Re: wordlists for Ncrack

[David Fifield <david () bamsoftware com>]

On Tue, Jul 28, 2009 at 11:49:14PM +0000, Brandon Enright wrote:
> I've included the top 500 passwords.  Even the 500th in this list
> appeared 18 times.

What's up with these?

> 8945b4cb1bfb8cb5c95c137fc60ed9a0:VQsaBLPzLa
> 8508725598abd34b53d5fc59531131f3:a00131949

Those are the only ones I saw that didn't look like obvious passwords.
They both get Google results, especially VQsaBLPzLa. My guesses are:
they came from a random password generator seeded with the same seed, or
they are just random passwords used repeatedly by some bot.

This is strange too (they were adjacent in your list):

> 28c8edde3d61a0411511d3b1866f0636:c4ca4238a0b923820dcc509a6f75849b
> c4ca4238a0b923820dcc509a6f75849b:1

Do people calculate the MD5 sum of the password they were going to use,
and then use that for a password? Or did phpBB hash it twice for some
reason?

David Fifield

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org