Dictionary file?

[VaeVictis]

I haven't been insulting you just giving you an opinion.  You can't really counter the claim that you can very likely miss things by only knowing how to use automated tools, and how that's very important relating to security.  If that's what you want to do, why don't you do what's needed to be done?

you are telling me that without coding knowledge i cant do what i want to which is false, because i have and am still advancing my knowledge of low level networking and am learning packet level and physical level exploits, while also learning of great software exploits, how to find them, and how to use them to my advantage

automated tools isnt exactly the correct term... they are tools yes, but not exactly automated, i dont just go hit a button and get root access, im still knowingly going through and exploiting things and cracking things to progressively increase my access with many different tools while finding out information

my coding knowledge isnt non-existent, if it was non-existent i could see a problem, as far as algorithms go i love programming as far as syntax goes i hate programming

you dont need to know shit like assembly inside and out to be able to penetration test, and generally coding stuff in C helps mostly just by being able to modify tools to exploit slightly differently for different situations

from your first post on, youve basically taken it apon yourself to lecture me on being a better programmer before i try anything that may involve programming, when all i really made the thread for was some help finding a nice big word list to speed up some password cracks

most machines im cracking right now, i have physical access and am cracking them for the owner, which i can get in no matter what, but recovering a password is always nicer than wiping it out... any more advanced cracking i am doing is out of self interest with educational purposes set up on my own stuff to try specific exploits

its not like im going "hay gies! i nedz sum ranbo tabels 2 hax my naybors wirles, k?" and its not like im contracting pen tests for large companies if i hit a roadblock due to lack of coding knowledge, then yes i will improve my coding knowledge, until then i dont particularly care

[reaper]

you are telling me that without coding knowledge i cant do what i want to  which is false, because i have and am still advancing my knowledge of low level networking and am learning packet level and physical level exploits, while also learning of great software exploits, how to find them, and how to use them to my advantage

You mentioned penetration testing.  Penetration testing involves finding problems in systems to fixup security.  Why would being a highly skilled programmer be essential to the security of a system built on software?  If you want to have fun, more power to you, I was giving you my advice, not insulting you; take it or leave it.

[VaeVictis]

you are telling me that without coding knowledge i cant do what i want to  which is false, because i have and am still advancing my knowledge of low level networking and am learning packet level and physical level exploits, while also learning of great software exploits, how to find them, and how to use them to my advantage

You mentioned penetration testing.  Penetration testing involves finding problems in systems to fixup security.  Why would being a highly skilled programmer be essential to the security of a system built on software?  If you want to have fun, more power to you, I was giving you my advice, not insulting you; take it or leave it.

well... the way i see it your advice isnt that great, you seem to lack an understanding of what penetration testers do... you are thinking an entirely different job title lol

[reaper]

A penetration test, occasionally pentest, is a method of evaluating the security of a computer system or network by simulating an attack from a malicious source, known as a Black Hat Hacker, or Cracker. The process involves an active analysis of the system for any potential vulnerabilities that could result from poor or improper system configuration, both known and unknown hardware or software flaws, or operational weaknesses in process or technical countermeasures.

Not as accurate as it should be but the definition will do.  What skills are required to do this?  Meaning not leaving a gaping security hole.  Anyways this is my last post. 

[haunted]

What is this thread? If anyone got my password I would shank them island style

[[BTF]Sigma]

Here's an encrypted password: 035d732ca3f4f5d5cdcd68eec7e0fcbb

Now tell me what the original password is. I would love to see what if it's truly trivial to crack this.

42

[|iR|Focalor]

12345... That's amazing, I have the same combination on my luggage!

[VaeVictis]

update on the actual topic of this thread...

grabbed two i like to use now

openwall (the people who made jtr) have a really great one for free, its just all.gz on their ftp site, its about 40mb uncompressed, and it contains nearly 4 million words (not mangled), so pass that through a word list processing program like cain or jtr to mangle the words, and you got yourself a nice wordlist

then ofc, i found out that my bt4r2 disc actually has a 400mb wordlist with 35 million words (pre-mangled) specifically for wpa (8-63 characters)

and i have myself a 1gb file, that is 26gb of wordlists compressed with little python scripts to generate larger wordlists than i would ever need but ill never use that as the other two suite my needs just fine

plus, beyond wordlists i have some pretty kickass rainbow tables up to bout 450gb of those so far...

[QwazyWabbit]

You guys have had a month to crack my challenge - and failed.

Here's an easier one that will be in your dictionaries: 28a86b5a5906efafb2ee2e423fe744c0

[VaeVictis]

You guys have had a month to crack my challenge - and failed.

Here's an easier one that will be in your dictionaries: 28a86b5a5906efafb2ee2e423fe744c0

i wasnt trying lol...

where ya gettin the hashes anyway? looks like ntlm hashes, but i could be mistaken, if it is infact just an LM hash i could break it in a matter of minutes up to 14 characters, and md5 or sha1 i have some weaker tables that will crack some more basic passwords... not to mention, takes FOREVER to run the dictionary file mangled through cain against a hash lol cause it takes every word and makes like 200 different versions of it

[VaeVictis]

You guys have had a month to crack my challenge - and failed.

Here's an easier one that will be in your dictionaries: 28a86b5a5906efafb2ee2e423fe744c0

thought it was ntlm first after i figured out it was md5 (after just a couple minutes) it was cracked in a few seconds

plaintext = "micropenis"

EDIT: for educational purposes... wtf still uses md5 hashes for passwords? i know IOS does, but it uses salted md5 which is muuuuuch more secure because even though the salt is in plain text, you can no longer use precomputation methods and either have to brute force or dictionary attack it

[QwazyWabbit]

Very good. I knew it would be in your dictionary. Congratulations, you win.
It was indeed, a simple MD5 hash of plain text micropenis.

[kren.Z]

here ye are vae - http://www.canyoucrackit.co.uk/










good luck