NETGEARXX wordlist 1.08

Thanks. This dictionary works very good for me as I'm sure it will for others, found some more matches tested against this list...

Saves days & days of time over fiddling with WPS reaver sessions, signal drifting in and out having to stop and start etc.

Took less than 5 minutes to find the correct passphrase for a captured handshake in Elcomsoft WSA. It would have taken several days with reaver to achieve the same result, because all NETGEARXX boxes need a -d 10 parameter, any less than 10 seconds delay between pin attempts on NETGEARXX WPS trips a lockout. I discovered that one by trial and error. ;-)

And for those NETGEARXX boxes with a firmware update to guard against such reaver attacks, the lockout is permanent until reset, which is quite silly in hindsight as it leads to an inadvertent DOS attack on the box affecting legit users trying to register with a genuine pin, but they now can't because the box is locked from someone else DOS'ing the WPS pin facility constantly every time the box is reset, continually tossing incorrect pins with reaver for a never ending lockout loop, So this heavy handed approach of the firmware, just creates a potential DOS attack by mistake, oops.

This dictionary will get around that "little" reaver lockout problem...

The only downside to WPA handshaking and dictionary, is if the default password has been changed to begin with, then dic will draw a blank and only Reaver will come to your rescue and save the day, and also reveal the pin code at the same time in case the password is changed later.

However that being said, this is a high quality list which saves a bunch of time, and has a very high success rate against the many NETGEARXX boxes floating around, thanks again for this useful resource.

Just need to find one now for NETGEAR DG834's (without the numbers at the end of SSID). The passwords for those are even more simple than NETGEARXX ones (1 lower case word + 2 numeric characters, or sometimes all 8 char uppercase HEX)

 

Gd, Gd,..We are all here to learn, even the ones who think they know everything already.

And everybody likes something that is going to save them days of time, because it's no secret
reaver is dog slow at times, not every box can do rapid pins without tripping a lockout or
having a fit when the conditions turn bad.

Knowledge is power as they say...

Well I suppose that takes care of all NETGEARXX's, and the lazy people who don't bother to
change the password on them...A very useful resource and high quality list posted hence the Winner award.

 

Hmm I'm not getting the file from filesmack anyway you could put it up elsewhere? Thanks adamic

 

Thanks for responding so fast. I'm using torch so I'll try a different browser.

--- Double Post Merged, 6 Jun 2014 ---

Worked in IE thanks Demosthenes, much appreciated.

 

I've just had a revelation come to me for this dictionary, sat pondering on a Sunday afternoon. And it may save you some time and work Demosthenes in return.

Since all NETGEARXX default passwords are composed of Adjective+Noun+3 digit decimal, why not just make a dictionary composed of all adjectives+nouns+all 0-999 combinations.

That way, every "new" possible NETGEARXX password is covered, and there is no need to keep "adding" words to the list like "icyocean536" which wasn't in the dic until added wasting time since every adjective+noun+number combos there can ever possibly be is always covered every time with this method !

So in effect the dictionary is COMPLETE and correct, and will ALWAYS find the key, because it always has all nouns and adjectives + number combos.

I wouldn't know the resulting size of this compilation, or even where to find a complete list of nouns and adjectives, but plain .txt files compress pretty well these days, and HD's are large enough...

 

Thanks.

 

Your wordlists are godlike and its about time someone did it. Thank you so much and millions owe you a debt of gratitude, should they search hard enough to find this post. Please if you can, I request one thing / recommend or tell me the command to type into crunch or w/e combination of programs to generate it myself.
-The same wordlists or a dictionary with 4 digits at the end 0000-9999 and the first letter for the words capitalized.
These are most common also in my location names or whatever with 4 digits at the end like a year for example (Joesmith1976) etc
In fact in my opinion most man made passwords are names or a phrase followed by numbers or phone numbers specific for the area. ex (9171234567) etc

These wordlists if compiled and spread throughout the community I guarantee would open alot of uncracked .cap files.
Last example the wordlist containing 8 digits is 100% on the money most routers now sold are 8 digit numbers as the key. So those lists will save days of churning through lists that do not contain nothing near what the routers use. Research the target the first digits of the mac address of the router you can google and identify your router or target router. Based upon that you can find now search again and see a rough idea of what the format of the default passwords are on that particular model of router. Any way just want to pass on my knowledge to others. And continue to grow and learn more and more.

 

Yes this resource is still is a very "godlike" thing to have. Any updates to this NETGEAR list recently since it was posted last year ?

I think the gist of compiling dictionaries is "know thy target". The chances of finding it decrease proportionally the more you use. A big list is not necessarily a quality list, it could have foreign language passwords and other garbage which is useless and are no use to you in your country.

Your just wasting electricity unless you shorten the odds and target effectively.

If thy wifi owning neighbour is big a barcelona football team fan, then you start off your dictionary putting barcelona players names in etc. For generic targets you may increase your chances of success by using stolen/leaked password sets, because for those people who use the SAME password for everything and have ever had a linkedin, facebook, yahoo, myspace or gaming account and didn't bother to change their passord, all those have been leaked at one time or another.

It's also my experience that most ppl are just lazy/stupid and use a word + numbers for passwords, or their 11 digit mobile phone numbers, because no one wants the hassle of remembering a complicated password (human nature to choose the minimalistic path that requires the least work to get the job done).

Just by adding a few capitals and symbols into your password, you can lessen the chances of your key ever being found because they won't be in the dictionaries.

 

I have a few NETGEARXX captures here that did not match anything from the Netgear word list compiled by Demothenes. In an effort to reduce my backlog and also help the community here, I am going to work on finding new verified adjectives and nouns. I would appreciate anyone who can help me in one of two ways:

1. Let me know of any new and verified adjectives and nouns from a NETGEARXX router that is not in the current list
OR
2. Post your undiscovered NETGEARXX captures so that I can run them through new adjectives and nouns and hopefully get some results back.

I will be working on this for a week or so and will upload the new word list after I am done.

 

Thanks. I think some of them may already be in the existing list but I will make sure that the missing ones are added.

 

I was attempting to upload a NETGEARXX capture, not mimic thee. The file may need cleaned. Thanks

 

Thanks for being the first to upload a NETGEARXX capture. The WPA key is below:

NETGEAR22:28c68eba9f32:cc95d7219759:freshpotato787

Here are the latest NETGEARXX word lists. Additional words were found with the help from the users here, other forums, and me going through new nouns and verbs. Special thanks to shaberu, @Demosthenes, and others who had worked and contributed to this word list. As it stands now, it is around 95% effective (for me) at discovering the password. I only have one NETGEARXX capture left which I could not find the password; and for all I know, it might have been changed from the default.

You can download the latest NETGEARXX word lists

Included in the archive are 5 files:
adjective.txt - all the verified adjectives
noun.txt - all the verified nouns
adjective_noun.txt - combinations of the adjectives + nouns
adjective_noun_1digit.txt - combinations of the adjectives + nouns + 1 digit
adjective_noun_3digit.txt - combinations of the adjectives + nouns + 3 digits

I did correct what I believe are errors from the previous word lists:
cleaver - this is not a noun and highly likely 'clever' was mispelled so I removed it as 'clever' is already present
thristy - fixed spelling to 'thirsty'
wilde - this is not a noun and highly likely 'wild' was mispelled so I removed it as 'wild' is already present

If you have a NETGEARXX capture that could not be solved with this list, please upload the capture so that I can test it with new adjectives and nouns.

 

this one