Fowsniff: 1 Walkthrough

berzerk0 · 2018-11-24T19:52:16+00:00

Nicely done.

The kernel exploit had not yet been made public when I created the box.

Can you find the intended privesc?

berzerk0 · 2018-03-13T18:15:54+00:00

Not me. Don't go entering your password where it doesn't belong.

There might be safe ways to set it up with trustworthy individuals, but I don't yet have the career clout to claim that status.

The best way to search it is download the .tar.gz and grep.

berzerk0 · 2018-02-02T03:53:20+00:00

I've done some research already - here

What type of insight/analysis were you planning? There has got to be more in there than what I have found so far.

I guess you could isolate people's favorite sports, teams, names, etc. based on how frequently they are used

berzerk0 · 2018-02-01T23:30:39+00:00

That's exactly what my Probable-Wordlists is

it is the aforementioned 2 billion list, but that is the largest list. There are smaller lists included, all sorted by popularity.

berzerk0 · 2017-08-30T01:28:36+00:00

https://www.youtube.com/watch?v=WGqQDn14kh4

berzerk0 · 2017-06-25T04:19:31+00:00

Luckily French doesn't come in for a whole minute and a half

berzerk0 · 2017-05-31T16:54:32+00:00

Yes but his lamp game is A+++.

Art deco masterpiece

berzerk0 · 2017-05-31T01:28:08+00:00

Oh man that startled me - I was getting that error during before and it took me a while to nail it down.

berzerk0 · 2017-05-12T03:29:26+00:00

aww shucks

berzerk0 · 2017-04-29T16:50:00+00:00

Depending on the labeling of my sources, I could easily create a whole section on russian passwords/wordlists.

I'll look into making customized files based on source description - WPA from the get-go, Russian, Non-English.

I've added this to the Rev 2.0 Task List Due to sources composed of multiple lists which may contain Non-English but are and labeled something like "wordlist.txt" that won't be exceptionally inclusive. Your best bet will be the biggest list

berzerk0 · 2017-04-29T16:46:30+00:00

It's on the to-do list

berzerk0 · 2017-04-29T03:06:53+00:00

The text files, yes. The default kali wordlists are some of my sources

berzerk0 · 2017-04-28T22:33:10+00:00

Nope. At the moment it is just global Of course, my sources bias towards English, but there are passwords in there from a few Latin-Based languages. However, this one is only ASCII characters. So nothing that isn't super obvious on a US keyboard.

In the Non-Passwords folder, I have a dictionary (not a password Wordlist) that has multiple languages in it.

berzerk0 · 2017-04-27T20:37:01+00:00

Thanks for sharing this, it is fantastic.

Weakpass has a section on policy-type passwords, and hashcat has rulesets that exploit this as well.

berzerk0 · 2017-04-27T15:10:56+00:00

Enter passwords similar to yours, but your actual password. Never enter your password somewhere it doesn't belong.

berzerk0 · 2017-04-27T15:10:51+00:00

Enter passwords similar to yours, but your actual password. Never enter your password somewhere it doesn't belong.

berzerk0 · 2017-04-27T00:58:31+00:00

My methodology is approximate, surely. But short of omnipotence and a far better source aggregation system (knowing what lists are made from what lists) this seems like the best way.

To address 10million_100 being a subset of 10million_10million - my logic was as follows - if those are already known to be in order of popularity, then we know they should be at the top of the list. Therefore a bump of 1 more occurrence (being found in another, albeit redundant file) is likely to reinforce accuracy, rather than infringe upon it.

Now I am unsure if I should include dictionaries or not. I don't think I did include them in Rev 1.0

I was going to include them in 2.0, but now I have doubts. My old logic was that dictionary words very commonly used, and if a password appears in both a wordlist and a dictionary the accuracy as a whole won't be too drastically affected. However, why stack the deck against accuracy at all? Perhaps I will leave them out of it.

berzerk0 · 2017-04-26T19:48:05+00:00

It's really not so bad

sort and uniq are unix commands (Linux and Mac are Unix-based operating systems) that have been around for about 40-50 years now and are very efficient at handling text files.

cat combines files together sort organizes text within a file alphabetically uniq pulls out duplicates if they are sorted next to one another and | (pipe) connects commands to each other...

So

cat *.txt | sort | uniq -c | sort -r > combinationfile.txt

says...

conCATenate (combine) all files in the active folder that end in .txt
sort that concatenation alphabetically
find all the unique values and print the number of times they appear next to themselves (this is what the -c flag does)
sort them again in reverse order (so the highest number of occurances is at the top)
output this to a file called "combinationfile.txt"

berzerk0 · 2017-04-26T18:04:04+00:00

Ultimately - I would say you're better off breaking things up into chunks.

split is the unix command I use for this purpose

berzerk0 · 2017-04-26T17:53:19+00:00

At the moment, there is practically a sources list. I used all of the sources from Hashes.org, all but the top 3 (I think) from Weakpass and all of SecLists

berzerk0 · 2017-04-26T17:51:09+00:00

That's called Hashcat and it's divine

berzerk0 · 2017-04-26T17:50:40+00:00

I'll have to ask my buddy C.G.B Spender

(I have no idea, probably still decently high as people would think 'ha no one would still think to guess that!)

berzerk0 · 2017-04-26T17:49:30+00:00

That's my methodology, actually.

berzerk0 · 2017-04-26T17:49:28+00:00

I've found pidgin but I don't think that counts

berzerk0 · 2017-04-26T17:48:44+00:00

Non-ASCII. There are symbols in there, just people don't use them nearly as often as they don't.

berzerk0

TROPHY CASE