Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Sponsored by: █ Sparkhost - Hosting Without Compromises! █ Hybrid Performance Web Hosting █ Spark Host Stream Hosting █ Hybrid IRC & IRCd Server Shell Accounts

Generating Password Based On An User Profile

Started by infiltrator , Apr 13 2011 10:58 PM

Please log in to reply

5 replies to this topic

#1 infiltrator

Staff Sergeant

Sergeant Major
421 posts

Posted 13 April 2011 - 10:58 PM

Hi All,

I know there is a software that is capable of generating random passwords, based on a given user profile.
I've been Googling for the last hour or so, but I can't seem to find it. Is anyone in here able to tell the name of this software.

Thank you very much

Regards,
Infiltrator

Back to top

#2 Edu

General

Members
2,268 posts

Posted 14 April 2011 - 01:28 AM

hmm what 'logic' is this software based on ?

http://www.secumania.net - Secumania security blog.

Embed any executable in a JPEG image and get it to run upon opening the image with this cool tool that abuses a feature of GDI in Windows systems. for governmentsecurity.org members only! click here to get it!

Back to top

#3 infiltrator

Staff Sergeant

Sergeant Major
421 posts

Posted 14 April 2011 - 04:16 AM

hmm what 'logic' is this software based on ?

Can't remember which podcast show or article I read it from, but basically, if you gather enough information about a user, you can then generate passwords based on this information.
I am not trying to hack into anyone's account, I am just curious to know what kind of password this tool can generate, based on the gathered information for a given user.

Please let me know, if I am not making sense.

Back to top

#4 Marts McFly

Second Lieutenant

Second Lieutenant
591 posts

Posted 14 April 2011 - 04:39 PM

Are you referring to CeWL? http://www.digininja...ojects/cewl.php

Basically spiders are given website, and builds wordlist for cracking based on that. So for example... a company's website... or a users social network profile.

Idea behind it is that there is a good chance a password will be based on one of these. Combined that with wordlist-mangling (subsitutions and character additions + leet speak) you have a far greater chance of finding a valid password.

Certified Information Systems Security Professional (CISSP)

T: http://twitter.com/Marts_McFly

B: http://www.backtosecurity.com

Back to top

#5 infiltrator

Staff Sergeant

Sergeant Major
421 posts

Posted 15 April 2011 - 04:58 AM

Are you referring to CeWL? http://www.digininja...ojects/cewl.php

Basically spiders are given website, and builds wordlist for cracking based on that. So for example... a company's website... or a users social network profile.

Idea behind it is that there is a good chance a password will be based on one of these. Combined that with wordlist-mangling (subsitutions and character additions + leet speak) you have a far greater chance of finding a valid password.

Yes, that's exactly what I was referring to. Thanks for that.

Back to top

#6 kingvandal

Master Sergeant

Second Lieutenant
776 posts

Posted 25 May 2011 - 07:33 AM

Are you referring to CeWL? http://www.digininja...ojects/cewl.php

Basically spiders are given website, and builds wordlist for cracking based on that. So for example... a company's website... or a users social network profile.

Idea behind it is that there is a good chance a password will be based on one of these. Combined that with wordlist-mangling (subsitutions and character additions + leet speak) you have a far greater chance of finding a valid password.

Yes, that's exactly what I was referring to. Thanks for that.

I think I remeber Social-Engineers SET toolkit does something along those lines as well.

Tchirimbimbim!!!
Very Interesting: Windows XP Source Code! and Windows Vista Source Code!!. Read'em and weap...