NETGEARXX wordlist 1.08

Extremely effective WPA default wordlist

  1. chunkylover2500

    chunkylover2500 Active Member

    Joined:
    9 Dec 2019
    Messages:
    23
    Likes Received:
    22
    I found 2 arris passwords formalhall690 and superpoetry630
     
    • Like Like x 2
    • Agree Agree x 1
  2. sam smith

    sam smith Well-Known Member

    Joined:
    14 Aug 2013
    Messages:
    20
    Likes Received:
    6
    could you try this one for me, thanks so much.
     
  3. Ntrain2k

    Ntrain2k Well-Known Member

    Joined:
    31 Oct 2012
    Messages:
    46
    Likes Received:
    15
    No luck with my wordlist.

    Try posting it here:

    Login or Signup to view links / downloads

    Make sure you fill this out when you do:

    ESSID:
    BSSID:
    Known Default Mask:
    Country Of Origin:
    Attempts already made:
     
  4. petrovivo1234

    petrovivo1234 Well-Known Member

    Joined:
    19 May 2018
    Messages:
    61
    Likes Received:
    61
    7cdb988dc865:fcd8489cd620:MySpectrumWiFi67-2G:mobileturtle354
     
    • Like Like x 3
  5. Garry Andrew

    Garry Andrew Active Member

    Joined:
    31 Jul 2012
    Messages:
    31
    Likes Received:
    11
    Hello everybody. Discovered that Netgear has a relatively new alias. Especially when it comes to their default essid. In case you dont know Netgear is using the name ORBI instead of Netgear in some of its default ESSID's. Therefore instead of finding say NETGEAR75, you might find ORBI75. I will upload some interesting pictures. Feel free to collect ORBI compliance labels from the regular sites and post the info here if its not in the V1.08 list.

    Note the ORBI series is advertised as satellite series. This just means the system has multiple wifi receivers. The word satellite does not refer to the ones spinning round the earth.

    Now if you have ORBI in your essid list, run the wordlist, as ORBI is Netgear!

    Enjoy !

    Garry
     

    Attached Files:

    • Like Like x 2
  6. kn0w1

    kn0w1 Well-Known Member

    Joined:
    16 Dec 2018
    Messages:
    18
    Likes Received:
    13
    Thank you so much for the advice and help. Ill check out that ULM - sounds killer. Thats awesome to clarify the askey models - In my recon Ive noticed several of those askeys in the same " group" with sagecom charters. Been using the same attack against all. Im gonna upload a few Ive had no luck with. I started collecting pcaps and tryin to break those, but have had more luck with the pmkid. Ill post the ones I been successful on, should I upload the POTFILE only or do you need ESSID info too? Thanks again
    --- Double Post Merged, 1 Jun 2020 at 9:54 AM ---
    AWESOME - thank you for those pics. Ive located one if those - cloaked.. These are great - thanx !
    --- Double Post Merged, 1 Jun 2020 at 10:09 AM ---
    Here are just a few charter wifi caps i havent been able to crack - mycharterwifi3g - which has two MACs - 2 devices..-
    one beginning 1C: - charter supplied sagecom gateway - the other CC: Netgear. These might be messy - I can recap if necessary. I have pmkids I can post as well, those Ive had success with, see below.
    Heres the ones Ive cracked - using netgearkiller or rockyou, with hashcat64.exe -m 16800 -a 6 -w 4 0222.hccapx NetgearKiller.dict ?d?d etc.
     

    Attached Files:

    • Like Like x 1
  7. Ntrain2k

    Ntrain2k Well-Known Member

    Joined:
    31 Oct 2012
    Messages:
    46
    Likes Received:
    15
    I got one of them to pop. Something wrong with the attached pcap.

    1cb04477f63a:64166640884b:MySpectrumWiFi3c-2G:watchglobal570
    1cb04477f63a:64166640884b:MySpectrumWiFi3c-2G:watchglobal570
    1cb04477f63a:64166640884b:MySpectrumWiFi3c-2G:watchglobal570
    1cb04477f63a:64166640884b:MySpectrumWiFi3c-2G:watchglobal570
    1cb04477f63a:64166640884b:MySpectrumWiFi3c-2G:watchglobal570
    1cb04477f63a:64166640884b:MySpectrumWiFi3c-2G:watchglobal570
    1cb04477f63a:18b430f4b5ee:MySpectrumWiFi3c-2G:watchglobal570
    1cb04477f63a:64166640884b:MySpectrumWiFi3c-2G:watchglobal570
    1cb04477f63a:64166640884b:MySpectrumWiFi3c-2G:watchglobal570
    1cb04477f63a:64166640884b:MySpectrumWiFi3c-2G:watchglobal570
    1cb04477f63a:64166640884b:MySpectrumWiFi3c-2G:watchglobal570
    1cb04477f63a:18b430f4b5ee:MySpectrumWiFi3c-2G:watchglobal570
    1cb04477f63a:64166640884b:MySpectrumWiFi3c-2G:watchglobal570
    1cb04477f63a:64166640884b:MySpectrumWiFi3c-2G:watchglobal570
    1cb04477f63a:64166640884b:MySpectrumWiFi3c-2G:watchglobal570
    1cb04477f63a:18b430f4b5ee:MySpectrumWiFi3c-2G:watchglobal570
    1cb04477f63a:18b430f4b5ee:MySpectrumWiFi3c-2G:watchglobal570
    1cb04477f63a:64166640884b:MySpectrumWiFi3c-2G:watchglobal570
    1cb04477f63a:64166640884b:MySpectrumWiFi3c-2G:watchglobal570
    1cb04477f63a:64166640884b:MySpectrumWiFi3c-2G:watchglobal570
    1cb04477f63a:18b430f4b5ee:MySpectrumWiFi3c-2G:watchglobal570
    1cb04477f63a:64166640884b:MySpectrumWiFi3c-2G:watchglobal570
    1cb04477f63a:64166640884b:MySpectrumWiFi3c-2G:watchglobal570
    1cb04477f63a:64166640884b:MySpectrumWiFi3c-2G:watchglobal570
    1cb04477f63a:64166640884b:MySpectrumWiFi3c-2G:watchglobal570
    1cb04477f63a:64166640884b:MySpectrumWiFi3c-2G:watchglobal570
    1cb04477f63a:18b430f4b5ee:MySpectrumWiFi3c-2G:watchglobal570
    1cb04477f63a:18b430f4b5ee:MySpectrumWiFi3c-2G:watchglobal570
    1cb04477f63a:64166640884b:MySpectrumWiFi3c-2G:watchglobal570
     
    • Like Like x 1
  8. chunkylover2500

    chunkylover2500 Active Member

    Joined:
    9 Dec 2019
    Messages:
    23
    Likes Received:
    22
    That's amazing! Thanks for doing the recon! I've been focusing on my uncracked Askeys for a while but I've also been wanting to do a big netgear crackathon as well. I'll give those captures a shot if by that time someone hasn't cracked them yet
    --- Double Post Merged, 1 Jun 2020 at 9:05 PM, Original Post Date: 1 Jun 2020 at 8:57 PM ---
    I also got errors for 2 of those pcap files
     
    • Like Like x 1
    • Agree Agree x 1
  9. kn0w1

    kn0w1 Well-Known Member

    Joined:
    16 Dec 2018
    Messages:
    18
    Likes Received:
    13
    Awesome brother thank you! that one has been elusive - wrong attack im sure...
    --- Double Post Merged, 2 Jun 2020 at 12:19 AM, Original Post Date: 1 Jun 2020 at 11:58 PM ---
    Thanks for the nice words brother! Ive been workin on this solo for so long its amazing to have some help from some friends. Ive alot more pcaps I can post - as well as a long list from hcxdumptools with some cool identifying info, essid, mac address stuff if thats useful, it seemed to dump some passwords with it, but I cant tell what MAC?AP they go with. Ill start sorting my madness pile here and upload some stuff. BTW - on running the noun + noun attack on askeys, how do I merge the two noun or noun_large files to accomodate that attack? I did download a merge.sh file from github - honestly ive no idea how to work it... python it looks like? not sure.. I just tried when I woke up - but only one noun and 3 digi on side, it did crack one tho lol but its one I already had. That charter 1c is the first in a big string if AP's, charter AP - netgear AP- ORBI - netgear extenders- also a Mikrotik that I cant get around as well as two ATT's. Ill recapture and upload if I dont have them orderly, I suspect given the network structure they might share passwords...
    Sorry for the bad caps uploaded. Here are also a few other captures - hopefully functional - from the others APs Ive had no luck with, The Netgear router ( CC ) which is a EX8000 i believe, ATT and that mikrotik anomoly.. Thanks again to yall for your help and hard work - cheers!
     
    #929 kn0w1, 2 Jun 2020 at 12:19 AM
    Last edited: 2 Jun 2020 at 12:27 AM
    • Like Like x 1
  10. Ntrain2k

    Ntrain2k Well-Known Member

    Joined:
    31 Oct 2012
    Messages:
    46
    Likes Received:
    15
    No problem. That one was on the askey list.

    Looks like the ATT capture is messed up also.
    --- Double Post Merged, 2 Jun 2020 at 2:44 AM, Original Post Date: 2 Jun 2020 at 12:26 AM ---
    I ran the other 2 and it was a no go.
     
  11. longshanks

    longshanks Well-Known Member
    VIP

    Joined:
    1 Jul 2016
    Messages:
    512
    Likes Received:
    277
    ATT cap only has broadcast message and message 1. (no handshake there)
    Mirotik cap, has two pmkids in it.
    532223d733c689e34126c82b3373a573*cc2de0bdce80*34d270b5298c*4d696b726f54696b2d424443453830
    127164e1e6c6e4bdf2bde3cc374dbf47*cc2de0bdce80*b0fc0d305a01*4d696b726f54696b2d424443453830
    Netgear cap is good. here is a cleaned Hccapx.
    You need to learn how to clean a cap properly, using wireshark. you export specified packets, choosing the broadcast message and M1,M2.
     

    Attached Files:

    • Like Like x 1
  12. Ntrain2k

    Ntrain2k Well-Known Member

    Joined:
    31 Oct 2012
    Messages:
    46
    Likes Received:
    15
    That's odd. It came up as the MySpectrum one I cracked earlier.

    cc40d04cfb0d:ec2ce201c75c:MySpectrumWiFi3c-2G:watchglobal570

    Session..........: hashcat
    Status...........: Cracked
    Hash.Name........: WPA-EAPOL-PBKDF2
    Hash.Target......: MySpectrumWiFi3c-2G (AP:cc:40:d0:4c:fb:0d STA:ec:2c:e2:01:c7:5c)
    Time.Started.....: Mon Jun 01 17:09:23 2020 (3 secs)
    Time.Estimated...: Mon Jun 01 17:09:26 2020 (0 secs)
     
  13. longshanks

    longshanks Well-Known Member
    VIP

    Joined:
    1 Jul 2016
    Messages:
    512
    Likes Received:
    277
    Which cap are you talking about?
     
  14. Ntrain2k

    Ntrain2k Well-Known Member

    Joined:
    31 Oct 2012
    Messages:
    46
    Likes Received:
    15
  15. longshanks

    longshanks Well-Known Member
    VIP

    Joined:
    1 Jul 2016
    Messages:
    512
    Likes Received:
    277
    Oh ok, so thats already been cracked then?
     
  16. Ntrain2k

    Ntrain2k Well-Known Member

    Joined:
    31 Oct 2012
    Messages:
    46
    Likes Received:
    15
  17. longshanks

    longshanks Well-Known Member
    VIP

    Joined:
    1 Jul 2016
    Messages:
    512
    Likes Received:
    277
    Yes , maybe he renamed it wrong.
     

    Attached Files:

    • net.png
      net.png
      File size:
      301.4 KB
      Views:
      6
    • Like Like x 1
  18. kn0w1

    kn0w1 Well-Known Member

    Joined:
    16 Dec 2018
    Messages:
    18
    Likes Received:
    13
    Thanks for the attempt - I may recapture them if that would help...
     
    • Like Like x 1
  19. longshanks

    longshanks Well-Known Member
    VIP

    Joined:
    1 Jul 2016
    Messages:
    512
    Likes Received:
    277
    Just the ATT , check it with wireshark too, usually i first check it with: aircrack-ng xx.cap
    then wireshark to clean it.
    then cap2hccapx to convert it.
     
  20. kn0w1

    kn0w1 Well-Known Member

    Joined:
    16 Dec 2018
    Messages:
    18
    Likes Received:
    13
    Thank you Longshanks - I will learn that immediately, I feared some of my caps were messy..
    --- Double Post Merged, 2 Jun 2020 at 5:34 AM, Original Post Date: 2 Jun 2020 at 5:26 AM ---
    So looking at this I am realizing that since the myspetrumwifi3c cracked earlier is related to the ATT somehow- (part of same convoluted network - the owner has a whole crap load of ap's there in one house and a exterior building) is that why they came up with the same pass? ,
    Im gonna recapture the ATT now and try that out - BTW - the CC:0D MAC is the Netgear router that is connected to the myspectrumwifi3c cracked earlier by Ntrain if that helps with the network relationship. I believe all these pcaps Ive posted are in the same house- randomly connected.
     
Loading...
  • About Us

    We are a community mixed with professionals and beginners with an interest in wireless security, auditing and pentesting. Feel free to check out and upload resources.


    You can also find us on: Twitter and Facebook

  • Donate to Us

    Did you find our forums useful? Feel free to donate Bitcoin to us using the form below. Those who donate the equivlent of $10 USD or more will be upgraded to VIP membership. Don't have Bitcoin? Use your credit card to GO VIP here. Don't want to fork out some coin? There are other ways to GO VIP. Bitcoin: 1LMTGSoTyJWXuy2mQkHfgMzD7ez74x1Z8K