From the moment people started using passwords, it didn’t take long to realize how many people picked the very same passwords over and over. Even the way people misspell words is consistent. In fact, people are so predictable that most hackers make use of lists of common passwords just like these. To give you some insight into how predictable humans are, the following is a list of the 500 most common passwords. If you see your password on this list, please change it immediately. Keep in mind that every password listed here has been used by at least hundreds if not thousands of other people.

There are some interesting passwords on this list that show how people try to be clever, but even human cleverness is predictable. For example, look at these passwords that I found interesting:

ncc1701 The ship number for the Starship Enterprise
thx1138 The name of George Lucas’s first movie, a 1971 remake of an earlier student project
qazwsx Follows a simple pattern when typed on a typical keyboard
666666 Six sixes
7777777 Seven sevens
ou812 The title of a 1988 Van Halen album
8675309 The number mentioned in the 1982 Tommy Tutone song. The song supposedly caused an epidemic of people dialing 867- 5309 and asking for “Jenny”

“…Approximately one out of every nine people uses at least one password on the list shown in Table 9.1! And one out of every 50 people uses one of the top 20 worst passwords..”

Lists the top 500 worst passwords of all time, not considering character case. Don’t blame me for the offensive words; you were the ones who picked these, not me.

A good cheat sheet to have

Hello Everyone ,

if you use active directory you may notice windows xp sometimes allows you to login to computer even if your network is unplugged. this is because microsoft save your active directory password hash into your system registry using some algorithm named as MSCASH . there are many tools availble on internet to dump or to get these password hashes from registry.Password hash is saved in the Windows registry and by default saved 10 hashes.you can read more about mscash here .

Tools :

cachedump:

i personally first used cachedump a great dos based tool with which u can get saved active directory password hash.

you can download cachedump here .

Cain & Abel :

the second great tool availble to dump AD {active directory} saved hashes is Cain & Abel you can download Cain & Abel here

Recover Password

.

Second Part Crack Password :

now as you have your lost password hash you can use john the ripper with a small patch to crack your lost password mscash hash.

first you need a linux (ubuntu will be ok ) machine to use john. offcourse u can use windows but i will preffer linux as i dont know how we can patch john for mscash support ( i think you can do it using cygwin ). ok lets download and install john and patch it.

Rule # 1 : Don’t install john using apt-get install john ( if u do have thats ok but we will not be using that ) .

Step # 1 : login to your linux box.

Step # 2: download john 1.72 using :

wget -c ftp://ftp.openwall.com/pub/projects/john/1.7.2/john-1.7.2.tar.gz

Step # 3: extract john using :

tar xzf john-1.7.2.tar.gz

Step # 4: download patch for mscash using :

wget http://coast.cs.purdue.edu/pub/tools/unix/pwdutils/john/contrib/john-1.7.2-mscash-alainesp-4.1.diff.gz

Step # 5: Rename john to :

mv john-1.7.2 john-1.7.2.orig

Step # 6: patch john using :

gunzip -c john-1.7.2-mscash-alainesp-4.1.diff.gz | patch -p0

Step # 7: make John the ripper

cd john-1.7.2.orig/src && make linux-x86-mmx (depend on your system architect)

Step # 8: start cracking password using :

../run/john -i:all -format:mscash [filepath]

I hope this would help you. Please post comments and feedback.

Hello ,

below is some links to crack md5 password hashes online , i will keep this post updated with all online links for cracking md5.

http://gdataonline.com
http://md5.rednoize.com
http://ice.breaker.free.fr
http://www.milw0rm.com/md5/
http://shm.hard-core.pl/md5/
http://www.hashchecker.com
http://lasecwww.epfl.ch/%7Eoechslin/projects/ophcrack/
http://md5.benramsey.com
http://md5.altervista.org
http://shm.hard-core.pl
http://plain-text.info
http://www.passcracking.ru/
http://www.securitystats.com/tools/hashcrack.php
http://www.xmd5.org/index_en.htm

Have you forgotten your windows vista password ?   you cannot login to your  computer / laptop ? No worries you can hack windows vista to reset your windows vista password.

Requirements :

1 ) Windows Vista DVD
2 ) Computer with Windows Vista

Please follow steps below to reset your Windows Vista Password in 10 minutes.

Steps :

1. Insert the Windows Vista DVD into the DVD drive and then restart the computer.
2. Change Boot Options 1st Priority to Optical Drive.
3. When system booting up, if the message “Press any key to boot from cd” appears, immediately press Enter.
4. On Language Settings, Time and Currency and Keyboard Layout screen, just choose the correct settings then click Next.
5. On Install Now screen, click Repair. Note: Click No just in case you get the message: Windows found problems with your computer’s startup options.
6. On the System Recovery Options screen, under Operating System, click Windows Vista then click Next. Then select Command Prompt.
7. At the command prompt windows, type the following command then press Enter after typing each command:
c:
cd windows\system32
echo ~takeown /f %1 /r /d y > TakeControlOf.cmd
echo ~icacls %1 /grant administrators:F /t
ren Magnify.exe Magnify.old
ren cmd.exe Magnify.exe
8. Restart the computer.
9. On the Welcome Screen, click the Ease button.
10. Check Make items on the screen larger then click OK.
11. At the prompt, type the command then press Enter.

net user Administrator /active:yes
exit
12. Restart the computer.

13. At the welcome screen, logon using the local administrator account.
14. Access Control Panel then click User Accounts. Select the username of the account you can’t login to then remove the password.
15. Log off on the current local administrator account your are logon to.
16. Check if you can logon to your user account now.
17. Open c:\windows\system32.
18. Right click on Magnify.exe, select Properties -> Security -> Advanced -> Owner -> Edit -> Administrators then click OK.
19. Select Edit -> Administrators -> Full Control then click Apply then OK.
20. Rename Magnify.old to Magnify.exe
21. Open command prompt then type the command then press Enter.
net user Administrator /active:no

i hope this will help you feedback will be appreciate.

Here are most Commonly Chosen Passwords , Please don not use these words as your Passwords. Please use Password Meter [ http://www.passwordmeter.com/ ] .

aaa abc academia academic access ada admin adrian adrianna aerobics airplane albany albatross albert alex alexander alf algebra alias aliases alice alicia alisa alison allison alpha alphabet ama amadeus amanda amber amorphous amy analog anchor andrea andromache andy angela angerine angie animals anita ann anna anne annette answer anthropogenic anvils anything april aria ariadne arlene arrow arthur asd asm asshole athena atmosphere aztecs azure

bacchus badass bailey banana bananas bandit banks barbara barber baritone bart bartman basic bass bassoon batch batman beach beater beauty beaver becky beethoven beloved benz beowulf berkeley berlin berliner beryl beta beth betsie betty beverly bicameral bishop bitch bob bradley brandi brandy brenda brian bridget broadway bsd bumbling burgess

cad camille campanile candi candy cantor cardinal caren carla carmen carol carole carolina caroline carrie carson cascades castle cat catherine cathy cayuga cecily celtics cerulean change charity charles charming charon chat chem chemistry chess chester christina christine christy cigar cindy class classic claudia cluster clusters code coffee coke collins commrades computer comrade comrades condo condom connect connie console cookie cooper cornelius couscous create creation creosote cretin criminal cristina crystal cshrc cynthia

daemon daisy dana dancer daniel danielle danny dapper data dave dawn deb debbie deborah december default defoe deluge denise desiree desperate develop device dial diana diane diet dieter digital disc discovery disk disney dog dos drought dulce duncan

eager earth easier easy eatme edges edinburgh edwin edwina egghead eiderdown eileen einstein elaine elanor elephant elizabeth ellen email emerald emily emmanuel enemy engine engineer enterprise enzyme erenity erica erika erin ersatz establish estate eternity euclid evelyn extension

fairway felicia fender fermat ferrari fidelity field file finite fishers flakes float flower flowers foolproof football foresight format forsythe fourier fred friend frighten fun function fungible

gabriel games gardner garfield gatt gauss george gertrude gibson gina ginger glacier gnu golf golfer gorgeous gorges gosling gouge graham grahm group gryphon gucci guess guest guitar gumption guntis

hack hacker hal hamlet handily happening harmony harold harvey hawaii heather hebrides heidi heinlein hello help herbert hiawatha hibernia hidden holly homework honey horse horus hutchins hydrogen

ibm imbroglio imperial include ingres ingress ingrid inna innocuous internet irene irishman isis

jackie jane janet janice janie japan jasmin jean jeanne jen jenni jennifer jenny jessica jester jill jixian joanne jody johnny joseph joshua joy joyce judith judy juggle julia julie june jupiter

karen karie karina kate kathleen kathrine kathy katina katrina kelly keri kermit kernel kerri kerrie kerry key kim kimberly kirkland kitten knight krista kristen kristi kristie kristin kristine kristy

ladle lambda lamination lana lara larkin larry laura lazarus leah lebesgue lee leland leroy leslie lewis library light linda lisa lisp liz lock lockout lois lori lorin lorraine louis love lucy lynn lynne

macintosh mack maggot magic mail maint malcolm malcom manager mara marci marcy maria marietta mark markus marni mars marty marvin mary master math maurice meagan megan melissa mellon memory mercury merlin mets mgr michael michele michelle mickey mike minimum minsky mit modem mogul moguls monica moose morley mouse mozart mutant

nagel nancy napoleon nasa nepenthe neptune ness net network new news newton next nicole nita nobody noreen noxious nuclear nutrition nyquist

oceanography ocelot office olivetti olivia open operator oracle orca orwell osiris outlaw oxford

pacific pad painless pakistan pam pamela paper papers pass password pat patricia patty paula pencil penelope penguin penis peoria percolate persimmon persona pete peter philip phoenix phone pierre pizza plane playboy plover pluto plymouth polly polynomial pondering pork porsche poster power praise precious prelude presto prince princeton priv private privs professor profile program protect protozoa pub public pumpkin puneet puppet

qwerty

rabbit rachel rachelle rachmaninoff rainbow raindrop raleigh random rascal reagan really rebecca regional remote renee rick ripple risc rje robin robot robotics robyn rochelle rochester rodent rolex romano ronald root rose rosebud rosemary roses ruben rules ruth

sal samantha sandra sandy sara sarah saturn saxon scamper scheme school scott scotty secret security sensor serenity service sesame sex shannon sharc shark sharks sharon sheffield sheldon shell sherri shirley shit shiva shivers shuttle signature simon simple simpsons singer single smile smiles smooch smother snatch snoopy soap socrates somebody sondra sonia sonya sossina sparrows spit spring springer squires stacey staci stacie stacy steph stephanie strangle stratford student stuttgart subway success summer sun super superstage superuser support supported surfer susan susanne susie suzanne suzie swearer sybil symmetry sys sysadmin system

tamara tami tamie tammy tangerine tape tara target tarragon taylor tech telephone temptation tennis terminal test thailand theresa tiffany tiger tina toggle tomato topography tortoise toxic toyota traci tracie tracy trails transfer trisha trivial trombone tty tubas tuttle

umesh unhappy unicorn unix unknown uranus urchin ursula util utility uucp

valerie vasant venus veronica vertigo vicky village virgin virginia visitor

wargames warren water weenie wendi wendy whatever whatnot whiting whitney wholesale will william williamsburg willie wilma winston wisconsin wizard wombat woodwind word work wormwood wyoming

xfer xmodem xyz xyzzy

yaco yang yellowstone yolanda yosemite

zap zimmerman zmodem

John the Ripper is a decrypting program for passwords. Although it has many

functions we will be looking at using it as a decryper for password files
you possess.

We will be looking at Password Files which you have put on your Hard Disk
- PREPARATION
SHORTCUT TIP FOR WINDOWS 95
PASSWORD FILES
- DECRYPTING
JTR MODES
SINGLE MODE
WORDFILE MODE
INCREMENTAL MODE
ALPHA
DIGITS
ALL
SHOW MODE – Saving the Decrypted Files
- ADVANCED COMMANDS
STOPPING JTR
RULES
SESSION and RESTORE
- JTR QUICK REFERENCE

——————–

. ———–
PREPARATION
———–
1. Download the correct version of JTR, use win32 for Win 95/98
2. Extract the zip File into a Directory
3. Make sure you have your Password Files in the same directory

—————————
SHORTCUT TIP FOR WINDOWS 95
—————————
1. Right Click on the [Start] Button, and choose Open
2. Double Click on [Programs] Folder
3. Right Click and Copy, [MS-DOS Prompt]
4. Close the [Programs] Folder
5. Right Click and Paste on the Desktop, a [MS-DOS Prompt] should appear
6. Right Click on the [MS-DOS Prompt] icon and choose Properties
7. Click on the Program Tab
8. In the box next to Working (It should have C:WINDOWS in there) Change
it to the Directory of where-ever the Program JOHN.EXE has been
extracted
9. Click on the [OK] button
10. Test what you have done by Double Clicking on the Icon, If you wish to
rename [MS-DOS Prompt] to JTR, then do so

————–
PASSWORD FILES
————–
A. Naming
I personally name my files with a p extension, some people use txt
eg If i had the password file to Dannis’, I would name it danni.p
The reason is that p stands for password file, I then name my decrypted
password files with a txt extension
It is really up to you what you name your password files, just remember
that the names should be less than 8 characters
eg likethis.p
B. Where should I put them?
Always have the password files you have found in the same directory as
JOHN.EXE, Its just easier to handle them that way

———-
DECRYPTING
———-
Depending on what JTR version you have downloaded, you have to change into
the directory JOHN.EXE is

———
JTR MODES
———
There are 3 main modes we will be dealing with
-single, -wordfile, -incremental

[KEYS]
[passfile] – this is the name of your password file
[wordlist] – this is the name of your wordlist
[output] – this is the name of the file you will name when you want to
save your decrypted passwords

———–
SINGLE MODE
———–
Single Mode attempts to find the weakest of all the passwords. This is one
of the fastest methods.

SINGLE MODE SYNTAX
john -single [passfile]
or you could use
john -si [passfile]

Example:
If you found a [passfile] and named it danni.p then you would type
john -si danni.p

Take a look at SCREEN SHOT OF A JTR SESSION

————-
WORDFILE MODE
————-
Wordfile Mode is the next quickest method. It requires the use of a wordlist
The wordlist must be in a single wordlist and not a combo list

WORDFILE SYNTAX
john -wordfile:[wordlist] [passfile]
or
john -w:[wordlist] [passfile]

Example:
If you found a [passfile] and named it danni.p and you had a [wordlist]
named mydict.txt then you would type

john -w:mydict.txt danni.p

Take a look at SCREEN SHOT OF A JTR SESSION

—————-
INCREMENTAL MODE
—————-
Incremental mode is the slowest mode and will try to decrypt every pass in
your passfile, as this can take days, months even years, I would use it as
a last resort

There are 4 basic commands we will be dealing with
digits, alpha, all, and leaving it blank

DIGITS mode
This will try to decrypt all the Passwords that are in numbers

ALPHA mode
This will try to decrypt all the Passwords that are letters only

ALL mode
This will try to decrypt all the Passwords, whether they are in numbers, in
letters or some special characters (@!^&…etc)

WITH NO MODE SELECTED
This will basically do everything to try to decrypt the password file

SYNTAX
john -i [passfile]
john -i:DIGITS [passfile]
john -i:ALPHA [passfile]
john -i:ALL [passfile]

Example:
If you found a [passfile] and named it danni.p
john -i danni.p
john -i:DIGITS danni.p
john -i:ALPHA danni.p
john -i:ALL danni.p

Take a look at SCREEN SHOT OF A JTR SESSION

When running in this mode, If you ever want to stop it push CTRL – C

————————————–
SHOW MODE – Saving the Decrypted Files
————————————–
Finally, once JTR has finished its decrypting process, you will be ready
to enjoy the results. These you will save in a file name of your choice.

SHOW SYNTAX
john -show [passfile]>[output]

Example:
If you found a [passfile] and named it danni.p, you decide you want to name the
decrypted password file or [output] to danni.txt

john -show danni.p>danni.txt

Now you can open danni.txt in a TEXT EDITOR
You will see something like this

italia:italiano
makoto:makotox
PADWICK:PADWICKH
kelley:kelleyaj
bechtel:jbechtel
mequery:queryme
seeeee:meeeee
stevewm:stevenm

8 passwords cracked, 246 left

Hopefully you will get more passwords than the example though

—————–
ADVANCED COMMANDS
—————–
Here are a few more commands which prove handy when using JTR

————
STOPPING JTR
————
If at anytime you wish to stop the decrypting process then
Hold down the [ CTRL ] key and Push the [ C ] key

—–
RULES
—–
This command is used with the Wordfile Option, without it JTR will try only
the words in your wordlist. When this is activated it will try variations as
outlined in the john.ini file. This is also quite slow

RULES SYNTAX
john w:[wordlist] -rules [passfile]

——————
SESSION & RESTORE
——————
Decrypting by now you will notice can become a long a slow process, JTR
allows you to save save and restore sessions. A session is like a snap
shot of what you are decrypting. It remembers what file you used, and
where you were at if you decide to stop it. session can be used with any
of the main modes.

SESSION & RESTORE SYNTAX
john -restore
john -restore:[session name]
john -session:[session name]

[session name] is any name you choose

EXAMPLE
——-
Lets say you want to decrypt a file named danni.p

OK you’ve used the -si mode, which was quick
With your trusty wordlist file named biglist.txt you next run the -w mode

FINAL NOTES
———–
There are many other features that JTR uses, that are Advanced, these can be
found in the DOC folder in JTR, just use a text editor to open and read them
We were only concerned with getting at least 50% of the passwords. This may
be achieved by SINGLE and WORDFILE modes
SPEED is dependant on your CPU, If you screen looks like its frozen and
doing nothing, just hit any key a couple of times, you will see a mini
progress report.
Speed is also dependant on the size of your password file and the number of
salts, A salt can be thought of as a slightly different way to encrypt a
file. As there are many ways to encrypt a single password

——————-
JTR QUICK REFERENCE
——————-
[KEYS]
[passfile] – this is the name of your password file
[wordlist] – this is the name of your wordlist
[output] – this is the name of the file you will name when you want to
save your decrypted passwords
: – whenever you see a colon then use it in the command
- – whenever you see a minus sign then use it in the command
> – whenever you see this sign then use it in the command
[] – DO NOT INCLUDE THESE IN THE COMMAND

SINGLE MODE
john -si [passfile]
WORDFILE MODE
john -w:[wordlist] [passfile]
INCREMENTAL MODES
john -i [passfile]
john -i:ALL [passfile]
john -i:DIGITS [passfile]
john -i:ALPHA [passfile]
SHOW MODES
john -show [passfile]>[output]

Loaded 254 passwords with 85 different salts (Standard DES [32/32 BS])
italia (italiano)
makoto (makotox)
PADWICK (PADWICKH)
kelley (kelleyaj)
bechtel (jbechtel)
mequery (queryme)
seeeee (meeeee)
stevewm (stevenm)
guesses: 8 time: 0:00:01:23 100% c/s: 25771 trying: zcatcatk – zcatcatz