How to crack Passwords? Try using 500 common passwordS
You can try to crack passwords by using the following 500 common passwords first, they were made public back in 2005 but you still can use the today.
500 common passwords
NO Top 1-100 Top 101–200 Top 201–300 Top 301–400 Top 401–500 1 123456 porsche firebird prince rosebud 2 password guitar butter beach jaguar 3 12345678 chelsea united amateur great 4 1234 black turtle 7777777 cool 5 pussy diamond steelers muffin cooper 6 12345 nascar tiffany redsox 1313 7 dragon jackson zxcvbn star scorpio 8 qwerty cameron tomcat testing mountain 9 696969 654321 golf shannon madison 10 mustang computer bond007 murphy 987654 11 letmein amanda bear frank brazil 12 baseball wizard tiger hannah lauren 13 master xxxxxxxx doctor dave japan 14 michael money gateway eagle1 naked 15 football phoenix gators 11111 squirt 16 shadow mickey angel mother stars 17 monkey bailey junior nathan apple 18 abc123 knight thx1138 raiders alexis 19 pass iceman porno steve aaaa 20 fuckme tigers badboy forever bonnie 21 6969 purple debbie angela peaches 22 jordan andrea spider viper jasmine 23 harley horny melissa ou812 kevin 24 ranger dakota booger jake matt 25 iwantu aaaaaa 1212 lovers qwertyui 26 jennifer player flyers suckit danielle 27 hunter sunshine fish gregory beaver 28 fuck morgan porn buddy 4321 29 2000 starwars matrix whatever 4128 30 test boomer teens young runner 31 batman cowboys scooby nicholas swimming 32 trustno1 edward jason lucky dolphin 33 thomas charles walter helpme gordon 34 tigger girls cumshot jackie casper 35 robert booboo boston monica stupid 36 access coffee braves midnight shit 37 love xxxxxx yankee college saturn 38 buster bulldog lover baby gemini 39 1234567 ncc1701 barney cunt apples 40 soccer rabbit victor brian august 41 hockey peanut tucker mark 3333 42 killer john princess startrek canada 43 george johnny mercedes sierra blazer 44 sexy gandalf 5150 leather cumming 45 andrew spanky doggie 232323 hunting 46 charlie winter zzzzzz 4444 kitty 47 superman brandy gunner beavis rainbow 48 asshole compaq horney bigcock 112233 49 fuckyou carlos bubba happy arthur 50 dallas tennis 2112 sophie cream 51 jessica james fred ladies calvin 52 panties mike johnson naughty shaved 53 pepper brandon xxxxx giants surfer 54 1111 fender tits booty samson 55 austin anthony member blonde kelly 56 william blowme boobs fucked paul 57 daniel ferrari donald golden mine 58 golfer cookie bigdaddy 0 king 59 summer chicken bronco fire racing 60 heather maverick penis sandra 5555 61 hammer chicago voyager pookie eagle 62 yankees joseph rangers packers hentai 63 joshua diablo birdie einstein newyork 64 maggie sexsex trouble dolphins little 65 biteme hardcore white 0 redwings 66 enter 666666 topgun chevy smith 67 ashley willie bigtits winston sticky 68 thunder welcome bitches warrior cocacola 69 cowboy chris green sammy animal 70 silver panther super slut broncos 71 richard yamaha qazwsx 8675309 private 72 fucker justin magic zxcvbnm skippy 73 orange banana lakers nipples marvin 74 merlin driver rachel power blondes 75 michelle marine slayer victoria enjoy 76 corvette angels scott asdfgh girl 77 bigdog fishing 2222 vagina apollo 78 cheese david asdf toyota parker 79 matthew maddog video travis qwert 80 121212 hooters london hotdog time 81 patrick wilson 7777 paris sydney 82 martin butthead marlboro rock women 83 freedom dennis srinivas xxxx voodoo 84 ginger fucking internet extreme magnum 85 blowjob captain action redskins juice 86 nicole bigdick carter erotic abgrtyu 87 sparky chester jasper dirty 777777 88 yellow smokey monster ford dreams 89 camaro xavier teresa freddy maxwell 90 secret steven jeremy arsenal music 91 dick viking 11111111 access14 rush2112 92 falcon snoopy bill wolf russia 93 taylor blue crystal nipple scorpion 94 111111 eagles peter iloveyou rebecca 95 131313 winner pussies alex tester 96 123123 samantha cock florida mistress 97 bitch house beer eric phantom 98 hello miller rocket legend billy 99 scooter flower theman movie 6666 100 please jack oliver success albert
The above list of 500 common passwords was revealed back in 2005 by Mark Burnett through his book; Perfect Passwords: Selection, Protection, Authentication. If you are using either one of those passwords right now, please change it this very instance! Take note that hackers, spammers and scammers have the above list too!
password hacking
Password cracking is the process of recovering secret passwords from data that has been stored in or transmitted by a computer system. A common approach is to repeatedly try guesses for the password.
Most passwords can be cracked by using following techniques :
1) Hashing :- Here we will refer to the one way function (which may be either an encryption function or cryptographic hash) employed as a hash and its output as a hashed password.
If a system uses a reversible function to obscure stored passwords, exploiting that weakness can recover even 'well-chosen' passwords.
One example is the LM hash that Microsoft Windows uses by default to store user passwords that are less than 15 characters in length.
LM hash breaks the password into two 7-character fields which are then hashed separately, allowing each half to be attacked separately.
Hash functions like SHA-512, SHA-1, and MD5 are considered impossible to invert when used correctly.
2) Guessing :- Many passwords can be guessed either by humans or by sophisticated cracking programs armed with dictionaries (dictionary based) and the user's personal information. Not surprisingly, many users choose weak passwords, usually one related to themselves in some way. Repeated research over some 40 years has demonstrated that around 40% of user-chosen passwords are readily guessable by programs. Examples of insecure choices include:
* blank (none)
* the word "password", "passcode", "admin" and their derivatives
* the user's name or login name
* the name of their significant other or another person (loved one)
* their birthplace or date of birth
* a pet's name
* a dictionary word in any language
* automobile licence plate number
* a row of letters from a standard keyboard layout (eg, the qwerty keyboard -- qwerty itself, asdf, or qwertyuiop)
* a simple modification of one of the preceding, such as suffixing a digit or reversing the order of the letters.
and so on....
In one survery of MySpace passwords which had been phished, 3.8 percent of passwords were a single word found in a dictionary, and another 12 percent were a word plus a final digit; two-thirds of the time that digit was.
A password containing both uppercase & lowercase characters, numbers and special characters too; is a strong password and can never be guessed.
Check Your Password Strength
3) Default Passwords :- A moderately high number of local and online applications have inbuilt default passwords that have been configured by programmers during development stages of software. There are lots of applications running on the internet on which default passwords are enabled. So, it is quite easy for an attacker to enter default password and gain access to sensitive information. A list containing default passwords of some of the most popular applications is available on the internet.
Always disable or change the applications' (both online and offline) default username-password pairs.
4) Brute Force :- If all other techniques failed, then attackers uses brute force password cracking technique. Here an automatic tool is used which tries all possible combinations of available keys on the keyboard. As soon as correct password is reached it displays on the screen.This techniques takes extremely long time to complete, but password will surely cracked.
Long is the password, large is the time taken to brute force it.
5) Phishing :- This is the most effective and easily executable password cracking technique which is generally used to crack the passwords of e-mail accounts, and all those accounts where secret information or sensitive personal information is stored by user such as social networking websites, matrimonial websites, etc.
Phishing is a technique in which the attacker creates the fake login screen and send it to the victim, hoping that the victim gets fooled into entering the account username and password. As soon as victim click on "enter" or "login" login button this information reaches to the attacker using scripts or online form processors while the user(victim) is redirected to home page of e-mail service provider.
Never give reply to the messages which are demanding for your username-password, urging to be e-mail service provider.
It is possible to try to obtain the passwords through other different methods, such as social engineering, wiretapping, keystroke logging, login spoofing, dumpster diving, phishing, shoulder surfing, timing attack, acoustic cryptanalysis, using a Trojan Horse or virus, identity management system attacks (such as abuse of Self-service password reset) and compromising host security.
However, cracking usually designates a guessing attack.
500 common passwords
| NO | Top 1-100 | Top 101–200 | Top 201–300 | Top 301–400 | Top 401–500 |
| 1 | 123456 | porsche | firebird | prince | rosebud |
| 2 | password | guitar | butter | beach | jaguar |
| 3 | 12345678 | chelsea | united | amateur | great |
| 4 | 1234 | black | turtle | 7777777 | cool |
| 5 | pussy | diamond | steelers | muffin | cooper |
| 6 | 12345 | nascar | tiffany | redsox | 1313 |
| 7 | dragon | jackson | zxcvbn | star | scorpio |
| 8 | qwerty | cameron | tomcat | testing | mountain |
| 9 | 696969 | 654321 | golf | shannon | madison |
| 10 | mustang | computer | bond007 | murphy | 987654 |
| 11 | letmein | amanda | bear | frank | brazil |
| 12 | baseball | wizard | tiger | hannah | lauren |
| 13 | master | xxxxxxxx | doctor | dave | japan |
| 14 | michael | money | gateway | eagle1 | naked |
| 15 | football | phoenix | gators | 11111 | squirt |
| 16 | shadow | mickey | angel | mother | stars |
| 17 | monkey | bailey | junior | nathan | apple |
| 18 | abc123 | knight | thx1138 | raiders | alexis |
| 19 | pass | iceman | porno | steve | aaaa |
| 20 | fuckme | tigers | badboy | forever | bonnie |
| 21 | 6969 | purple | debbie | angela | peaches |
| 22 | jordan | andrea | spider | viper | jasmine |
| 23 | harley | horny | melissa | ou812 | kevin |
| 24 | ranger | dakota | booger | jake | matt |
| 25 | iwantu | aaaaaa | 1212 | lovers | qwertyui |
| 26 | jennifer | player | flyers | suckit | danielle |
| 27 | hunter | sunshine | fish | gregory | beaver |
| 28 | fuck | morgan | porn | buddy | 4321 |
| 29 | 2000 | starwars | matrix | whatever | 4128 |
| 30 | test | boomer | teens | young | runner |
| 31 | batman | cowboys | scooby | nicholas | swimming |
| 32 | trustno1 | edward | jason | lucky | dolphin |
| 33 | thomas | charles | walter | helpme | gordon |
| 34 | tigger | girls | cumshot | jackie | casper |
| 35 | robert | booboo | boston | monica | stupid |
| 36 | access | coffee | braves | midnight | shit |
| 37 | love | xxxxxx | yankee | college | saturn |
| 38 | buster | bulldog | lover | baby | gemini |
| 39 | 1234567 | ncc1701 | barney | cunt | apples |
| 40 | soccer | rabbit | victor | brian | august |
| 41 | hockey | peanut | tucker | mark | 3333 |
| 42 | killer | john | princess | startrek | canada |
| 43 | george | johnny | mercedes | sierra | blazer |
| 44 | sexy | gandalf | 5150 | leather | cumming |
| 45 | andrew | spanky | doggie | 232323 | hunting |
| 46 | charlie | winter | zzzzzz | 4444 | kitty |
| 47 | superman | brandy | gunner | beavis | rainbow |
| 48 | asshole | compaq | horney | bigcock | 112233 |
| 49 | fuckyou | carlos | bubba | happy | arthur |
| 50 | dallas | tennis | 2112 | sophie | cream |
| 51 | jessica | james | fred | ladies | calvin |
| 52 | panties | mike | johnson | naughty | shaved |
| 53 | pepper | brandon | xxxxx | giants | surfer |
| 54 | 1111 | fender | tits | booty | samson |
| 55 | austin | anthony | member | blonde | kelly |
| 56 | william | blowme | boobs | fucked | paul |
| 57 | daniel | ferrari | donald | golden | mine |
| 58 | golfer | cookie | bigdaddy | 0 | king |
| 59 | summer | chicken | bronco | fire | racing |
| 60 | heather | maverick | penis | sandra | 5555 |
| 61 | hammer | chicago | voyager | pookie | eagle |
| 62 | yankees | joseph | rangers | packers | hentai |
| 63 | joshua | diablo | birdie | einstein | newyork |
| 64 | maggie | sexsex | trouble | dolphins | little |
| 65 | biteme | hardcore | white | 0 | redwings |
| 66 | enter | 666666 | topgun | chevy | smith |
| 67 | ashley | willie | bigtits | winston | sticky |
| 68 | thunder | welcome | bitches | warrior | cocacola |
| 69 | cowboy | chris | green | sammy | animal |
| 70 | silver | panther | super | slut | broncos |
| 71 | richard | yamaha | qazwsx | 8675309 | private |
| 72 | fucker | justin | magic | zxcvbnm | skippy |
| 73 | orange | banana | lakers | nipples | marvin |
| 74 | merlin | driver | rachel | power | blondes |
| 75 | michelle | marine | slayer | victoria | enjoy |
| 76 | corvette | angels | scott | asdfgh | girl |
| 77 | bigdog | fishing | 2222 | vagina | apollo |
| 78 | cheese | david | asdf | toyota | parker |
| 79 | matthew | maddog | video | travis | qwert |
| 80 | 121212 | hooters | london | hotdog | time |
| 81 | patrick | wilson | 7777 | paris | sydney |
| 82 | martin | butthead | marlboro | rock | women |
| 83 | freedom | dennis | srinivas | xxxx | voodoo |
| 84 | ginger | fucking | internet | extreme | magnum |
| 85 | blowjob | captain | action | redskins | juice |
| 86 | nicole | bigdick | carter | erotic | abgrtyu |
| 87 | sparky | chester | jasper | dirty | 777777 |
| 88 | yellow | smokey | monster | ford | dreams |
| 89 | camaro | xavier | teresa | freddy | maxwell |
| 90 | secret | steven | jeremy | arsenal | music |
| 91 | dick | viking | 11111111 | access14 | rush2112 |
| 92 | falcon | snoopy | bill | wolf | russia |
| 93 | taylor | blue | crystal | nipple | scorpion |
| 94 | 111111 | eagles | peter | iloveyou | rebecca |
| 95 | 131313 | winner | pussies | alex | tester |
| 96 | 123123 | samantha | cock | florida | mistress |
| 97 | bitch | house | beer | eric | phantom |
| 98 | hello | miller | rocket | legend | billy |
| 99 | scooter | flower | theman | movie | 6666 |
| 100 | please | jack | oliver | success | albert |
The above list of 500 common passwords was revealed back in 2005 by Mark Burnett through his book; Perfect Passwords: Selection, Protection, Authentication. If you are using either one of those passwords right now, please change it this very instance! Take note that hackers, spammers and scammers have the above list too!
password hacking
Most passwords can be cracked by using following techniques :
1) Hashing :- Here we will refer to the one way function (which may be either an encryption function or cryptographic hash) employed as a hash and its output as a hashed password.
If a system uses a reversible function to obscure stored passwords, exploiting that weakness can recover even 'well-chosen' passwords.
One example is the LM hash that Microsoft Windows uses by default to store user passwords that are less than 15 characters in length.
LM hash breaks the password into two 7-character fields which are then hashed separately, allowing each half to be attacked separately.
| | Hash functions like SHA-512, SHA-1, and MD5 are considered impossible to invert when used correctly. |
2) Guessing :- Many passwords can be guessed either by humans or by sophisticated cracking programs armed with dictionaries (dictionary based) and the user's personal information.
Not surprisingly, many users choose weak passwords, usually one related to themselves in some way. Repeated research over some 40 years has demonstrated that around 40% of user-chosen passwords are readily guessable by programs. Examples of insecure choices include:
* blank (none)
* the word "password", "passcode", "admin" and their derivatives
* the user's name or login name
* the name of their significant other or another person (loved one)
* their birthplace or date of birth
* a pet's name
* a dictionary word in any language
* automobile licence plate number
* a row of letters from a standard keyboard layout (eg, the qwerty keyboard -- qwerty itself, asdf, or qwertyuiop)
* a simple modification of one of the preceding, such as suffixing a digit or reversing the order of the letters.
and so on....
In one survery of MySpace passwords which had been phished, 3.8 percent of passwords were a single word found in a dictionary, and another 12 percent were a word plus a final digit; two-thirds of the time that digit was.
| A password containing both uppercase & lowercase characters, numbers and special characters too; is a strong password and can never be guessed. |
| Check Your Password Strength |
|---|
| |
3) Default Passwords :- A moderately high number of local and online applications have inbuilt default passwords that have been configured by programmers during development stages of software. There are lots of applications running on the internet on which default passwords are enabled. So, it is quite easy for an attacker to enter default password and gain access to sensitive information. A list containing default passwords of some of the most popular applications is available on the internet.
| Always disable or change the applications' (both online and offline) default username-password pairs. |
4) Brute Force :- If all other techniques failed, then attackers uses brute force password cracking technique. Here an automatic tool is used which tries all possible combinations of available keys on the keyboard. As soon as correct password is reached it displays on the screen.This techniques takes extremely long time to complete, but password will surely cracked.
| Long is the password, large is the time taken to brute force it. |
5) Phishing :- This is the most effective and easily executable password cracking technique which is generally used to crack the passwords of e-mail accounts, and all those accounts where secret information or sensitive personal information is stored by user such as social networking websites, matrimonial websites, etc.
Phishing is a technique in which the attacker creates the fake login screen and send it to the victim, hoping that the victim gets fooled into entering the account username and password. As soon as victim click on "enter" or "login" login button this information reaches to the attacker using scripts or online form processors while the user(victim) is redirected to home page of e-mail service provider.
| Never give reply to the messages which are demanding for your username-password, urging to be e-mail service provider. |
It is possible to try to obtain the passwords through other different methods, such as social engineering, wiretapping, keystroke logging, login spoofing, dumpster diving, phishing, shoulder surfing, timing attack, acoustic cryptanalysis, using a Trojan Horse or virus, identity management system attacks (such as abuse of Self-service password reset) and compromising host security.
However, cracking usually designates a guessing attack.
0 comments:
Post a Comment