The highest form of ignorance is when you reject something you don't know anything about.

Wayne Dyer (b 1940)

Support & Donate




 READ THIS: 
As of June 9, 2016  we are no longer accepting Paypal 
We will update this page and change the payment methods. 
if you have any question, drop us an email at kismac.x at gmail dot com
 
Thank you for you patience. 



Spare few bucks, save a bunch of hours ....











Comment left By  SSI,  Feb 16, 2012
 "...  I'm getting about a 40% success rate with the V701 wordlist. Mighty fine!"

You Do NOT need a ****** account to Make a Donation  

Donations Packages  
When you donate via those ****** buttons, you'll receive a very very good REFINED Dictionary attack for KisMAC, Aircrack, Pyrit or Crowbar,  and you'll also do some good by supporting the promotion of free knowledge.  Please be aware that donations packages that includes the Attack Dictionary are fix priced* or more if you feel like it, but not less**.
Thank you!

Gold 
Very Large WPA / Cracking Dictionary Ver.7.99
Last update: Linkedin, eHarmony, Formspring, MilitarySingles

Last update: Sony BMG hacked passwords added.
Last update: Lulz Security Hack #1, #2 & #3 adding ~350,000  unique to the list... (June '11)
Last update: San Francisco Bay Area Rapid Transport hack (Anonymous) 

~26,170,000 most used passwords (Yes! over 26 millions) 
Composed only of real passwords, duplicates removed, statistically sorted.
From the Most Used Passwords of All Times compilation
~40.5 million real passwords resulting in about ~24 million passwords Dictionary.
This list is usable by KisMAC, Aircrack-ng, John The Ripper & all programs using lists, dictionary & wordlists
Last count: 26,170,100 Unique Passwords

What's the procedure? 
- You'll receive a nice email shortly after we have received confirmation from *******.
As this is not an automated service, we kindly ask you to be a little patient.  If we are late, we will apologize and probably send you a bonus for free.
- Please ensure that the email address used with ****** is valid: The email containing the link is sent to the address provided by *******
Also, for the sake of clarity, Gold & Crackium packages are provided without support for Aircrack & Al.  Please refer to the Platinum Package for direct support.  Thank you.
 

Gold Plus
The Gold Plus package contains the above Gold package plus:

- Another 1.24 GB mingled dictionary. (~  passwords)
As people are getting a bit smarter nowadays, they start replacing letters by numbers or signs.  i.e.   chocolate --> ch0c0l@te --> ch0c0l@t3  (We took care of that...) 
- A lowerUPPER dictionary  (~ 228,244,100 passwords)
- A Stochastic Probabilities Statistical dictionary:  Most probable output based on patterns, words, character usage and position. (88,727,600 Passwords)
- Monster Dictionary: 155,525,600 real passwords
The Gold Plus Package is a set of 5 dictionaries, totaling almost 400 million passwords  (398,995,100 passwords)
 

Crackium  
Gigantic Set of Wordlists : Over 1,074,962,050 Passwords and counting!  (Yes, that's over a billion)
Crackium is a set of Wordlists, Dictionaries plus a how-to PDF that explains how to easily generate and modify Wordlists.   
Total Wordlists size: 9.02 GB (Gigabytes)
Crackium includes 2 versions of the Monster dictionary, plus the MasterPasswords Attack Dictionary. That makes about 400 millions passwords right there ....
The "How-To" explains how you can prefix, suffix, replace, add, concatenate, split, sort by occurrences, change case, exchange characters and truncate words or remove words less than x characters.
Crackium contains multiple Wordlists ready to be either used “As Is” or played with to fit your needs: Multiple Wordlists are more efficient than a gigantic one.
You’ll find a detailed Content List at the end of this post. 

 

Cracking School, One To One Session
Platinum  
Includes:  1-hour One To One tutorial session, via iChat Screen Sharing, including upon your choice:
KisMAC basic and advanced features, Attacks, WEP & WPA Key Recovery.
Aircrack-ng Tutorial, WEP and WPA  cracking:
JtR Install, configurations, teaching, Rules, Charset,  etc
Hashcat Install, config, etc  
Or in short, anything you wish to review, get help with, getting started, advanced users, etc.
You'll receive a nice email shortly after we have received confirmation from *****
Please, ensure that the email address used with ***** is correct
 
Is it worth it?
"I have to give you huge credit for helping me out.  I'd say the education I just received in the last 3 days with your guidance is well worth the $25 donation"
Sean M.


Wordlist on demand
Lost your password?

If you have lost your password, and you remember some of it, or if you remember what was NOT used, we can create tailor made wordlist(s) for you to try to retrieve your lost password.

Or If you need a specific wordlist, just made for your needs, leave a comment with your email address (It will NOT be published) and we'll contact you.
The fee is based on the complexity and size.  If you need more than 10GB compressed, it will be a multiple download.

Example:
You remember using "password" plus a color, but do not remember the color or the order, or if you have used an uppercase (Proper) word, lower or UPPER
We can then generate every possible combination for you.










Crackium?  What's in there?  

- about 1 billion passwords, and the ways to turn that into 400 billions if you want to.


  • A "How-To" to create, expand , modify and tweak your Wordlists/Dictionaries
  • New Monster Dictionary, a statistical compilation of 50+ passwords heist:  208 Million passwords. Works for WPA, KisMAC, Aircrack, John The Ripper, Crowbar and oclHashCat.
  • MasterPasswords  Version 7.99  ~26 millions real passwords, plus variations of the most used. 
  • All numbers 8ch long  100,000,000 Pwsd. 
  • Ilove.txt    over 1 million most used first name with 22 permutations of  “I love you”  i.e  iluv, ILove, etc    25,523,113 Pwsd
  • A full set of signs !@#$%^&* , 8 ch long , 214,358,888 passwords
  • A full set of SSN #  000-00-0000 to 099-99-9999, modifiable:  100,000,000 Pwsd.
  • A set of most used First names, sorted by occurrence (most used first) 4,347,600 Pwsd
  • A set of most used Last names, sorted by occurrence (most used first) 5,369,400 Pwsd
  • A set of the most used Fnames and Lnames, formatted lower, Proper, UPPER. 
  • A full set of phone numbers,   pre-made to easily create your own in minutes
1 Format   (XXX) 00-0000 to (XXX) 99-9999      8,960,000 Pwsd
1 Format    XXX 00-0000 to  XXX 99-9999         8,960,000 Pwsd
1 file with all phone numbers, all areas for NY (NYPH.txt)  116,480,011 Pwsd,  modifiable to all areas.

Statistically Sorted ? What do you mean? 

In short, instead of running a list for hours on end, you may run it for few minutes only.
 Take the most used passwords, add "few" lists of real password heist, then start generating stats about your ~220 million lines. Sort the all shebang to have the most used passwords first and you'll end up with the highest statistical possibility to crack a password fast!
The most used being first, you don't have to run the all list to get to a probable hit. 

Click to enlarge
















58 comments:

  1. On a related note, I plugged that list into Aircrack-ng through terminal, and it's still rolling after 47,000,000 keys. I thought the list had 19 million? Where did the next 28 mil come from?

    ReplyDelete
  2. Evan,
    Sorry, I just had a brain fart,
    You said "KEYS" and not "Passphrases" they are not the same.
    the WL contains ~20M PASSPHRASES,
    you'll run more keys than that. See Master Key, and Transient Keys

    If you wish to continue the discussion, please post on the Aircrack Article

    ReplyDelete
  3. wow! thanks a lot! I had 3 WPA hits with your Dic! best 5 bucks evar, free internet! :-))))))))

    ReplyDelete
  4. FYI, it's not made to get "Free Internet"

    ReplyDelete
  5. first...sorry for my english..I'm italian.
    I live in costa rica and I spend some few months in europe. do you think that CRAKIUM list is good for me? or I need some spanish list? I have a macbook pro 2.33 GHz intel core 2 duo and 2GB 667MHz SDRAM
    with Alfa AWUS036H 1000mW 1W 802.11b/g
    ...and now the BEST question...
    do you have a One To One tutorial session...in spanish? I think that tecnical english is too difficult for me...:)

    ReplyDelete
  6. tamarey,

    with Crackium, there is a PDF that explains how to modify the dictionaries. If you feel that you won't have enough, we can throw in an extra 14 GB of dictionaries.

    Spanish:
    No, sorry... English only

    ReplyDelete
  7. THANK YOU! best 12,99 ever!

    ReplyDelete
  8. Been trying for 3 weeks to crack my wpa2. Took 6 seconds FLAT with you're wordlist. Thank you!!

    ReplyDelete
  9. Alisson,
    Thanks for letting us know

    Gold: ~25 M passwords
    Platinum: 1.5 Billion
    KisMAC School = Gold + 45min session on One To One via iChat (Questions, tips, How to, Fixes, etc )

    Yes, they both are, and work for WPA

    ReplyDelete
  10. Cool, I made my donation because the blog has helped me a lot! and even more with this bonus! even better!
    But I think I will dismiss the class, by which to express myself in English is complicad, consider reading quietly without a translator, but when I need to speak some English, I made ​​it very difficult and I just need help of a translator! hehe

    ReplyDelete
  11. hello, just want to say a huge thank you ! got my dictionary for $5.99, tested on the first WPA i could find , worked like a charm!

    This blog has taught me one thing: humans are predictable....

    if your all wondering the WPA pass phrase was "elephant"

    ReplyDelete
  12. Thanks a bunch bigboy, ;-)
    So, how long did it take you?

    Top of my head, the fastest WPA I ever did was about 3 sec.

    humans are predictable....
    Are they?: http://easymactips.blogspot.com/2011/06/with-love-signed-darwin.html

    ReplyDelete
  13. 1) once again you have posted in the right section.
    2) New computer: Yes, a Fujitsu K. or two. Make it three, just in case.
    3) Your issue is exactly situated between 7^63 and 63^127
    ;-)

    ReplyDelete
  14. mike,
    Click on the donate button , top of the page

    ReplyDelete
  15. Hi there,
    Awesome Blog! I've ordered a Alfa AWUS036H and waiting for delivery.
    I plan to make a donation on my next payday.

    Not sure if i should grab the Gold or Crackium.
    Need it only for WPA/WPA2.
    Which one would you recommend?

    Also, just wondering if updates are included?

    ReplyDelete
    Replies
    1. Dragon,
      Gold or Crackium: Crackium includes the Gold, and is an overall better value. After, it only a matter on how far you want to go
      Updates are included ONLY when there is a recent change, i.e within a month or so.
      Thanks

      Delete
    2. How did the crack work with that model usb wifi adapter?
      I've got the same adapter and am looking for feedback. What format does the password list come in? Csv? Txt?

      Delete
    3. Absolutely the wrong thread here. please post your question in the right place

      Delete
  16. I didn't think my chances would be very good using a dictionary attack.
    Anyways, I got permission from my neighbour to try and crack his WPA2.
    27 mins with Master Passwords v701
    lol, best $6.00 I've ever spent, haha

    ReplyDelete
  17. A comment has been removed for ethical reason:
    Blog created in the sole purpose to redirect to Spam/Scam

    Nevertheless, if your question was genuine:

    how does the list in the gold/crackium packages compare....the one in the provided link is statistically sorted and designed just for WPA, that is it only contains 8-63ch passpharases

    Okeyyy....
    Dear K..a
    besides that the we too, since day one, (2009) only use Statistically sorted WL, your question raise one little problem:
    In my humble opinion, there is no need to go above 25~30 ch long, so, a wordlist 8 to 63? What's the point?
    1) After 20ch the keyspace is so humongous that you could not store the said Wordlist.
    2) If someone is using a 30+, you could expect the said individual to be somewhat "aware". I would not even try.
    3) Great, you have a 30TB wordlist. Now what? You buy a Jaguar to run that wordlist or do you wait 300 years?
    4) Link to a 200GB. enjoy ... http://tinyurl.com/8orfkyq

    ReplyDelete
  18. This comment has been removed by a blog administrator.

    ReplyDelete
  19. "Fiona Nixon" is a fake profile made to spam / redirect traffic into a scam website named "auralsolve.com"
    auralsolve.com sells dubious services.
    the original picture for that profile can be found at (bottom of the page) http://www.peopletreemagazine.co.uk/top-stories/5941/karen-nicol-interview.html

    Thank you Fiona for the spam, and thank you for trying to scam people.

    ReplyDelete
  20. Hi
    Can you write all price for Crackium, Gold and Platinum?

    Thank you

    ReplyDelete
    Replies
    1. hello,
      Prices are normally there, the issue is dropbox.
      Gold 5.99, Crackium 12.99, Platinum 24.99
      It should be back to normal fairly soon.

      Delete
    2. and Dropbox is back... Thanks to the dingbats that are hotlinking some files on this blog. 2x20GB in 2 days...

      Delete
  21. Hi admin.

    I don't see the option to donate. Where is it? Also, can I transfer to you directly via paypal? If yes, please, send me your e-mail.

    1) Also, how big are these wordlists (in special the gold one) in size of file?
    2) Is the gold one good to use with john the ripper?

    Thanks.

    ReplyDelete
    Replies
    1. Hello Unknown Richard M.
      The "free amount" donate has been removed, too many jokers donating ridiculous amount. Now it's a fixed amount.
      The Paypal buttons are now working again.

      1) ~26,170,000 most used passwords
      2) yes, Try it against Linkedin with JtR and you'll see.
      2a) I respectfully disagree with Rich about is last sentence: Anything under 8 is automatically skipped, nevertheless it's a very good baseline to be used with a good set of rules. See the JtR article about the distribution. As for Korelogic rules, they are going to take a long-long while. I had a much higher number of hits with Markov.
      In my personal experience with Linkedin, (see the distribution graph) you'll quickly realize that "words" of less than 8 are making the bulk of the baseline. Without those, the efficiency of Markov drops dramatically.
      Now, in my personal and private opinion: anything above 20ch is extremely hard to recover; The Keyspace is wayyyy too large.
      As for the advice of Rich and as described in the FAQ, you can compile, sort, test, etc your own. It's your time after all.

      3) What people have trouble to grasp is: Quality is paramount in a WL. With Quality, you can always generate variations: The human factor is your friend: password >> passw0rd
      On the contrary, making a huge WL, i.e 50GB just for the sake of bragging rights, is easily feasible, but you'll end up with 99.999% useless junk.
      3a) with a GRC generated pswd, you'll be SOL. (Shit Out of Luck) Aircrack, JTR or Hashcat included.
      4) Read Matt Weir's blog.

      Delete
  22. Hi Admin.

    Thanks for reply. OK, I just have one last question before buy, is Gold part of Crackium?

    My goal is to crack passwords with 7 chars and up where password policy is enforced.

    Thanks.

    ReplyDelete
    Replies
    1. Gold is included in Crackium.
      "7 chars and up where password policy is enforced"
      What's the policy?
      Some "hard" policy are making memnotechnic passwords hard to remember, hence forcing employees to write down pswd. Not good either.
      One (me) could argue that with the progress of GPU assisted cracking, the complexity is no longer an issue.

      Delete
  23. Hi Admin

    My target policy is the following:

    At least 7 chars long.
    At least 1 number.
    At least 1 special symbol.
    At least one upper case.

    Is Crackium good enough for my target?

    Unfortunately I don't have a decent GPU card, but I hope to get one soon.

    Thanks.

    ReplyDelete
    Replies
    1. Richard,
      Are you doing this as a hobby or trying to implement something professionally related?

      >>Is Crackium good enough for my target?
      Yes, but you won't need, as your policy, SSN & phone #. I can throw in something different as compensation.

      If Professional policy, my 2 cents:
      7 min is too short:
      8 char entire keyspace can be bruteforced in less than 12 hrs. (NTLM, 143.8G/s. Erebus 2.5)
      A single AMD 7970 GPU can churn up to 8,200,000,000 attempt per second. (!, yes, 8.2 billion per second)
      That would most likely mean that anything under 9 ch long would be close to a sitting duck.

      My first order of business would be to change the word "password" for "passphrase"
      it automatically induces people to create long-er "password" and often makes them include spaces into it.
      also, I would forbid some strings, i.e love, word, pass, and as general rule of thumb, anything related to the company. (i.e linkedin, L1nk3d!n, etc etc )










      Delete
  24. Hi Admin

    It's a mix, I like the subject and I also have a few small customers where I do some ethical hacking. Most of my customers are using the default Windows 2008 password policy, but 2 of them have a modified version with a more stronger setting as I described above.

    LOL! This Erebus 2.5 is a animal, but for sure too expensive for me. I'm thinking in buy a new laptop and I'm looking for a real animal to crack passwords, I now that laptops are not as powerful as desktops, but I hope to find something really good. I looked at AllienWare and Macbook PRO and I got a bit frustrated. I don't know if it exist, but I was looking for a laptop with at least 8 cores and at least an AMD 7970GPU. Do you have any recommendation? Or suggestion of better configuration for a laptop being used as a password cracking station?:)

    My luck is that my small customers do not use passphrase.

    Thanks.

    ReplyDelete
  25. Richard,
    As you have read the replies from the bunch, you have it :)
    I would NOT recommend a laptop.
    As mentioned by Rich R. and Stephen, EC2 would be the most economical AND the most powerful:
    When computing for a paid customer, you can charge per hour, and only pay your share of used time.

    ReplyDelete
  26. I'm in the middle of a pyrit cuda install using your tutorial ( http://easymactips.blogspot.in/2011/07/how-to-install-pyrit-cuda-on-mac.html )
    Which package should I choose to learn how to use it to hack a wifi network? I am a complete n00b when it comes to hacking a wifi network (this is for a project I'm doing) so which package do you recommend admin?

    ReplyDelete
    Replies
    1. Either the Gold, or directly the Pyrit Database.
      The Pyrit Database is what I would recommend.
      http://easymactips.blogspot.com/2011/11/rainbow-tables.html

      Delete
    2. Ok, but do those packs include tutorials? I gave no idea how to use pyrit and when I try to run one of the commands on the tutorial page, I get "scapy 2.x is required to attack/analyze but does not seem yo be available" the benchmarks, however run fine. I'm using a MacBook pro on mountain lion, with a gt320m graphics card. Could you help me out please??

      Delete
    3. "I get "scapy 2.x is required to attack/analyze but does not seem yo be available"
      Re-install everyting. See last comment left by Martin on this page: http://easymactips.blogspot.com/2011/07/how-to-install-pyrit-cuda-on-mac.html
      Pyrit is simple to use, as for the tables, you just copy and paste.

      Delete
    4. Please, can you post your questions in the right post? This page is not relevant for that matter.
      use http://easymactips.blogspot.com/2011/07/how-to-install-pyrit-cuda-on-mac.html
      thank you

      Delete
  27. is it still available to donate?

    ReplyDelete
  28. I'm using Kismac and every time I get the 4 way handshake with wpa and use a wordlist crack kismac crashes.

    ReplyDelete
    Replies
    1. Please, can you post your questions in the right post? This page is not relevant for this matter
      http://easymactips.blogspot.com/2009/07/kismac-ultimate-stumbler-ressources.html

      Delete
  29. Hello, I am going to try to crack a DMG password, I know what it most likely is and what characters I didnt use and such. Can you generate a custom wordlist for me to try? I understand payment is as big as the wordlist is complicated. Thank you.

    ReplyDelete
    Replies
    1. Yes we absolutely can. Please leave a message with your (an) email address, it will NOT be published. There are some questions I NEED to ask before. i.e patterns used, etc.
      Thanks

      Delete
  30. When i pay! How do i receive the wordlist?

    ReplyDelete
  31. can you do a one on one session or build me a custom wordlist to help me recover a password from a FileVault encrypted flash drive? Problems I've run into, first is creating a DMG file from the flash drive itself, second is trying to extract the hash, dmg2john.py doesn't seem to recognize the DMG I created. Finally, the actually cracking. I have a long list of possible words I used for the password and know how they were probably combined.

    ReplyDelete
    Replies
    1. Yes we can.
      Please reply with your email address (it will NOT be published) , I will then contact you directly.
      Thanks

      Delete
  32. just payed and nothing
    how to download

    ReplyDelete
    Replies
    1. FYI, Copy of the above, plus:
      You have provided an unconfirmed address to Paypal.
      The name on the CC does not match the recipient
      Hence, there is a verification delay of about 2 to 3 hours.
      Thank you

      What's the procedure?
      - You'll receive a nice email shortly after we have received confirmation from PayPal.
      As this is not an automated service, we kindly ask you to be a little patient. If we are late, we will apologize and probably send you a bonus for free.
      - Please ensure that the email address used with PayPal is valid: The email containing the link is sent to the address provided by PayPal
      Also, for the sake of clarity, Gold & Crackium packages are provided without support for Aircrack & Al. Please refer to the Platinum Package for direct support. Thank you.

      Delete
  33. Hello, I need to crack a DMG password. I forgot it… I have a list of 20 words that could be a part of the password, the problem is that I always add special characters at the end to enforce the security (« number », « _ »,  « + »). Would it work with CrowbarDMG ? I am absolutely not a crack for those things so I need an easy tool to recover it.
    Could you please generate a custom wordlist for me to try? Thank you

    ReplyDelete
    Replies
    1. Yes, Crowbar will work in your case,
      As for the wordlist, yes too.
      Leave a comment with your email (it will NOT be published) and I will contact you.

      Delete
  34. Hi, are you still offering this? I'll gladly pay I just want to make sure you're still doing it before I send anything

    ReplyDelete
  35. Yes, as July 6, 2015, we're still dong this.

    ReplyDelete
  36. Any plans to stop offering this service? I'll be donating in a day or so and just wanna be sure y'all are still doin this.

    ReplyDelete
    Replies
    1. We're still up and running
      Thank you for your consideration

      Delete
  37. Hi I donated but i haven't received anything what do I do?

    Thanks

    ReplyDelete
    Replies
    1. Hello,
      1) Check your spam folder
      2) If you have donated very recently (i.e. less than 2 hours,) please wait a little, it's the time necessary for Paypal to ensure the validity of your transaction.
      3) if you are located in a far, far away galaxy, please understand that we are not on the same time zone ;-) You will receive the link very soon.
      4) if none of the above applies, leave us a message with your email (It will NOT be published) and we'll contact you ASAP
      Thanks

      Delete