July 26, 2017, 07:43:50 PM
Welcome, Guest. Please login or register.

"Have you tried turning it off and then on again?"

Author Topic: Password File  (Read 1480 times)

Offline Malachai

  • Top Hat Member
  • Super Elite
  • ********
  • Posts: 2800
  • Internets: +18/-7
  • #!/bin/sh Day/Night (Grey Hat)
Password File
« on: April 21, 2017, 10:48:35 PM »
After months of working late hours coming home and going to bed. I had some time off to really work on things I like. I have cleaned up and finished a 15 gig password file. I was trying to find a place to upload the file but notice not a lot of places can handle big files like this. I will have to split the file into 5 gigs. Just need a place where i could upload them to, and its easy for users to download the file.

If you have any suggestions please let me know.

Thanks
** Dont' judge me! **

*//
  Hope that Firewall works because your SCREWED  
  //*

Offline Luke

  • Top Hat Member
  • Prospect
  • ********
  • Posts: 9
  • Internets: +2/-0
Re: Password File
« Reply #1 on: April 22, 2017, 12:34:45 AM »
If you want/don't want to split:

bytedropper.com - 20 GB Free Users - 100GB Max File Size
mega.co.nz - 50 GB Free Users - All available space of your cloud
twitter @luke_ths

Offline Gingerbread Man

  • *High Tech Low-life*
  • Administrator
  • Elite
  • *****
  • Posts: 932
  • Internets: +93/-0
Re: Password File
« Reply #2 on: April 22, 2017, 09:14:20 AM »
Nothing personal Malachai...

But I see little value in using a file that large. Once you get past the usual suspects, and the next 30%, you are into a list of one-offs...passes used only once by one individual who just happened to get swept up in a hack...

While you can use statistical data to look at 'trends' and develop ways to 'fudge' the list to boost your success...Just smashing all the lists you can find together and running i through uniq is going to give you a list that will take many days, and many kilowatt hours, to go through...

I have ended up having a series of graduated lists...The usual suspects in the Rockyou and darkc0de lists...a area/target specific telephone list made with crunch, and a CEWL pull from the targets website/file names.

After that...I have had *ZERO* success when deciding to just 'throw the kitchen sink' at some target...Not once have my week long runs on 'the big list' yielded success. Not once...

Just something to think about friend...

BTW, Google allows for 15gb of storage on each Google Drive account...free...As long as you are not trying to make it a Google Doc, and you are willing to pay...5TB is the limit...;)

Offline Malachai

  • Top Hat Member
  • Super Elite
  • ********
  • Posts: 2800
  • Internets: +18/-7
  • #!/bin/sh Day/Night (Grey Hat)
Re: Password File
« Reply #3 on: April 22, 2017, 05:43:42 PM »
Thanks for the feedback. I for me this list I have used for the last couple months . I came across some hashes I was working with and got some other password from different locations that I haven't seen before. I see some other list that people have uploaded and google one you talked about. Those were short and useless to me . The list I put together are from 8-32 characters long. but thanks for the feedback.


Nothing personal Malachai...

But I see little value in using a file that large. Once you get past the usual suspects, and the next 30%, you are into a list of one-offs...passes used only once by one individual who just happened to get swept up in a hack...

While you can use statistical data to look at 'trends' and develop ways to 'fudge' the list to boost your success...Just smashing all the lists you can find together and running i through uniq is going to give you a list that will take many days, and many kilowatt hours, to go through...

I have ended up having a series of graduated lists...The usual suspects in the Rockyou and darkc0de lists...a area/target specific telephone list made with crunch, and a CEWL pull from the targets website/file names.

After that...I have had *ZERO* success when deciding to just 'throw the kitchen sink' at some target...Not once have my week long runs on 'the big list' yielded success. Not once...

Just something to think about friend...

BTW, Google allows for 15gb of storage on each Google Drive account...free...As long as you are not trying to make it a Google Doc, and you are willing to pay...5TB is the limit...;)
** Dont' judge me! **

*//
  Hope that Firewall works because your SCREWED  
  //*

Offline ch3rn0byl

  • Top Hat Member
  • Experienced
  • ********
  • Posts: 186
  • Internets: +1337/-0
  • Grumpy Old Man with Mounds of Salt
Re: Password File
« Reply #4 on: April 23, 2017, 05:23:45 AM »
After months years of working late hours coming home and going to bed.

You had misspelled years...

I have cleaned up and finished a 15 gig password file.

Making a password list is a chore???? hehe

So this is that mystical beast you been speaking of for ages...
Also, I agree with gman
The quieter you become, the more you are unlikely to sound stupid.

Offline Amonsec

  • Top Hat Member
  • Prospect
  • ********
  • Posts: 48
  • Internets: +36/-0
  • 1336 working to become 1337
Re: Password File
« Reply #5 on: April 24, 2017, 01:41:28 AM »
That's can be useful to have a 15 GB word list if you have a super computer with multiple Nvidia's GPU...

However, in my little experience, social engineering and password profiling is much more pay full and discreet. I don't really want to see the size of the error log's file after a brute force attack with this kind of word list.

Otherwise, that can probably help you to host your fat file: https://git-lfs.github.com/
"A computer is only as good as it's user" - R4V3N
OSCP (2017)

Offline H4v0K

  • Administrator
  • Elite
  • *****
  • Posts: 1019
  • Internets: +986/-1
Re: Password File
« Reply #6 on: April 24, 2017, 03:02:45 PM »
That's can be useful to have a 15 GB word list if you have a super computer with multiple Nvidia's GPU...

I have 60 gigs of collected wordlist. It only takes about 10 - 20 min to run through them all with hashcat... , Maybe my computer is super :o

Offline Luke

  • Top Hat Member
  • Prospect
  • ********
  • Posts: 9
  • Internets: +2/-0
Re: Password File
« Reply #7 on: April 24, 2017, 03:17:33 PM »
Havok, don't be shy and show us your 6gpu monstrum haha
twitter @luke_ths

Offline H4v0K

  • Administrator
  • Elite
  • *****
  • Posts: 1019
  • Internets: +986/-1
Re: Password File
« Reply #8 on: April 24, 2017, 03:31:14 PM »
Havok, don't be shy and show us your 6gpu monstrum haha

I only have 4 GPUs in my old machine now im only running 2 , but i might benchmark these cards and post it

Offline Gingerbread Man

  • *High Tech Low-life*
  • Administrator
  • Elite
  • *****
  • Posts: 932
  • Internets: +93/-0
Re: Password File
« Reply #9 on: April 24, 2017, 06:40:27 PM »
I have 60 gigs of collected wordlist. It only takes about 10 - 20 min to run through them all with hashcat... , Maybe my computer is super :o

*COUGH* Humble brag *COUGH* *COUGH*

 8) 1337

Offline H4v0K

  • Administrator
  • Elite
  • *****
  • Posts: 1019
  • Internets: +986/-1
Re: Password File
« Reply #10 on: April 25, 2017, 06:08:55 AM »
I have 60 gigs of collected wordlist. It only takes about 10 - 20 min to run through them all with hashcat... , Maybe my computer is super :o

*COUGH* Humble brag *COUGH* *COUGH*

8) 1337

Lol

 These new GTX cards are just badass . even one card blazes through hashes.
 I posted an update on some benchmarks, 2 1080 TI cards are faster and use less power than 4 980s.

http://forum.top-hat-sec.com/index.php?topic=5196.0


Offline Malachai

  • Top Hat Member
  • Super Elite
  • ********
  • Posts: 2800
  • Internets: +18/-7
  • #!/bin/sh Day/Night (Grey Hat)
Re: Password File
« Reply #11 on: May 03, 2017, 09:41:05 PM »
I seen you rig and love it. How long did it take you to build that? I kind of figure having a large file is good and bad. But some of you are right trying to brute force with such a large file is not good. it was just a thought i had in case some of you needed new password.

I would really like to get back on cracking hashes something getting new hash just make me  ::)...  Need to find a good site or tutorial on how to build a rig like yours.
** Dont' judge me! **

*//
  Hope that Firewall works because your SCREWED  
  //*

Offline H4v0K

  • Administrator
  • Elite
  • *****
  • Posts: 1019
  • Internets: +986/-1
Re: Password File
« Reply #12 on: May 04, 2017, 02:06:21 PM »
Need to find a good site or tutorial on how to build a rig like yours.
No need for a tutorial . All you need is some good GPUs , or even just one  1080 TI.

Offline c0ldg0ld

  • Si Vis Pacem, Para Bellum
  • Global Moderator
  • Elite
  • *****
  • Posts: 526
  • Internets: +34/-0
    • Public Key
Re: Password File
« Reply #13 on: June 14, 2017, 06:18:28 AM »
How many "dormant" GPU are you up to these days?  You needa ebay that stuff to fund your next build :P
rm -rf /bin/laden

Time is an illusion. Lunchtime doubly so.


Public Key

Offline H4v0K

  • Administrator
  • Elite
  • *****
  • Posts: 1019
  • Internets: +986/-1
Re: Password File
« Reply #14 on: June 16, 2017, 02:52:42 PM »
How many "dormant" GPU are you up to these days?  You needa ebay that stuff to fund your next build :P
I think i have about 12 laying around . but i just built a new machine so no need to ebay stuff. a real hoarder don't ebay :P