NETGEARXX wordlist 1.08

Extremely effective WPA default wordlist

  1. alltsbb

    alltsbb Well-Known Member
    VIP

    Joined:
    5 Feb 2015
    Messages:
    87
    Likes Received:
    76
    I have to use bootcamp drivers, the R9 M370X is technically an OS X graphics card and it therefore not compatible with Catalyst so it gives me some stupid driver errors. The other problem is that it passes over cracked hashes and I don't know how to fix that.
     
    • Like Like x 1
  2. gearjunkie

    gearjunkie Well-Known Member
    VIP

    Joined:
    28 Aug 2014
    Messages:
    454
    Likes Received:
    481
    The issue with missing cracked hashes could be from the using wpaclean or when converting over to the hccap format. When there are multiple handshakes present in the capture, it is possible the wrong one was used.
     
    #182 gearjunkie, 23 Aug 2015
    Last edited: 31 Aug 2015
    • Like Like x 1
  3. mezcalsonique

    mezcalsonique Active Member

    Joined:
    11 Jul 2014
    Messages:
    25
    Likes Received:
    25
    Hi gearjunkie,

    Very sorry for the delay in replying - I've been away & for some reason I didn't get my usual email notification of a reply to this thread...

    I really appreciate the time you took in checking those capture files for me.

    While manipulating your wordlists in Linux for another project I was getting some strange results using sed, et al. until I realised I had to re-save them (using gedit) with the 'line encoding' option set to 'Unix/Linux' format; not 'Windows' format.

    After I did that I re-ran the NETGEAR47 capture & got the same result you posted. I'm not sure if this was why it worked this time around; maybe it was just one of those things (or more likely I messed up something else on my end). It is worth noting though that some of the *nix text manipulation tools may not work correctly with word lists created/saved in Windows...

    With regard to the third capture, have you come across many using adjective, noun, 2digits? Just thinking if it is worthwhile using that for my unresolved captures.

    Please let me know if I can help in any way on this or future projects.

    Have a great week,

    mez
     
    #183 mezcalsonique, 24 Aug 2015
    Last edited: 24 Aug 2015
    • Like Like x 1
  4. lakshan

    lakshan Member

    Joined:
    26 Aug 2015
    Messages:
    1
    Likes Received:
    1
    Can anyone find for this file
     
    • Like Like x 1
  5. mezcalsonique

    mezcalsonique Active Member

    Joined:
    11 Jul 2014
    Messages:
    25
    Likes Received:
    25
    To gearjunkie & alltsbb et al.

    I'm soon to setup a desktop computer & looking for good advice with regard to graphics cards & GPU cracking. Can you recommend a good site or specific cards that are worth looking at? I don't want to break the bank as I won't be gaming (much!) & will be mainly running Debian linux plus Windows of course. I started pen testing wifi only twelve months ago on a little Toshiba NB10 netbook & look forward to finally being able to use GPU-capable auditing tools!

    Thanks in advance,

    mez
     
    • Like Like x 1
  6. gearjunkie

    gearjunkie Well-Known Member
    VIP

    Joined:
    28 Aug 2014
    Messages:
    454
    Likes Received:
    481
    I have not encountered any issues with word lists created in either Linux or Windows. Both works fine with Hashcat and John because they automatically strip out the CR or CRLF at the end.

    I do not remember ever coming across one that ends with only 2 digits. Its not worth trying it out unless you have absolutely nothing else to try.

    Thanks for offering your help. I will let you know if anything comes up.
     
    • Like Like x 1
  7. Demosthenes

    Demosthenes Well-Known Member
    VIP

    Joined:
    16 Apr 2014
    Messages:
    83
    Likes Received:
    53
    I always run them adj+noun 0to999. I created a rule for EWSA that works with hybrid attack that does just that. If anyone would like it let me know and I will post it.
     
    • Like Like x 1
  8. gearjunkie

    gearjunkie Well-Known Member
    VIP

    Joined:
    28 Aug 2014
    Messages:
    454
    Likes Received:
    481
    Demosthenes, have you by any chance encountered an adj+noun+2 digits password from a NETGEARxx router?
    --- Double Post Merged, 27 Aug 2015, Original Post Date: 27 Aug 2015 ---
    I would check out the Hashcat forums for GPU comparisons. Your best options will depend on how much you are willing to spend for the card, electricity. and fan noise tolerance.
     
    • Like Like x 1
  9. pikachusbutt

    pikachusbutt Guest

    Hi i just used your wordlist and kept coming up with 1000 rejected so i checked it out and found the word thoughtfumintl000 mispelled . L got pushed to the end on all 1000 thoughtfulmint. thanks for making this, i started to then googled to see if anyone else had, didn't want to do all that work.
     
    • Like Like x 1
  10. gearjunkie

    gearjunkie Well-Known Member
    VIP

    Joined:
    28 Aug 2014
    Messages:
    454
    Likes Received:
    481
    I just checked my NETGEARXX wordlist and the mispelling is not there. The words are joint together using ULM so I do not see how this could have happened. Did you download the word list from here?
     
    • Like Like x 1
  11. Demosthenes

    Demosthenes Well-Known Member
    VIP

    Joined:
    16 Apr 2014
    Messages:
    83
    Likes Received:
    53
    Yes I have, but only a couple times.
     
    • Like Like x 1
  12. pikachusbutt

    pikachusbutt Guest

    I did download it from here. The misspelled thoughtfulmintXXX was at the end of the T's after thoughfulzooXXX in mine. Could have happened at my end too, seen weirder things happen. After correcting my list i still get the 1000 rejected though right around 85% done in oclHashcat. Could not find any other errors here so i do not know.
     
    • Like Like x 1
  13. gearjunkie

    gearjunkie Well-Known Member
    VIP

    Joined:
    28 Aug 2014
    Messages:
    454
    Likes Received:
    481
    Mine shows tinyzooxxx after thoughtfulzooxxx. Searching through the whole files does not find the misspelled word. Tell me which file has the mistake and the line it is on. That will confirm whether you have the same file as the one here.
     
    • Like Like x 1
  14. pikachusbutt

    pikachusbutt Guest

    Hi I just re-downloaded the file NETGEARXXX Wordlist.zip from the link, at the start of this post, to Kali and unzipped it then opened with gedit, scrolled down to the thoughtfumintlXXX starting on line 6136001 to 6137001 on mine. L is still at the end.
    Do you think this is all the netgear words? I bet my neighbors i could crack their passwords and i got 6 of 11 so far but the netgear alludes me. She may have changed passphrase. grrrr Hate losing bets. Thanks again gearjunkie.
     
    • Like Like x 1
  15. gearjunkie

    gearjunkie Well-Known Member
    VIP

    Joined:
    28 Aug 2014
    Messages:
    454
    Likes Received:
    481
    You must have the much older version from Demosthenes :) Get the latest one by clicking on the green button at the top right with the words "Download Now via External Site".

    I am sure this is not all the netgear words. I believe Netgear comes up with more over time. The latest list has quite a few more passwords so try it out and see if you find your password in it. Remember to try both the adjective_noun_1d.txt and adjective_noun_3d.txt.
     
    #195 gearjunkie, 30 Aug 2015
    Last edited: 30 Aug 2015
    • Like Like x 1
    • Friendly Friendly x 1
  16. mezcalsonique

    mezcalsonique Active Member

    Joined:
    11 Jul 2014
    Messages:
    25
    Likes Received:
    25
    Cheers mate, good to know. Thanks for everything :)
    --- Double Post Merged, 30 Aug 2015, Original Post Date: 30 Aug 2015 ---
    Appreciate the feedback; checking out the Hashcat forums right now :)
     
    • Like Like x 1
  17. pikachusbutt

    pikachusbutt Guest

    Thanks, i did have an older version, got the newer one, ran great, but still no luck. Its a Netgear R7000 i am working on.
     
    • Like Like x 1
  18. gearjunkie

    gearjunkie Well-Known Member
    VIP

    Joined:
    28 Aug 2014
    Messages:
    454
    Likes Received:
    481
    You can post the capture here and I will test it against the huge adjective-noun word list when I get the chance. Alternative, you can download the huge adjective-noun word list (the link is somewhere in this thread), add in the digits, and then try and see if you get a hit.
     
    • Like Like x 1
  19. olsib

    olsib Active Member

    Joined:
    24 Apr 2015
    Messages:
    5
    Likes Received:
    5
    i found this script recomended by a friend and hi says that works on netgearxx but honestly for me is not working for nothing,
    anyway if someone is interested here is a video tutorial how to,
    is not made by me,am just a user
    Watch this video on YouTube.
     
    #199 olsib, 6 Sep 2015
    Last edited: 6 Sep 2015
    • Like Like x 1
  20. onlineofer

    onlineofer Well-Known Member

    Joined:
    24 Aug 2015
    Messages:
    2
    Likes Received:
    2
    Hey help me please. I'm from MÉXICO i think this word list no works because is in English, and here speak spanish, I tried but something was wrong. Attached the handshake here. I hope GearJunkie can:nailbiting::nailbiting::nailbiting::nailbiting:
     

    Attached Files:

    • Like Like x 1

Share This Page

Loading...