willing to share a list or rules that are working amazing because it takes a ton of time and work and you lose your edge in competitions and such. To start getting results above 30-40% on WPA you'll need to start doing a lot of testing and analysis. This is the part where it is tough, because WPA is slow. If can take a day just to test 10 handshakes against a few new rules, whereas you could test the same MD5 hashes in under 10 seconds. And 10 handshakes doesn't tell you squat, so even with a cluster of cracking rigs it takes forever to do quantitive analysis on WPA. The solution to this is to stick with MD5. It is not a direct crossover... personal pws and WPA PSK, but the patterns can apply across both. If you find a rule or list working well on MD5 hashes it will likely perform will on WPA. The trick is efficiency, not maximum results when it comes to WPA. So if you have a list/ruleset that finds 30% of the hashes, but is 1000% more efficient (less keyspace) than the one that gets 40% you sacrifice the 10%, at least initially and use the rules for the extra 10% at the end. Pyrit is slow, so you're not going to get the numbers from even multiple GPUs that I pull on a single GPU core in HC. And of course aircrack (cpu) might as well be standing still. Quote Link to comment Share on other sites More sharing options...
vailixi Posted July 22, 2015 Share Posted July 22, 2015 (edited) I have a list with about 1.3 billion words 8-63 chars (about 15.5GB). It took me about month to create. I would be willing to burn that to some DVDs and mail them to anyone who wants to start a torrent. I just don't have the upload speed to with my ISP because I'm in the boonies. So I'm not even going to try to send that much data. It would be depressingly slow. I've heard a lot of people say that having a smaller list and a good ruleset for creating permutations works just as well even better than having a large list. Edited July 22, 2015 by vailixi Quote Link to comment Share on other sites More sharing options...
cooper Posted July 23, 2015 Share Posted July 23, 2015 I've heard a lot of people say that having a smaller list and a good ruleset for creating permutations works just as well even better than having a large list. Never said so myself, but I vehemently agree with it. Maybe you could elaborate a bit on what you did to assemble your wordlist? Quote Link to comment Share on other sites More sharing options...
vailixi Posted July 26, 2015 Share Posted July 26, 2015 (edited) I grabbed every list I could find from places like skull, hack forums, various english, french german, latin dictionaries, dictionaries of medical and science terminology, short lists, leaked passwords. That was about 100GB total and about 1300 lists. Then I used some bashfu to make sense of it. Split, sort, awk, sed, uniq, and some other commands.I'll see if I can dig up the commands list. There are a lot of ways to sort with BASH so if you do it different or have something to add please share. The simplest way to merge wordlists is with cat. cat *txt > mylists.txt You can pipe cat. cat *txt | sort -u -i > list1.txt You can pipe some more with nawk. cat list.txt | nawk '{str=$0; if (gsub(".", "") <= 63) print str}' > list2.txt cat list2.txt | nawk '{str=$0; if (gsub(".", "") >= 8) print str}' > list3.txt Once the wordlist gets to big it will start sucking up all of your RAM and swap so you will have to split the list down to managable size. split --bytes=2000000 --verbose wordlist.txt More BASH #!/bin/bash count=0 nums=$(ls -l | grep -v ^l | wc -l) echo "Processing $(ls -l | grep -v ^l | wc -l) original files" for i in $( ls ); do echo "Processing $i" mv $i temp.txt cat temp.txt | nawk '{str=$0; if (gsub(".", "") <= 63) print str}' | nawk '{str=$0; if (gsub(".", "") >= 8) print str}' | sort -i -u > $i done; sort and merge sort -imu -o newmergedfile.txt * I think the script would be something like the following. Sorry in advance for syntax errors. It's pretty much copy pasta from my notes and editing off the top of my head and it's pretty late. Long day today. But you get the gist of it. #!/bin/bash count=0 nums=$(ls -l /root/Desktop/mylists/ | grep -v ^l | wc -l) echo "Processing $(ls -l | grep -v ^l | wc -l) original files" for i in $( ls /root/Desktop/mylists/ ); do echo "Processing $i" # this will sort each text file alphnumerically and cut strings shorter than 8 characters and longer than 63 and remove whitespace $i ((count ++)) mv /root/Desktop/mylists/${i} /root/Desktop/mylists/temp.txt cat root/Desktop/myslists/temp.txt | awk '{ print length, $0 }' | sort -n | cut -d" " -f2- | nawk '{str=$0; if (gsub(".", "") >= 8) print str}' |nawk '{str=$0; if (gsub(".", "") <= 63) print str}' > $i rm /root/Desktop/mylists/temp.txt echo "$count / $nums complete" done; Basically you'll want to split the lists into managable sizes so the bash utilities don't crash do to memory allocation issues. Then sort them for uniqs merge etc. I'll see if I can find some of my older command line histories. I was in the habbit of saving them for a while. Incidentally. I've had one person interested in a copy via mail but the individual is in the United Kingdom. If I ship something like a wordlist is that going to get me in trouble? Edited July 26, 2015 by vailixi Quote Link to comment Share on other sites More sharing options...
cooper Posted July 26, 2015 Share Posted July 26, 2015 Thanks for this. I'm thinking the dictionary words would suffice and you could then create a permutator that would change case, replace chars and maybe tack on a few numbers. That way your wordlist stays kinda small but your actual vocabulary (for lack of a better word) is huge and it shouldn't take a lot of cpu cycles to do the expansion. The good thing about sorting is that it makes it easy to kick out the duplicates. The bad thing is that the most commonly used combinations aren't at the top of the list when you start processing which is likely to save you a *lot* of processing time when you use the list. Hence the dictionary idea - a more manageable list allowing you to do some manual ordering. I don't see how shipping a wordlist is something actionable. It's a list of words. Call it the most boring book on the planet if it makes you feel any better. Quote Link to comment Share on other sites More sharing options...
vailixi Posted July 27, 2015 Share Posted July 27, 2015 If you were just going to do like 4 characters prefixed, suffixed or both you could just put all of the 4 char sequences into a string array and for each iteration just concat the the extra chars to the dictionary word. Also if you are working with a list of names you could just grab the sirnames and firstnames and make two arrays. Then loop through and concat the first+last or last+first or first.last or first+middle+last or whatever. If you're doing emails addresses you grab a list of the top email provider domainnames and just output that at the end. Great way to send spam without sending spam. Just make an email list and put them into your email provider's address book. Then sign up for a throw away facebook account and add contacts from address book. Or say you are looking for person on LinkedIn and you want to add them so you can get a job. Just use permutations of the first+last+domain until you find their real email address to send them an invite. Sorry for birdwalking from the orginal subject. Most words if they are capitalized are just capitalized at the beginning except names and some things that are camel cased. Then you could use some substitution rules like for 1337speak, fauxcrypt, or other sensationalized spelling rulesets. BTW if anyone knows how to do that with string streams in C++ please post an example. But here's just a tiny bit of code. Sorry for being so lazy on the code lately. Working a lot. //Simple program that outputs mangled words from a list and puts the output into another list. #include <string> #include <sstream> #include <iostream> #include <cctype> #include <fstream> int a; int b; int c; int d; using namespace std; int main (int argc, char* argv[3]) { {ofstream myfile; myfile.open (argv[2]); { string line; ifstream infile (argv[1]); if (infile.is_open()) { while ( getline (infile,line) ){ for (a = 32; a <= 126; a++){ for (a = 32; a <= 126; a++){ for (a = 32; a <= 126; a++){ for (a = 32; a <= 126; a++){ cout << line << char(a) << char(b) << char(c) << char(d) << endl; cout << char(a) << char(b) << char(c) << char(d) << line << endl; // I forgot how to do string streams for concatenating strings in C++ But if you are going to run crypto against each output you will need to dump each line into a single variable. } } } } } infile.close(); myfile.close(); } else cout << "Unable to open file" << endl; } } return 0; } Also I think it would be a fun project to collaberate on a wordlist compilation. Quote Link to comment Share on other sites More sharing options...
cooper Posted July 27, 2015 Share Posted July 27, 2015 I previously made such a generator in plain bash. All that remains, again in bash, is something like this: for word in `cat wordlist.txt` do for sequence in `seq_gen.sh <whatever parameters apply>` do <run the program that takes a permutation to try> ${work}${sequence} done done Quote Link to comment Share on other sites More sharing options...
vailixi Posted August 1, 2015 Share Posted August 1, 2015 Some ISPs have WPA keys which are mathematically related to user information such as the user account number or telephone number. Some are hashes of these numbers and some WPA keys are phone numbers. So in cases like this you can look up the area code(s) and prefixes for the local area generate a phone list from that. In the case of account numbers It's just a matter of knowing how many characters the account number is. If you know the hashing algorithm you can generate a wordlist for that ISPs access points. Then write a script to generate lookup tables for every single standard ESSID within the scope of. Some of them are MY-WIFIXXXX. So basically all of the ESSIDs are predictable as far as their names. So a 10 digit numeric list should probably be included in any WPA wordlist. Quote Link to comment Share on other sites More sharing options...
vailixi Posted August 27, 2015 Share Posted August 27, 2015 (edited) Here's my list of about 1.2 billion words.15.3GB decent compression with 7zip. The file is 2.8GB Collected from about 1200 sources and sorted. Sort of. The files got to big for the ammount of ram and swap space on my machine. But you are welcome to it. Mostly 8-63 character strings. Have fun. magnet:?xt=urn:btih:d39773d2f403a8f5196081226d8f5134f4546b3a&dn=vailixilist.7z Edited August 27, 2015 by vailixi Quote Link to comment Share on other sites More sharing options...
deadlyhabit Posted August 27, 2015 Share Posted August 27, 2015 You don't happen to have the rainbow table files for default and most commonly named routers do you? Quote Link to comment Share on other sites More sharing options...
digip Posted August 27, 2015 Share Posted August 27, 2015 You don't happen to have the rainbow table files for default and most commonly named routers do you? I haven't click the torrent to see if they are still alive, or checked if this was posted in this long thread, but there is http://www.renderlab.net/projects/WPA-tables/ which was put out a while back which may yield some results for people looking for precomputed passwords matches Quote Link to comment Share on other sites More sharing options...
vailixi Posted August 27, 2015 Share Posted August 27, 2015 I got those a while back. Most of them are for default access points that are not around my geographic location. But there are some like NETGEAR that are fairly common ESSIDs. Mostly it just takes up space my hard drive. There are some useful scripts on the renderman site as well. My wordlist is almost uploaded to drive on really slow network speeds. Nobody got the torrent so I'm probably just going to kill that in a few. Quote Link to comment Share on other sites More sharing options...
digip Posted August 27, 2015 Share Posted August 27, 2015 To test, i just downloaded the readme form the torrent file to see if it was still alive - https://archive.org/details/wpa-tables-renderman looks like it's still good to go, but I can understand not wanting to download directly the static files over a single download. Quote Link to comment Share on other sites More sharing options...
vailixi Posted August 28, 2015 Share Posted August 28, 2015 I put my list on Drive. It took a while to upload because I have slow net. https://drive.google.com/file/d/0B8Mz8bu8fJ4kTnJXWlZLMUtmRkk/view?usp=sharing Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.