I just calculated 9704448 keys for Thompson routers. These routers ship with a default essid and a default wpa key which most people do not change. The keys can be calculated from a range of default essids and are all in uppercase hex. Adding these keys should greatly increase the chances of recovering wpa keys from Thompson routers.

Tags: crack, essid, hex, question defense, recover, security, thompson, tools, wpa

Last Saturday Alex and I were asked by Adrian Crenshaw of irongeek.com to come out and help teach a class on password exploitation with him. The class lasted 6 hours and Alex and I got two of them to talk about our favorite new password cracking software hashcat.

Read the rest of this entry »

Tags: crack, exploit, hash, hashcat, irongeek, issa, md5, ntlm, password, training

This year at Def Con 18 the security company Kore Logic sponsored a password cracking competition. Naturally we here at Question-Defense wanted a shot at the title. We enlisted the guys over at Hashcat to help out on our team. We believe that Hashcat takes password cracking to a whole new level and we have gotten to be good friends with the developers.  Me and Alex headed out to Las Vegas to enter the competition and we had a blast.

Read the rest of this entry »

Tags: can, crack, cracker, Defcon, hash, if, me, oclhashcat, password, team, you

Over the last week we have been compiling, sorting, removing and adding a massive amount of words to our wpa wordlist. Some of these were grabbed from leaked sites, some were generated by us and many were donated by members of the community. One new feature we have tried to implement is common 8 and 10 char hex only keys which will match many of the routers which have a default key which is hex such as Thompson and BT-Home hub. We have also gone through great trouble to remove most of the words with special chars, over the last 6 months of running the wpa cracker we have hardly seen any cracked keys with special chars so we removed all words which didn’t have the most common ones like ‘ ” # $ and @. This will increase the current cracking time from 1.5 hours to around 3 hours. There will be not be a increase in the cost for these new features. We are not really interested in making money, the small amount we charge is only to cover hosting and the electrical bill. The previous list contained around 540 million words and the current list now contains about 980 million words. Special thanks to anyone who donated a list to the site.

Thanks purehate & dakykilla

Tags: crack, cuda, nvidia, password, wordlist, wpa

When we did the rebuild of the tools server we used a Intel i7 920 as our CPU. This was mainly due to our budget, which was good, but not unlimited. After we got the server together and ran it for a few weeks we decided a upgrade of the CPU was probably in order. We ordered a Intel i7 965 Extreme processor and I put it in a few nights ago. With no over clocking at all its already a pretty impressive CPU. I hope to get some bench marks in the next week or so and compare them to the 920 bench marks. This push’s our tools server up to about 100k pmk/s when it comes to WPA Cracking.

Read the rest of this entry »

Tags: 3.2GHz, 8192KB, cache, cpu, cpu cores, extreme, i7, intel, intel i7 920, intel i7 965, overclock, processor, wpa cracker

Alex and I recently upgraded the server that runs our tools applications. We figured some people may be interested in what powers our applications so we decided to make a post showcasing the upgrade.  As every one knows, our tools are GPU powered but we have never talked much about the actual guts of the machine.

Read the rest of this entry »

Tags: 1200 watt, 12GB, 250GB, 295 GTX, 850 watt, artic 5 thermal paste, asrock, build, corsair, cpu cooler, cuda, dominator, fan assembly, gpu, i7, multi gpu, nvidia, overclock, pci slots, power supply, RAM, server, SSD, thermal compound, thermal paste, thermaltake, video cards, x58

We added a SHA1 GPU powered hash cracker to the page today. I will be adding a few tutorials on SHA1 in the near future. As with any of our tools, if the default configurations do not meet your needs please feel free to use the contact page to send us a request for a special crack.

Read the rest of this entry »

Tags: batch cracking, cracker, gpu, hash, online hash cracker, sha1, sha1 hash cracker, tutorials

In case you hadn’t noticed we have moved the domain and and merged with our parent site Question-Defense. The site started as a side project with its own domain but it has been doing so well that we decided to make it a permanent part of  Question-Defense. We will be constantly improving the suite of tools on this site. We have a NTLM cracker brewing and a few other hash generators and such we will be launching soon. Thanks to digip for the new headers.

Tags: cracker, digip, domain, hash cracker, move, ntlm, ph33rbot, qd, question defense, security tools, tools

I had a few people give me some wordlists they wanted to see added to the service. After running them through my optimizer scripts I ended up trimming them down quite a bit but I still ended up with 4844845 new words for the list. This brings the total number of words currently in the list to 547167571. I will continue to optimize the list for the best results.

Tags: digits, lowercase, numbers, optimize, optimizer scripts, total words, trimming, uppercase, word list, wordlist, words

We are now officially launching our new wpacracking service at the start of 2010. This launch is done in conjunction with Narfonix and Question-Defense.  We  have been working very hard to bring you a service which is both affordable and useful.  We will be continuing to update the user interface and adding content to the site as needed in order to make this a truly high quality online interface for auditing WPA captures.

Tags: 2010, handshake, launch, narfonix, new years, ph33rbot, question defense, wpa capture, wpa cracker, wpacracking