Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAO4xLNAAouGWFfGomX1EwiweapdCDv0fgX49hRmp5Np-b_QAAw@mail.gmail.com>
Date: Wed, 5 Sep 2018 17:42:41 +0200
From: сергей крицкий <krytskysergiy@...il.com>
To: john-users@...ts.openwall.com
Subject: Re: Questions regarding WPA Password audit

as i know according statistics about 20% password have 8-10 numbers
digit(tel no or burn date etc.)
remained use number mixed with small letter and around 10% pass it is
hexadecimal numbers.
Chinese modem very popular default pass hexadecimal numbers together with
normal letter
 (half password content as default) and/or capital or mixed (small)letter
together with normal numbers.
as usually 8-10 digit .is usually have on default pass list and easy
generate.
please be informed about false negative respond during scan from beta
software version or AMD video card and large wrong positive
validity state hashed pass(cap file -incomplete hash or damaged but is
wrong look like good).
many wpa word list in internet has large amount pass who cannot accepted
for AP and
only waste computation time.
according all this observation i recommend use EWSA soft  and nvidia on xp
os or android os.
luck


ср, 5 сент. 2018 г. в 10:34, JohnyKrekan <krekan@...nykrekan.com>:

> Hello, I would like to ask questions regarding WPA password strength audit.
> 1. What steps or how many password you would try against a single WPA-PSK
> hash to mark this hash "strong enough" when your search will not find the
> right one.
> my test consist of following steps:
> 1. All 8+ words from lcommon languages.
> 2. Two well known WPA wordlists which can be downloaded as torrent (approx
> 13 gb in size - see
> https://forums.hak5.org/topic/29308-13gb-44gb-compressed-wpa-wpa2-word-list-982963904-words/
> 3. All 8 digit numbers (I have found that many routers use 8 digit decimal
> numbers)
> 4. Slovakian (my nation) wordlist using password mutation rules (like
> adding numbers, changing cases, also I use those rules on common English
> wordlist...)
> The mentioned rules are generating about 600 derived password from each
> word.
> After passing these steps with no success, the password is considered "not
> so weak".
> Questions:
> 1. What other steps would you recommend to add to this password audit
> process?
> 2. Have you encountered that 8 or 10 character hexadecimal numbers are
> used as WPA passwords? If yes what is the character case? Small or capital?
> Thanx for any suggestions.
> Johny Krekan

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.