Archive for the ‘home’ Tag

WPA / WPA2 PSK Rainbow Tables (n * 4GB) (OUTDATED!)

Aircloud-ng online app:

A while ago I’ve decided that I will create pre-computed hash dictionary to myself saving my expensive time while pentesting poorly-secured networks. What is it, and why is it good? Short version: For pre-defined SSID networks you can create a custom dictionary file which has the passphrases inside, but hashed. Why? Because this can speed up the obtain process of the “lost” WPA/WPA2 key of your access point. By speed up I mean it’s much faster than the original, when using a sinlge plain-texted dictionary for various SSID handshakes.

(More about it:

These hash files are still “under construction”, but once I’ve finished them I am going to publish each of them. These contain (wait for it…) 100 million passphrases (it’s only an 8 digit number for the top SSID names of the world, but still!) and each file will be approximately 4GB large.

For example:

00000000  //line no. 1
00000001  //line no. 2

22439863  //line no. 22.439.864

99999999  //line no. 100.000.000

It takes an awful lot of time to precompute one (since genpmk is a single-threaded program which can not use multi cores. Yes, it’s really slow (takes around two weeks to create only ONE file!))

And why 8 digits of passphrases? We all know how lazy most people are, and that they do not even care enough about security nowadays. So if WPAx requires at least 8 characters long password, they will use EXACTLY 8 characters long password. Not in all cases, but in most of them. Thats’s why penetration testers are here. As I mentioned testing these hash files are only for pre-defined SSID names, so our main target in this case are the weak-setup links. For example a linksys access point with 8 characters long password, which FORTUNATELY contains of only number.

While a 4×2 cores CPU with 24G of RAM crack this linksys AP with 3000 passphrases / sec, with pre-calculated hashes this speed can be increase to 200.000 pass / sec. Yeah, there is very little difference right? We can pretty much see the advantages of the PMK’s now.

List (based on this):

  • Internet
  • Ziggo
  • workgroup
  • test
SSID / Download link dropbox depositfiles torrent screenshot sample capture
  • Belkin54g
  • dlink
  • linksys
  • smc
  • 3Com
  • ZyXEL
  • home
  • default
  • hpsetup
  • wireless
  • network
  • WLAN
  • WiFi
  • ASUS
  • D-LINK
  • Office
  • belkin
  • blank
  • Cisco
  • linksys
9 digit num 1 bill pass 40GB size 32GB compressed curr state: 100%
  • orange
  • Guest
  • eurospot
  • arescom
  • 101
NEW! ↓
  • Gateway
  • Motorola
  • SpeedStream
  • tsunami

The password for each archive is nodeGun_8

Feel free to use it, copy it, distribute it, modify it and whatever you want to do with them. You can find my E-mail address in the About page in case there are any questions or requests.