- Check if password is empty.
- Check if password is equal to the username.
- For system (or application) provided accounts, use the Google to find default passwords provided by manufacturers’, and test them against these accounts on your system(s).
- Check if password is in the custom assembled corporate dictionary.
- Check if password is in the selected language’s dictionary. (see: https://eikonal.wordpress.com/2010/03/29/default-passwords/)
- Check if password is a dictionary word + one digit.
- Check if password is an 311tized word.
- Is password the concatenation of multiple words.
- Check in the database of precomputed password hashes.
- Desperate measure: brute force cracking.
2010.07.13
Stages of checking password crackability
2010.03.29
Default passwords, wordlist and Rainbow tables
Default password lists:
- 3890 Default Passwords for thousands of systems from 594 vendors (Art of Hacking) – http://artofhacking.com/etc/passwd.htm
- http://cirt.net/passwords
- Skull Security: http://www.skullsecurity.org/wiki/index.php/Passwords
- Default Password list for common applications/devices: http://www.phenoelit-us.org/dpl/dpl.html
Word lists and dictionaries:
- UNIQPASS – large password list – http://dazzlepod.com/uniqpass/ | txt file: http://dazzlepod.com/site_media/txt/passwords.txt | http://dazzlepod.com/site_media/txt/uniqpass_preview.txt
- UNIQPASS is large password list useful for use with John the Ripper (JtR) wordlist mode to translate even more hashes into cleartext passwords. While we have had good success rate with our standard password list passwords.txt, we realized the list can be made more useful and relevant if we include commonly used passwords from the recently leaked databases belonging to large websites. As a result, we have compiled millions of unique passwords into UNIQPASS.
- Kevin’s Word Lists: http://wordlist.sourceforge.net/
- http://trac.kismac-ng.org/wiki/wordlists
- Openwall wordlists collection: http://ftp.sunet.se/pub/security/tools/net/Openwall/wordlists/
- ftp://ftp.ox.ac.uk/pub/wordlists/
- http://gdataonline.com/downloads/GDict/
- ftp://ftp.openwall.com/pub/wordlists/
- ftp://ftp.cerias.purdue.edu/pub/dict/
- http://www.indianz.ch/tools/doc/wordlist.zip
- http://www.outpost9.com/files/WordLists.html
- ftp://ftp.openwall.com/pub/wordlists/passwords/
- English and French: https://www.securinfos.info/wordlists_dictionnaires.php
- ftp://ftp.ox.ac.uk/pub/wordlists/
- http://www.lostpassword.com/f/wl/bigdict.zip
- http://www.lostpassword.com/f/wl/French.zip
- http://www.lostpassword.com/f/wl/Spanish.zip
- http://www.lostpassword.com/f/wl/German.zip
- http://www.vulnerabilityassessment.co.uk/passwords.htm
- http://packetstormsecurity.org/Crackers/wordlists/
- http://www.ai.uga.edu/ftplib/natural-language/moby/
- Cotse has possibly one of the largest collections of word lists (including French):
- Various language dictionaries at: http://www.openwall.com/mirrors/
Rainbow tables
- WPA-PSK Rainbow tables: http://www.renderlab.net/projects/WPA-tables/
- Ophcrack tables – http://ophcrack.sourceforge.net/tables.php [FREE + COMMERCIAL]
- Free Rainbow Tables – http://www.freerainbowtables.com/ [FREE]
- RainbowCrack – http://project-rainbowcrack.com/buy.php [COMMERCIAL]
- blog post: “Excellent Rainbow Tables Service” by John Strand – http://pauldotcom.com/2010/08/excellent-rainbow-tables-servi.html
- WPA Rainbow Tables (2010.02.12) – http://www.security-database.com/toolswatch/WPA-Rainbow-Tables-Offensive.html
Related here: John the Ripper – https://eikonal.wordpress.com/2010/05/25/john-the-ripper/