im trying to learn how to hack but it is sooo confusing!! ive got a brute fore hacking tool but it takes like 9000000000 years to hack one account, can anyone tell me WHAT TO DOOO!!!

@BadManFifi

Read, read and read some more ..

A little known part of knowing how to hack is accomplished by this simple task..

If all else fails, make sure you post a clearly clarified post on what you have atttempted, and possibly, maybe, it will be answered by people who were onceee

in your very same position..

are their any other methods other than .dic attack

@TAJN0ST

Well, there is the bruteforce option, although not really recommended.. and also some routers have vulnerabilities which could be checked out.

wordlist links??

what if the username/login name not in the wordlist at all?

@southprk76

Then the attack will fail... obviously..

@TAPERULEZ i want to try this on a WAN router, will it work?

@TAPERULEZ i want to try this on a WAN router, will it work?

Oh wow the medusa command worked on my router. Can you please give me a brief overview on the -m DIR:GET/index.asp part though please. :)

@robzyboy Try #man medusa ... Hope that helped

nice vid :)

@Colisor100

In the latest and greatest releases of Hydra, there is a brute-force option

using the -x switch.

If you know the login, that could be an alternative.

This was a random attack attempt ? or you did already know must likely the information and this was must likely to be a tutorial ? :P

Because really what is the % of chance to have the good key word in your word list ?

Could it find a password like @admin12@3 ? *i don't think it would be possible just some question, im not a hacker but you guy alway make me want to watch your video till the end :)*

@Sadamusem

Hey there, glad you liked the vid :)

Of course the video was done on my own home network, so all parameters were known.

The video is just an example of how the attack could work.

In theory, given time, the password could be brute forced, so even your mentioned password could be found, but realistically, this would take too long.

As always, having a strong password is key !

@TAPERULEZ Hehe strong password for the win .... And must likely you need a damn good computer to find a strong password... I wish my labtop would do the job there some files i would like to brute force*and some idiot account lol* Still again nice video

in one of the commands (iwconfig wlan0 essid default channel ?) backtrack, the command doesn't exist. i'm i doing something wrong?

@jportal001

Are you entering the correct information for the ;

essid & channel ?

@jportal001

Are you entering the correct information for the essid & channel ?

Obviously you cant copy and paste that word for word...

@USOGPcom

No, you need to either enter in the login and password or enter a list of logins and a list of passwords.

can someone point me to a good wordlist ?



send me DOWNLOAD LINK PER PN PLS!

@Askbudur32

What DL link... its free.. included in backtrack..

@TAPERULEZ can i this download or not ?

@Askbudur32

GOOGLE BACKTRACK

@TAPERULEZ backtrack-linux. org / downloads do not find it

@Askbudur32

You have to be joking right ? ... man.. figure out how to use google ;)

Think you need to first figure out what is what...

Backtrack is an Operating System which you can run from either a live CD of live USB install or from HDD install.

Of the many tools included in backtrack are Hydra and Medusa...

Now go google..

@TAPERULEZ Just send me download link ;)

Please.

@Askbudur32

If you cant figure out where to find, download and use BackTrack, then these tools are not for you...

Probably best you forget about it.

@TAPERULEZ I've found it has to do it on usb stick and then install.

i have this scenario, our cisco instructor gave us a task to hack the wireless router of the school library, and if one of us succeeds in doing, he/she won't need to take the final exam anymore. . .

of course the IT of the school has already changed the password of that router's interface. . .what if the password that he used is not included in the hydra or medusa wordlist??? will it still be cracked??

hope to get an answer soon. .

@glenmb23

Somewhat shady story.. but OK.

No, if the password is not in your wordlist, you will not be able to hack in.

So the important thing is to have the best possible (this does not necessarily mean the largest possible) w0rdlist.

I'm a network student so, I will learn this cause in Cisco they don't teach this stuff, thanks to you Tape.

@basyirstar

Glad you like it ;) If your working on Cisco stuff, have a look at the tool "asleap" as well.

@TAPERULEZ are you still working to update your blog for this year?

@basyirstar

Hey there, yes I am. Its been too busy for me to put as much time in it as I could before.

First post to be coming out will be one on creating wordlists with crunch v3.0

(isnt out yet, but bohf28 is working on it)

Then I hope to be able to get a post out on the use of pyrit (tool for wpa password assessment)

if cash flow allows the purchase of pc rig I have my eyes on ;)

Will also be looking into .pdf this year I think. depends on my time !

@TAPERULEZ I have one more question. Is this method can be used to crack or hack facebook login(not to try but ask for possibilities, if it does that's mean it so danger)

@paramencijum

Well first of all get WPA going on your wlan router instead ;)

It is possible that your interface does not support entering the mac addresses, however difficult to say.

Have you tried with interface UP and interface DOWN ? Perhaps you should try with a different wireless card ?

man i love your work !

question : how can i crack my network if i`m not using any security ( no WEP/WPA etc ) only mac adress filtering ! ? is there a way ?

thx.

@w33dp0w3r

Hey there, glad you like it ;)

Well, mdk3 does have an option to try and bruteforce the mac address, but this is not really going to work.. unless you are real, real patient.

Best way is to monitor the network with either Kismet or Airodump, wait till you see a client (mac address) connecting, take noted of that mac address.

The spoof your mac address with macchanger to the noted valid mac address..

Hey presto, you should be able to connect.

Could u please recommend a good user and password wordlist?

Do you use iwconfig instead of macchanger because of the "default channel" option in your video? Or is it just a preference thing? Also, I checked out your wordlist calculator and it is a pretty cool script. Thanks.

@dodo3773

Hey there, I am using iwconfig to configure the wireless card to be able

to connect to the AP, in this case no MAC filtering was enabled, so no need

to use macchanger.

As the network is on channel 1, thats what I set it to in iwconfig in this example.

@TAPERULEZ Oh, so you are connecting to an ap through the cli instead of the gui way. Right that makes sense. Yeah, I don't know what I was thinking.

this is not going to work.. the wordlist is not a smart way to hack. What is the username and password were changed?

@darkangelcloud7

The goal is to breach/enter the router page settings, how often do you change yours ?

Some routers do have inherent vulnerabilities, lacking same, this approach by trying to either bruteforce or attack with dictionary is the next best option..

@TAPERULEZ What if you change the username to $%#)GTJ#(T and password to #F($JF($ would you be able to obtain that with a wordlist?

@darkangelcloud7

Highly unlikely.

Although that login and password are too short (should be longer and use alpha-numeric values with special characters) as password like that would indeed make it a lot safer.

The thing is, again, how many routers have that type of password ?? Not many I assure you.

9 out of 10 times, it will be for instance login : admin pass : simplepasswordhere

This is not meant to be a simple click and hack, it is meant to show the possibilities..

@TAPERULEZ I know that anyone can figure out a router's default login. But what if you change the default username and password? wordlist won't work:P

@darkangelcloud7

The key is how strong are the alterations made to the login and/or password.

If changed as per your example, its unlikely it would get caught anytime soon, if changed to for instance a dictionary term.. then it is a different story.

All in all, I think you get the picture;

weak login/password combination = bad

worlds most lame bruteforcing way ever! u have to actually have the password in your head in order to actually get it open! totally lame to the max! this is not true cracking neither true bruteforcing, true bruteforcing execute var by var until it finds the correct password and true bruteforcing does NOT go slow as this it goes in a sec, hello! welcome to the world! stone age freaks a 70mhz cpu execute FASTER than that lame speed! you are on the network! no freaking delay! lame program!

@combat331

lol, get with the programme m8y.. read up on what you are commenting on..

hello, this really works? wordlists 4 does not backtrack by default? this program works to incorporate these next?

@mekargaelflow

Didnt quite get you there.. it worked in my test setup.

The wordlists included in BT4 are not terrible, but it is better to create your own.

Can u share your wordlist? Thanks

Hey there, the wordlist I used was one compiled from default passwords with some additions.

Make a wordlist using this information, do a google on default passwords.

@TAPERULEZ Just mail me with the copied PW-list^^ It would be great

make a video on visual-medusa crack;)

do u know where can i get a bruteforce wordlist(3-4 chacters) or a program to do this sequenzial wordlist?

@elunecacca

Hey, what do you mean a visual-medusa crack ? You mean like using Xhydra ?

Regarding a 3-4 character wordlist.. that can be easily made using crunch or the like.

This test is done using a smallish wordlist in which the password is included. To do a full bruteforce attack would take a very long time and possibly kill the router..

I suppose in theory it may be possible to pipe a crunch generated wordlist through to hydra, but have not tested that.

i have many question of my own but; fyi bonucci22 it depends of how big is your password dictionary list!!!

Nice video ;)

one question, how long houd it take by Brute force, any ideia?