Nmap Development mailing list archives
Re: wordlists for Ncrack
From: Brandon Enright <bmenrigh () ucsd edu>
Date: Wed, 29 Jul 2009 00:24:07 +0000
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tue, 28 Jul 2009 18:08:23 -0600 David Fifield <david () bamsoftware com> wrote:
On Tue, Jul 28, 2009 at 11:49:14PM +0000, Brandon Enright wrote:I've included the top 500 passwords. Even the 500th in this list appeared 18 times.What's up with these?8945b4cb1bfb8cb5c95c137fc60ed9a0:VQsaBLPzLa 8508725598abd34b53d5fc59531131f3:a00131949Those are the only ones I saw that didn't look like obvious passwords. They both get Google results, especially VQsaBLPzLa. My guesses are: they came from a random password generator seeded with the same seed, or they are just random passwords used repeatedly by some bot.
Forum spammers. They register lots of accounts with the same password. There are a number of hashes that have high frequencies that I haven't cracked yet. When I look at the users that have that hash in the table, they are obviously spam users.
This is strange too (they were adjacent in your list):28c8edde3d61a0411511d3b1866f0636:c4ca4238a0b923820dcc509a6f75849b c4ca4238a0b923820dcc509a6f75849b:1Do people calculate the MD5 sum of the password they were going to use, and then use that for a password? Or did phpBB hash it twice for some reason?
I don't know, in looking at the MySQL table it looks like it is some sort of special, internal phpbb thing. The hashes were retrieved with "egrep -o '[[:xdigit:]]{32}'" so anything that even looked like a hash was pulled out and cracked. I did go through the list with a few regexes to remove the obvious non-hash stuff. Brandon -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.11 (GNU/Linux) iEYEARECAAYFAkpvlq4ACgkQqaGPzAsl94JsNQCfbipPNK84cvW/bczUb5/R0LGy GysAn1go7vwYLmbPh7Oz2a/FnefiIYCw =ibAU -----END PGP SIGNATURE----- _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Re: wordlists for Ncrack Sebastien Raveau (Jul 28)
- Re: wordlists for Ncrack Brandon Enright (Jul 28)
- Re: wordlists for Ncrack ithilgore (Jul 28)
- Re: wordlists for Ncrack Brandon Enright (Jul 28)
- Re: wordlists for Ncrack ithilgore (Jul 28)
- Re: wordlists for Ncrack David Fifield (Jul 28)
- Re: wordlists for Ncrack Brandon Enright (Jul 28)
- Re: wordlists for Ncrack ithilgore (Jul 28)
- Re: wordlists for Ncrack Brandon Enright (Jul 28)
- Re: wordlists for Ncrack Sebastien Raveau (Jul 29)