Skip to main content

Reducing password lists with password policies

When cracking passwords, efficiency is everything. You've spend hard earned money on GPUs, you may as well optimise your password lists to make sure that you don't waste time hashing passwords that are out of policy for your target organisation.

So that's simple enough with a few grep and sed commands but after a while you start to feel lazy and script it. Thats why I've added  password policy script to my password munging script.

Using the policy script is pretty straightforward:

./policy.py -luns passwords.txt -o passwordsinpolicy.txt

The switches are as follows:
-l --lowercase passwords must include lowercase letters
-u --uppercase passwords must include uppercase letters
-n --numeric password must include numbers
-s --special passwords must include special characters

All of the above are switched on by default.
The input file must have each password on a separate line.

There are also the following optional switches:
-m --min minimum password length
-M --mx maximum password length
-r number of rules to match
I've found that this script only reduces the password list by 10-20% but a good number of those are the simpler ones that get tried first so that tends to be 10% off the front of cracking time rather than 10% off the end of cracking time.
Labels:

Comments

Post a Comment

Popular posts from this blog

Snagging creds with Raspberry Pi Zero and Responder

So this is not all my own original work. This is a bringing together of the ethernet gadget tutorial by lady ada at adafruit and the beautiful work by Mubix at room362 which uses Laurent Gaffie's from SpiderLabs responder.py scripts. I'm still using Mubix's recipe of USB Ethernet + DHCP + Responder == Creds but here we are using a £4.00 Raspberry Pi Zero instead of the USB armoury or the HAK5 LAN turtle. Both are awesome products. Please note that this only works on the RPi Zero. Other RPi's will not work!   1.0 Setup the the RPi Zero for Ethernet over USB Download and install the latest Jessie Lite from here onto an SD Card. Pop the card out of the card reader and re-insert it to mount it. Take your favorite text editor and edit the following two files in the boot partition. config.txt Go to the bottom and add dtoverlay=dwc2 as the last line: Save the config.txt file. cmdline.txt After rootwait (the last word on the first line) add a spa
3 comments
Read more

Munging Passwords

Password munging is the art of changing a word that is easy to remember until it becomes a strong password. This is how most people make up passwords. Munge stands for M odify U ntil N ot G uessed E asily. The trouble is that it doesn't work very well. We can guess the modifications. Password selection. Take the average office worker that is told that it's time to change their password and come up with a new one. They have just been on holiday to New York with their family and so following common advice they choose that as their password. newyork No! They are told they must include capital letters NewYork No! They are told they must include numbers N3wY0rk No! They are told they must include a special character N3wY0rk! There, now that's a password that meets security requirements and our office worker can get on with their actual job instead of playing with passwords. Scripting similar munges There are a number of ways that they could munge the
Post a Comment
Read more

HoneyPot WarGames - The Hackers Dictionary

Every year security companies are coming up with the “worst passwords” based on breached credentials found on in the murkier parts of the internet. Every year people seem surprised that “123456” is a terrible password and people are still using it. Passwords often get rated by how quickly the could be “cracked”. The length of time for cracking passwords in the real world varies wildly according the the context and the numbers are often confusing. NordPass recently published their list of most common passwords and claimed that the third most popular password was “picture1” and it would take 3 hours to crack. If that’s referring to offline password cracking then we should have a whip-round to upgrade the hackers hardware because a password like that should take seconds to crack. When hackers try to brute force their way into an account online they have to try lots of different password combinations until they get in, or just give up. This takes a lot of time so hackers spend time optimiz
Post a Comment
Read more