0% found this document useful (0 votes)
49 views4 pages

Advanced Cracking Techniques, Part 1 Custom Dicti

This document discusses techniques for creating custom dictionaries to crack passwords. It explains that people often reuse old passwords, so a dictionary targeting things like phone numbers from a specific area code could crack passwords more efficiently than a random dictionary. The document provides Python code to generate a dictionary of 10-digit numbers starting with a given area code. This targeted approach reduces the number of possible passwords to try from billions to millions.

Uploaded by

Bhaskar Lal Das
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
0% found this document useful (0 votes)
49 views4 pages

Advanced Cracking Techniques, Part 1 Custom Dicti

This document discusses techniques for creating custom dictionaries to crack passwords. It explains that people often reuse old passwords, so a dictionary targeting things like phone numbers from a specific area code could crack passwords more efficiently than a random dictionary. The document provides Python code to generate a dictionary of 10-digit numbers starting with a given area code. This targeted approach reduces the number of possible passwords to try from billions to millions.

Uploaded by

Bhaskar Lal Das
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 4

NULL BYTE

NEWS

Advanced Cracking Techniques, Part 1:


Custom Dictionaries
BY ALEX LONG  01/21/2012 1:27 AM

H ow did it happen? How did your ultra-secure WPA password on your wireless network get
broken into? Well, you might have just found yourself at the mercy of a cracker.

Crackers are malicious computer users who specialize in breaking into things. Whether it be
passwords, logins, encryption, or whatever they choose, they are the masters of breaking into
it.

What makes a cracker so special that they can crack passwords better than the next guy? A
strong password is a strong password. If you have a 12-character password made up of some
funky word that doesn't exist, then how could this be broken? On the average GPU, cracking a
12-character MD5 hash would be something you'd be sitting around waiting on for a while.

The truth is, it's just a person using their head, coupled with the utilization of a little bit more
math than the last guy. Math and probablity is the name of the game when it comes to intense
cracking. Today's Null Byte is going to demonstrate how to make custom tailored dictionaries
to crack passwords that would otherwise be unattainable.
Requirements
Requirements
A program to crack passwords with, preferably Hashcat
Python installed on your computer, or a similar programming language (you could even
use a BASH script if you know how)

Custom Dictionary Cracking


First, let's dive into advanced dictionary cracking techniques. For our specific example, we will
be using WPA passwords. The only feasable way to crack a WPA password is via a dictionary,
due to the time it takes to compute the hash.

In order to play on this and make the best dictionary possible, we need to look at some facts.

WEP passwords used to have a minimum requirement of 10 characters, which is perfect


for a phone number. That also makes a fairly complex password (in most cases), so
people feel secure.
People hate changing passwords. When WPA came around, people likely recycled thier
phone number password from WEP, resulting in most using their phone numbers again.

To exploit this, a great technique would be to create a dictionary using only 10 digit phone
numbers. Normally, this would be a huge dictionary, but let's use our brains.

The beginning 3 digits to every word in the dictionary should be your state's area code used at
the beginning of a phone number. This is just pure logic. It will whittle an impossibly hard
password down from the realm of impossible to possible. This means you are only processing
1,000,000 numbers, as opposed to 9,999,999,999. If the network is tricky, you could try
adding "1" to the beginning of each word, which is the country code for the USA.

Python Phone Dictionary Maker

Here is some code I made to quickly create a dictionary tailored for what we need. Just replace
the 000 next to the area code with yours:

f = open('dict.txt', 'w')
areacode = 000
number = 1000000

while number != 9999999:


number = number+1
f.write(str(areacode)+str(number)+'\n')
print 'Done.'
Wow! It's really that easy. This dictionary will only take a few seconds to make, and run
through. Sounds a lot better than running the hash through 10 billion words, doesn't it? Keep
an eye out for the next Byte, where will will go over the special techniques involved in making
an incredibly efficient bruteforce list.

Want more Null Byte?

Post to the forums


Chat on IRC
Follow on Twitter
Circle on Google+

Want to start making money as a white hat hacker? Jump-start your white-hat hacking career
with our 2020 Premium Ethical Hacking Certification Training Bundle from the new Null Byte
Shop and get over 60 hours of training from ethical hacking professionals.

Buy Now (96% off) >

Image via maximumpc

Our Best Hacking & Security Guides


New Null Byte posts — delivered straight to your inbox.

Your Email

 SUBSCRIBE NOW

WonderHowTo.com About Us Terms of Use Privacy Policy

Don't Miss:
New iOS 13 Features — The 200+ Best, Hidden & Most Exciting New Changes for iPhone
20+ Features in iOS 13's Safari You Don't Want to Miss
31 New Features for Camera & Photos in iOS 13
22 New Features in iOS 13's Mail App to Help You Master the Art of the Email
How to Request Desktop or Mobile Web Pages in iOS 13
iOS 13 Changes How to Edit & Select Text, Move Selections, & Place the Cursor
How to Change Your iMessage Profile Picture & Display Name in iOS 13

By using this site you acknowledge and agree to our terms of use & privacy policy.
We do not sell personal information to 3rd parties.

You might also like