Thursday, May 31, 2012

Using twitter to build password cracking wordlist

This is going to be a quick one. We're going to show how to use twitter to build a word list for cracking passwords.
We'll use John the Ripper, and as a target we'll use the MilitarySingles.com md5 password hashes that were released by the artist formerly known as lulzsec.

First, let's hack out a quick script that will get relevant tweets for us. And yes, I use a lot of tabs. And I know I can do this cleaner... I'm in a get it done quick mood.
(EDIT: thanks to Supercow1127 and TheShadowFog for pointing out better ways to deal with JSON. See jshon, jsawk, etc).
The script will connect to twitter and get 500 tweets for the term supplied, then barf back all the words from those tweets in a list for us. Next we are going to pass the script some words that might be relevant to our target.

After we sort the list out, we're left with 4400 unique words.

Let's try those words against our hashes and see how many of them are used as passwords. We'll use the --rules option so that it mangles up various permutations of each word.

 And here come the passwords.....(scrolled off the screen)

So, from our word list of 4400 words, we yielded 1978 passwords. Let me say that again...
FROM OUR WORD LIST OF 4400 WORDS, WE YIELDED 1978 PASSWORDS!

And that's 1978 uniques. The number of accounts we actually cracked with these 1978 passwords is actually even more than 4400 accounts cause many use the same passwords as each other, and with the mangling rules John tries ~300 mutations of each word in the list (semperfi gives us semperFi, semperfi1, semperfi123, etc).

This is a very small example of what can be done to generate more relevant password lists using twitter/websites/social media to supply you with the related words. Download john, hash your passwords, build a list of words relevant to your organization, and test the security of your passwords. Heck, we haven't even started talking about GPUs and oclhashcat, but we'll leave that for another time.

Until next time, if you're going to hack, hack effectively.



And props to Kevin Young. Thanks for all the lengthy discussions about password security. I truly enjoy picking your brain.

90 comments:

  1. Pretty good! I don't usually read blogs but I guess I'll subscribe lol.

    ReplyDelete
    Replies
    1. Hello Everyone !

      USA SSN Leads/Fullz available, along with Driving License/ID Number with good connectivity.

      All SSN's are Tested & Verified.

      **DETAILS IN LEADS/FULLZ**

      ->FULL NAME
      ->SSN
      ->DATE OF BIRTH
      ->DRIVING LICENSE NUMBER
      ->ADDRESS WITH ZIP
      ->PHONE NUMBER, EMAIL
      ->EMPLOYEE DETAILS

      *Price for SSN lead $2
      *You can ask for sample before any deal
      *If you buy in bulk, will give you discount
      *Sampling is just for serious buyers

      ->Hope for the long term business
      ->You can buy for your specific states too

      **Contact 24/7**

      Whatsapp > +923172721122

      Email > leads.sellers1212@gmail.com

      Telegram > @leadsupplier

      ICQ > 752822040

      Delete
  2. Good lord.... that's pretty damned effective!

    ReplyDelete
  3. It would be interesting to see how effective the words from twitter were by themselves, without the targeted keywords.

    ReplyDelete
    Replies
    1. I agree. The idea that there's an increase in efficiency for single words over a standard random wordlist would be shown out in the differences between targeted twitter searches and random searches. I do think there are other cool things you can do with this sort of thing, such as finding word combinations that people commonly use. Coming up with the password iloveJustinBeiber2010 wouldn't really be that easy by just mangling an entire dictionary of words together, but by searching twitter for strings (I think) you could really increase your chances.

      Delete
    2. Yes! I think so too, re finding commonly used word combinations. Here's an idea: Identify a subset of users that generates a decent amount of Twitter traffic, and has a strong thematic commonality. That is exactly what you did here. Harvest the content over a 6-month interval. That forms a corpus of all-English language text. Unstructured text analysis programs are common. They aren't so great for inferring complex behavioral trends. But current text analytics algorithms should be more than adequate for finding 2 or 3-word combo's as likely passwords!

      Are you familiar with the Google N-gram Viewer? 2-word combo's are bi-gram's, 3 words are tri-gram's, thus "n-gram". Stray thought: Use the N-gram Viewer to find UserID-password combo's. Use a good text corpus e.g. single military service people's Twitter content.

      Delete
  4. I'm doing the same with RSS feeds, compiling Country/Topic specific Wordlists is very comfortable that way.
    Language specific dumps of wikipedia, if sorted by wordlength, work very well too.

    ReplyDelete
  5. This was interesting. I have a really large wordlist and I was interested in what words the twitter search found that wasn't already in my wordlist that also resulted in a successful crack of another md5 hash. I got 24,197 of them from my own word list but there were eight that only came from the twitter search terms used in this post and most look like military terms or military slang. Thanks for the interesting diversion.

    ReplyDelete
  6. That is exactly it Joel, thanks for the comment. This is definitely not the way to generate your main wordlists, but it really does turn up great words (or word combinations) that you won't find in a normal wordlist, and that is current and relevant. Its that jargon, slang, etc that help with those more hard to reach passwords.

    ReplyDelete
  7. It might be even more productive at getting industry specific words by adding a bit of recursion. Do your first search and then search again with any words found that are not already in your master wordlist. That way terms you thought of can lead you to jargon or slang that you are not familiar with personally but are to a person in the industry or group.

    ReplyDelete
    Replies
    1. Yes, it does work quite well recursively. I was doing a bit of that already, but I figured I'd keep it simple for this post and let others build on it. Nice thinking. ;)

      Delete
  8. This comment has been removed by the author.

    ReplyDelete
  9. Hello guys,

    I was wondering if there was any way to make a wordlist using twittter usernames only? I think that could be more than helpful to find passwords made of name+numbers or noun+numbers.

    Indeed, I noticed that of all the WPA passphrases that I've managed to crack thanks to gigantic dictionaries, a vast majority of those passwords were actually used as twitter usernames. ex: xavier1401, popolopopopopo etc.

    Any ideas?

    Cheers

    ReplyDelete
    Replies
    1. That's a great idea, and I'm sure there's a way. There are lists of facebook usernames floating around that make good password cracking dictionaries as well.

      Delete
  10. Joshua

    Quick one as I am trying to understand this and I am a bit of a rookie. Where did you get the militarysingles hashes from?

    ReplyDelete
    Replies
    1. The hashes were released publicly by a hacker group claiming to be Lulzsec. When hashes are released publicly (like the linkedin ones this week) you can usually find them by googling around a bit. Get em while they're hot, sometimes they become hard to find later.

      Delete
  11. This comment has been removed by a blog administrator.

    ReplyDelete
  12. OK so you used twitter and john the ripper to create a unique password list. Clever, I get it, but where does the Militarysingles.com password hash come into play?

    ReplyDelete
    Replies
    1. The point of using twitter rather than a standard huge dictionary is to be more targeted. Gotta have a target picked out to be targeted. :)
      Hence the military and dating related keywords I searched for....

      Delete
  13. Well...I suggest replace wget with curl. When do that you can make it in one line for exaple as alias and then you don't have a tempfile.

    ReplyDelete
  14. Just wondering, how could you modify this to grab words from a specific twitter log....or even a different website such as facebook, google+ or wikipedia

    ReplyDelete
  15. This comment has been removed by the author.

    ReplyDelete
  16. Great Stuff Joshua

    May I suggest to grab your 1400 words, run a calc_stat and then do a --markov220:0:0:12 --stdout > myfile.txt

    I had surprisingly good results with the Markov chains.

    ReplyDelete
  17. I've copied this exactly and I get a "no such file or directory" error when I try to run the script? Neat idea btw!

    ReplyDelete
  18. his is my first time i visit here. I found so many entertaining stuff in your blog, especially its discussion. From the tons of comments on your articles, I guess I am not the only one having all the leisure here! Keep up the excellent work. Buy twitter followers

    ReplyDelete
  19. Your blog is nice keep posting very informative post. Buy Youtube Views

    ReplyDelete
  20. wow no wonder best engineer are creators of big websites like social media, twitter, people should start sharing on how to create one, you should try this social media boost

    ReplyDelete
  21. I cannot thank you enough for the blog post.Really looking forward to read more. Awesome.

    how can i get Buy keek Free Trial on keek and get followers on keek fast and free

    ReplyDelete
  22. Thank you very much for your kindness and efforts to helping us in many ways. More powers to you.

    Buy Vine Trial

    ReplyDelete
  23. I recently came across your blog and have been reading along. I thought I would leave my first comment. I don't know what to say except that I have enjoyed reading. Nice blog. I will keep visiting this blog very often.

    Look into my web page :
    - Buy Instagram Likespread || Buy keek Package

    ReplyDelete
  24. Now that Twitter has switched their search over to a new system that requires authentication, what do you think would be the easiest method of building this kind of list?

    ReplyDelete
    Replies
    1. twofi.rb:131:in `+': can't convert nil into Array (TypeError)
      from twofi.rb:131:in `block in '
      from twofi.rb:129:in `each'
      from twofi.rb:129:in `'

      Delete
  25. This is a fantastic website and I can not recommend you guys enough. I really appreciate your post. It is very helpful for all the people on the web.

    ReplyDelete
  26. hello blogger,i really appreciate your highly thought about this matter through your post.Obviously your post is very informative.If you update your Social account, please visit buy facebook likes For facebook Service.

    ReplyDelete
  27. Greetings dear,many many thanks for sharing such wonderful information with us.I am eagerly waiting for your next post.Kindly please visit buy real facebook likes site for social information.

    ReplyDelete
  28. I must admit I have popped in a read a good number of your blogs but I have no idea how to post a response over there, so I'll tell you now how good you are at describing the stuff your at - I must admit I find it insightful to read your blogging. Keep up the good work. If you want to know more about a sites, please visit our website buy instagram followers

    ReplyDelete
  29. I must admit I have popped in a read a good number of your blogs but I have no idea how to post a response over there, so I'll tell you now how good you are at describing the stuff your at - I must admit I find it insightful to read your blogging. Keep up the good work. If you want to know more about a sites, please visit our website buy instagram followers

    ReplyDelete
  30. Amazing post dude.It will be very helpful for begginers like me.Thank you very much for this important post.Waiting for your next post.You can visit our site also buy twitter followers

    ReplyDelete
  31. I personally like this blog very much and suggest you best paraphrasing website which is perfect and provide authentic information.

    ReplyDelete
  32. Collections from the design labels such as pas cher trx and other beauty are released after every six months.
    With every new launch, a new penny skateboards cheap online technology is developed.
    This had led to making TRX For Sale remain competitive in the International market.
    The entire pas cher trx packaging process is paid into detail to enhance the collections quality and appearance.
    Now everyone can own high-end designer trx france.
    TRX Suspension Training Sale being one of the largest and most prominent fashion company in the world, it has an obligation of beating the standards set by others.
    The fashion world, with a higher concentration on Discount TRX Sale, needs to provide the best packaging services that the modern world has ever seen.
    TRX Suspension Training On Sale plays a major role in creating a brand name that fashion lovers want to identify with.

    ReplyDelete
  33. One can increase their integrity by buy real Facebook post likes. There are three main marketing techniques which are used for this work. The first is the use of keywords. When keywords are searched for regarding a particular topic, the page is going to appear in the top three results and people would be attracted to the page. The second technique is of the use of hashtags which is very popular nowadays to get fans by this interesting way by describing feeling about the page. Henceforth, people would be attracted and would visit the page. Third technique is using one’s interest. People tending to have similar interests in the content of page would definitely be attracted to your page. The page would come into sight on their timeline and they will see it. Before buying likes, one must be certain to have a strong profile image and an amazing cover which totally describes the page.

    ReplyDelete
  34. PC amusements as blessings are an awesome thought particularly for children who loves to draw, to compose verse. clash royale cheats

    ReplyDelete
  35. These are diversions that can help kids expand their hand and eye coordination and showing kids through intuitive lessons. square quick online

    ReplyDelete
  36. Some PC amusements that are fitting for more established children are the pretending diversions. yandere simulator download

    ReplyDelete
  37. Impressive web site, Distinguished feedback that I can tackle. Im moving forward and may apply to my current job as a pet sitter, which is very enjoyable, but I need to additional expand. Regards.
    clash royale free gems

    ReplyDelete
  38. Ever wanted to get free Twitter Re-tweets?
    Did you know you can get them ON AUTOPILOT & TOTALLY FREE by registering on Like 4 Like?

    ReplyDelete
  39. How to Use a Clothes Steamer A garment steamer is a great way to remove wrinkles from clothes. Steamers work by heating water until it becomes steam.

    ReplyDelete
  40. I recently came across your blog and have been reading along. I thought I would leave my first comment. I don't know what to say except that I have enjoyed reading. Nice blog. I will keep visiting this blog very often. make a website

    ReplyDelete
  41. This is Very very nice article. Everyone should read. Thanks for sharing. Don't miss WORLD'S BEST BikeRacingGame

    ReplyDelete
  42. Are you facing Microsoft Product and services related problems and you want to solve it permanently, than call Microsoft Helpline Number +1-844-229-3909 and get instant support

    Microsoft Helpline Number

    Microsoft Office Support Number

    Microsoft technical Support Number

    Microsoft Outlook Support Number

    Website - https://www.800-supportissue.com/

    Toll-free Number - +1-844-229-3909

    Email id - 800suportissue@gmail.com

    ReplyDelete
  43. Hyperbaric Oxygen Therapy (HBOT) is commonly used for overall health and wellness including anti-ageing and beauty, sports endurance and recovery, improving energy levels and in the treatment and management of chronic conditions and disease."
    Acupuncture in London
    |London Acupuncture Therapy
    |Colonic Irrigation London
    |Colon Hydrotherapy
    |Hyperbaric Oxygen Therapy London
    |Hypnotherapy

    ReplyDelete
  44. Nice article. It's very helpful to me. Thank you. Please check my secure password.

    ReplyDelete
  45. Hi nice article. Thank you for sharing this information. Please check my website Convert Password to MD5 Online.

    ReplyDelete
  46. Hello Everyone !

    USA SSN Leads/Fullz available, along with Driving License/ID Number with good connectivity.

    All SSN's are Tested & Verified.

    **DETAILS IN LEADS/FULLZ**

    ->FULL NAME
    ->SSN
    ->DATE OF BIRTH
    ->DRIVING LICENSE NUMBER
    ->ADDRESS WITH ZIP
    ->PHONE NUMBER, EMAIL
    ->EMPLOYEE DETAILS

    *Price for SSN lead $2
    *You can ask for sample before any deal
    *If you buy in bulk, will give you discount
    *Sampling is just for serious buyers

    ->Hope for the long term business
    ->You can buy for your specific states too

    **Contact 24/7**

    Whatsapp > +923172721122

    Email > leads.sellers1212@gmail.com

    Telegram > @leadsupplier

    ICQ > 752822040

    ReplyDelete
  47. There’s definately a lot to know about this issue. I really like all the points you made. I feel very grateful that I read this. It is very helpful and very informative and I really learned a lot from it. Feel free to visit my website; 토토사이트

    ReplyDelete
  48. So lot to occur over your amazing blog. Excellent post. I was always checking this blog, and I’m impressed! Im grateful for the article post.Really thank you! Will read on Feel free to visit my website; 카지노사이트

    ReplyDelete
  49. Hi there! This article could not be written much better Reading through this article reminds me of my previous roommate! He continually kept preaching about this. I’ll forward this information to him. Feel free to visit my website; 카지노사이트

    ReplyDelete
  50. This post truly made my day. You can not imagine just how much time I had spent for this info!Thanks! Feel free to visit my website; 배트맨토토

    ReplyDelete
  51. I was very pleased to find this site. I wanted to thank you for this great read!! I definitely enjoy every little bit of it and I have you bookmarked to check out new stuff you post. 한국야동

    ReplyDelete
  52. it’s really a nice and useful piece of information. I’m happy that you simply shared this helpful information with us. Please keep us informed like this. Thank you for sharing. 야설

    ReplyDelete
  53. I’m more than happy to discover this great site. I need to to thank you for ones time for this wonderful read!! I definitely enjoyed every part of it 야동

    ReplyDelete
  54. It’s really a cool and useful piece of info. I’m glad that you shared this useful info with us. Please keep us informed like this. Thanks for sharing. 국산야동

    ReplyDelete
  55. I enjoy the subject you are talking about. It very interesting! I enjoy the subject you are talking about. It very interesting! 한국야동

    ReplyDelete
  56. After looking through a few blog articles on your website,
    we sincerely appreciate the way you blogged.
    We've added it to our list of bookmarked web pages and will be checking back in the near
    future. Please also visit my website and tell us what you think.
    Great work with hard work you have done I appreciate your work thanks for sharing it.
    Text Edit Plus Crack

    ReplyDelete
  57. Wow, amazing block structure! How long
    Have you written a blog before? Working on a blog seems easy.
    The overview of your website is pretty good, not to mention what it does.
    In the content!
    vstpatch.net
    Waves 13 Complete Crack
    FL Studio Crack
    Refx Nexus VST Crack
    Wondershare Filmora Crack
    PreSonus Studio One Pro Crack

    ReplyDelete
  58. Everything is very open with a really clear explanation of the challenges. It was really informative. Your website is very useful. Many thanks for sharing!
    토토
    온라인경마

    ReplyDelete
  59. I like your all post. You have done really good work. Thank you for the information you provide, it helped me a lot. I hope to have many more entries or so from you.
    Very interesting blog.
    softwarezpro.info
    Hide All IP Crack

    ReplyDelete
  60. Wow, amazing block structure! How long
    Have you written a blog before? Working on a blog seems easy.
    The overview of your website is pretty good, not to mention what it does.
    In the content!
    vstkey.com
    PUSH Video Wallpaper Crack
    FL Studio Crack
    LD Player Crack
    Enscape 3D Crack
    IDM Crack
    PhpStorm Crack
    Redshift Render Crack

    ReplyDelete
  61. Wow, amazing block structure! How long
    Have you written a blog before? Working on a blog seems easy.
    The overview of your website is pretty good, not to mention what it does.
    In the content!
    vstkey.com
    Drip Fx VST Crack

    ReplyDelete
  62. Traditional bookstores have always existed on high streets, but in the digital age, the internet is proving to become a serious competitor to traditional brick and mortar stores. This article examines both sides of the coin and provides an appropriate insight into the phenomenon of shopping of books online. 메이저사이트추천

    ReplyDelete
  63. This is really interesting, you are such a great blogger. Visit media foster for creative and professional website design and Digital Marketing Company in Mohali and Also get Digital Marketing Course in Mohali
    TOP IT Company in Mohali
    best SEO Company in Mohali

    ReplyDelete
  64. 7 Habits Of Highly Effective Hackers: Using Twitter To Build Password Cracking Wordlist >>>>> Download Now

    >>>>> Download Full

    7 Habits Of Highly Effective Hackers: Using Twitter To Build Password Cracking Wordlist >>>>> Download LINK

    >>>>> Download Now

    7 Habits Of Highly Effective Hackers: Using Twitter To Build Password Cracking Wordlist >>>>> Download Full

    >>>>> Download LINK 1M

    ReplyDelete
  65. You Can Also Get Cracked Software For Windows & Mac Free Download
    https://miancrack.com/cookn-recipe-organizer-crack/

    ReplyDelete
  66. It is a good site post without fail. Not too many people would actually, the way you just did. I am impressed that there is so much information about this subject that has been uncovered and you’ve defeated yourself this time, with so much quality. Good Works! Its a great pleasure reading your post.Its full of information I am looking for and I love to post a comment that "The content of your post is awesome" Great work. 먹튀검증커뮤니티

    ReplyDelete
  67. Its such as you learn my thoughts! You seem to grasp a lot about this, such as you wrote the book in it or something. I believe that you can do with a few percent to power the message house a bit, but other than that, that is excellent blog. A great read. I will certainly be back. Howdy! Would you mind if I share your blog with my facebook group? There’s a lot of people that I think would really appreciate your content. Please let me know. Thanks Great post. I was checking continuously this blog and I am impressed! Very helpful info specifically the last part 🙂 I care for such information a lot. I was seeking this particular info for a long time. Thank you and best of luck. 먹튀사이트

    ReplyDelete
  68. This is usually a area primarily at risk from mud and additionally damage -- relates to your 은평구출장샵
    서대문구출장샵
    마포구출장샵
    양천구출장샵
    강서구출장샵
    금천구출장샵
    영등포구출장샵ex inside footwear, which can be regularly dull and also whet, specifically for the period of icy weather so they might deliver those to get a for an extended time!

    ReplyDelete
  69. Such great and nice information about software.
    This site gonna help me a lot in finding and using a lot of software.
    Kindly make this like content and update us. Thanks for sharing us Sublime Text Crack.
    Kindly click on here and visit our website and read more.
    광산구출장샵
    유성구출장샵
    대덕구출장샵
    진해구출장샵
    마산회원구출장샵

    ReplyDelete
  70. It's a great post. I will check this blog continuously. I hope you have a good day today.먹튀신고

    ReplyDelete
  71. Excellent blog.
    This website offers
    see website

    ReplyDelete