illmob.org

Weak Password

April 11th, 2017 by admin in Linux

Password Cracking speedup using Ordered Markov Chains

February 25th, 2017 by admin in cracking

Based off this paper resulted in increased cracking accuracy by 22.5% from John the ripper’s Markov and incremental model created a tool that wass flexible enough to perform n-gram and markov chains based password generation using a cracked password list. It works because a large number of users use some part of their email or username or any other detail in their password and if we can first check passwords that start with n grams containing usernames portions, user emails portions etc, then we can intuitively speed up the accuracy and the experiments proved this intuition right. Another reason for increased accuracy was using a training word list from the same category as that of website i.e adult/relationship websites. These two factors were the main cause of the increase in accuracy.

source: http://fsecurify.com/using-ordered-markov-chains-and-user-information-to-speed-up-password-cracking/

data: https://github.com/faizann24/Using-Ordered-Markov-Chains-and-User-Information-to-Speed-up-Password-Cracking

Jesus Saves

January 7th, 2017 by admin in Life

Except when he’s your password…

An analysis of passwords found in the 2009 breach of Rockyou — 32 million accounts — finds a large number of Biblical references (“jesus”,” “heaven”, “faith”, etc), including a number of Bible verse references (“john316”).

Another too-popular choice is “jesus,” or variants like “jesus777” and “jesus143.” Collectively, more than 21,000 people in the breach used the Son of God’s name as a password, making it the 30th most common password overall, a bit behind “tigger” (No. 22) and ahead of “football” (No. 45).

Source: christianitytoday.com

Updated DELL BIOS Recovery

October 29th, 2016 by admin in BIOS

We now can generate master BIOS passwords for  1D3B, 1F66, 6FF1 type DELL computers, Please visit our bios password recovery service page for DELL and other brand BIOS recovery options.

Kon-Boot Updated for macOS Sierra

September 27th, 2016 by admin in Apple, Privilege Escalation

kon

Kon-Boot has updated to support macOS Sierra systems, allowing you to login into the system without knowing the previous passwords/user names. By virtually modifying the EFI bios and then modifying parts of the kernel. The changes are only made in virtual memory and they disappear after reboot. Kon-Boot allows you to either login into selected account without knowing the password (bypass mode) or it will create new “root” account for you (new-account mode) from which you will be able to change other users passwords as needed.

You can purchase the license here: http://thelead82.com/products-mac.html

Or get the 2in1 version which allows you to bypass Windows XP through 10 passwords as well: http://thelead82.com/products-2in1.html

As a RepairTechnician or Penetration Tester this product is well worth the money for the time you save.

Cracking OpenBSD FDE

August 31st, 2016 by admin in Password Info, Privilege Escalation

Filippo lost his OpenBSD Full Disk Encryption password and is taking the time to figure out a way to extract and bruteforce the password, it’s currently a work in progress but a great way to learn.

Source: https://blog.filippo.io/so-i-lost-my-openbsd-fde-password/

GitHub: https://github.com/FiloSottile/openbsd-fde-crack

427 Milllion Stolen MySpace Passwords Selling For $2,800

May 27th, 2016 by admin in Life, News, Password Info

myspacehack
The same hacker who was selling the data of more than 164 million LinkedIn users last week now claims to have 360 million emails and passwords of MySpace users, which would be one of the largest leaks of passwords ever.
The passwords were originally hashed with the SHA1 algorithm, which is known to be weak and easy to crack, and they were not salted. “Salting” makes decrypting passwords exponentially harder when dealing with large numbers of passwords such as these.
Below are the top 55 passwords that LeakedSource cracked so far.

Rank Password Frequency
1 homelesspa 855,478
2 password1 585,503
3 abc123 569,825
4 123456 487,945
5 myspace1 276,915
6 123456a 244,641
7 123456789 191,016
8 a123456 165,132
9 123abc 159,700
10 (POSSIBLY INVALID) 158,462
11 qwerty1 141,110
12 passer2009 130,740
13 fuckyou1 125,302
14 iloveyou1 123,668
15 princess1 114,107
16 12345a 111,818
17 monkey1 106,424
18 football1 101,149
19 babygirl1 90,685
20 love123 88,756
21 a12345 85,874
22 iloveyou 85,001
23 jordan23 81,028
24 hello1 80,218
25 jesus1 78,075
26 bitch1 78,015
27 password 77,913
28 iloveyou2 76,970
29 michael1 75,878
30 soccer1 74,926
31 blink182 73,145
32 29rsavoy 71,551
33 123qwe 70,476
34 angel1 70,271
35 myspace 69,019
36 fuckyou2 68,995
37 jessica1 67,644
38 number1 65,976
39 baseball1 65,400
40 asshole1 63,078
41 1234567890 62,855
42 ashley1 62,611
43 anthony1 62,295
44 money1 61,639
45 asdasd5 60,810
46 123456789a 60,441
47 superman1 59,565
48 sunshine1 57,522
49 nicole1 56,039
50 password2 55,754
51 charlie1 54,432
52 shadow1 54,398
53 jordan1 54,004
54 1234567 51,131
55 50cent 50,719

Linkedin Top 50 Leaked Passwords

May 19th, 2016 by admin in cracking, Life, Password Info

Earlier this week passwords that were jacked from LinkedIn from 2012 were offered for sale online. What initially thought to be a theft of 6.5 million passwords has actually turned out to be a breach of 117 million passwords. The cache of stolen accounts were hashed with the recently deprecated SHA-1 algorithm. leakedsource.com was able to get their hands on the dump the passwords weren’t salted and easily cracked. Below are their results.

Rank Password Frequency
1 123456 753,305
2 linkedin 172,523
3 password 144,458
4 123456789 94,314
5 12345678 63,769
6 111111 57,210
7 1234567 49,652
8 sunshine 39,118
9 qwerty 37,538
10 654321 33,854
11 000000 32,490
12 password1 30,981
13 abc123 30,398
14 charlie 28,049
15 linked 25,334
16 maggie 23,892
17 michael 23,075
18 666666 22,888
19 princess 22,122
20 123123 21,826
21 iloveyou 20,251
22 1234567890 19,575
23 Linkedin1 19,441
24 daniel 19,184
25 bailey 18,805
26 welcome 18,504
27 buster 18,395
28 Passw0rd 18,208
29 baseball 17,858
30 shadow 17,781
31 121212 17,134
32 hannah 17,040
33 monkey 16,958
34 thomas 16,789
35 summer 16,652
36 george 16,620
37 harley 16,275
38 222222 16,165
39 jessica 16,088
40 ginger 16,040
41 michelle 16,024
42 abcdef 15,938
43 sophie 15,884
44 jordan 15,839
45 freedom 15,793
46 555555 15,664
47 tigger 15,658
48 joshua 15,628
49 pepper 15,610

Bypass Biometrics with Inkjet Printer

March 8th, 2016 by admin in Android, Mobile

Researchers, Kai Cao and Anil Jain, from the Department of Computer Science and Engineering at Michigan State University have loaded up an inkjet printer with cartridges designed for printing electronic circuits, and used the output to fool smartphone fingerprint sensors on a Samsung Galaxy S6 and a Huawei Honor 7. They just needed a reversed scan of the victim’s fingerprint, and an inkjet printer loaded up with ink and paper from printed electronics specialist AGIC. Read their paper ::HERE::.

Source

Reply All

March 8th, 2016 by admin in Life

reply_all

« Previous ArticleNext Article »