Nmap Development mailing list archives
Re: wordlists for Ncrack
From: David Fifield <david () bamsoftware com>
Date: Tue, 28 Jul 2009 18:08:23 -0600
On Tue, Jul 28, 2009 at 11:49:14PM +0000, Brandon Enright wrote:
I've included the top 500 passwords. Even the 500th in this list appeared 18 times.
What's up with these?
8945b4cb1bfb8cb5c95c137fc60ed9a0:VQsaBLPzLa 8508725598abd34b53d5fc59531131f3:a00131949
Those are the only ones I saw that didn't look like obvious passwords. They both get Google results, especially VQsaBLPzLa. My guesses are: they came from a random password generator seeded with the same seed, or they are just random passwords used repeatedly by some bot. This is strange too (they were adjacent in your list):
28c8edde3d61a0411511d3b1866f0636:c4ca4238a0b923820dcc509a6f75849b c4ca4238a0b923820dcc509a6f75849b:1
Do people calculate the MD5 sum of the password they were going to use, and then use that for a password? Or did phpBB hash it twice for some reason? David Fifield _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Re: wordlists for Ncrack Sebastien Raveau (Jul 28)
- Re: wordlists for Ncrack Brandon Enright (Jul 28)
- Re: wordlists for Ncrack ithilgore (Jul 28)
- Re: wordlists for Ncrack Brandon Enright (Jul 28)
- Re: wordlists for Ncrack ithilgore (Jul 28)
- Re: wordlists for Ncrack David Fifield (Jul 28)
- Re: wordlists for Ncrack Brandon Enright (Jul 28)
- Re: wordlists for Ncrack ithilgore (Jul 28)
- Re: wordlists for Ncrack Brandon Enright (Jul 28)
- Re: wordlists for Ncrack Sebastien Raveau (Jul 29)