Calculate most used passwords.
#1
Hello GreySec,


When one hash cracked a hash-list, and has the plaintext passwords;
How does he calculate which passwords are most used here?

Was just wondering what the most efficient way would be.

Thank you.
Reply
#2
First step would be to format output of the cracked hashes. The format is probably md5:salt:crackedpassword or something like that. You can grab some of the regex for hashes here: http://www.unix-ninja.com/p/A_cheat-shee...d_crackers and then use sed in bash or similar tools to exclude everything except the plaintext password.

When each plaintext password is in the file on a line on it's own you should be using frequency analysis. Just like you can use letter frequency making a script to count the frequency of strings shouldn't be a problem. Take python for example:

https://stackoverflow.com/questions/9919...n-a-string

Using collections.Counter: http://docs.python.org/library/collectio...ns.Counter

Code:
from collections import Counter
test = 'abc def abc def zzz zzz'
Counter(test.split()).most_common()
(Replace variable test with a file. I can't remember how, I think it was f.open or something similar...)


Output:
Code:
[('abc', 2), ('zzz', 2), ('def', 2)]
Whereas you can see the strings are displayed together with the frequency or the amount of times that the word appears. Now I'm kind of lazy but someone with more programming experience could probably create something more automated and effective if he has more details.

Having the frequency of each password sounds like fun, you could visualize the data in graphs to see which passwords are the most common. And create wordlists from that and such.

But I think I would honestly try to use wordlists which are already out there, like:
Reply
#3
(03-24-2016, 09:57 PM)Insider Wrote: First step would be to format output of the cracked hashes. The format is probably md5:salt:crackedpassword or something like that. You can grab some of the regex for hashes here: http://www.unix-ninja.com/p/A_cheat-shee...d_crackers and then use sed in bash or similar tools to exclude everything except the plaintext password.

When each plaintext password is in the file on a line on it's own you should be using frequency analysis. Just like you can use letter frequency making a script to count the frequency of strings shouldn't be a problem. Take python for example:

https://stackoverflow.com/questions/9919...n-a-string

Using collections.Counter: http://docs.python.org/library/collectio...ns.Counter

Code:
from collections import Counter
test = 'abc def abc def zzz zzz'
Counter(test.split()).most_common()
(Replace variable test with a file. I can't remember how, I think it was f.open or something similar...)


Output:
Code:
[('abc', 2), ('zzz', 2), ('def', 2)]
Whereas you can see the strings are displayed together with the frequency or the amount of times that the word appears. Now I'm kind of lazy but someone with more programming experience could probably create something more automated and effective if he has more details.

Having the frequency of each password sounds like fun, you could visualize the data in graphs to see which passwords are the most common. And create wordlists from that and such.

But I think I would honestly try to use wordlists which are already out there, like:

Thank you for your extensive and well described reply.

I had already formatted to passwords only, but didn't know you could do it this simple with python.
Reply
#4
Why is this important? The only credentials that matter are the admin credentials.

Anyway, to open a file you use the open() method like so:

Code:
test = open('textfile.txt', 'r')

To read a quantity of data you can use the read() method.

Code:
test.read()

Here's some documentation for your perusal.

https://docs.python.org/2/tutorial/inputoutput.html
Reply
#5
(03-24-2016, 11:44 PM)Vector Wrote: Why is this important? The only credentials that matter are the admin credentials.

Anyway, to open a file you use the open() method like so:

Code:
test = open('textfile.txt', 'r')

To read a quantity of data you can use the read() method.

Code:
test.read()

Here's some documentation for your perusal.

https://docs.python.org/2/tutorial/inputoutput.html

Don't need it for any certain reasons, just found it intressting to know.

And thank you, I will read that documentation.
Reply