UndercoverDog – WindowsTechs.com

Hydra brute force ssh usernames with given RSA key

Posted on April 5, 2023 by UndercoverDog

On a machine supporting ssh, an RSA key is given but no username.
My idea was brute-forcing the SSH username with Hydra but I didn’t find any option to give the RSA key to Hydra.
Is it possible to brute force ssh usernames with an RSA key … Continue reading Hydra brute force ssh usernames with given RSA key→

Why are there often random email addresses in known password word lists?

Posted on April 26, 2022 by UndercoverDog

In known wordlists like crackstation.lst there are random emails in the list. Why are they there?

Continue reading Why are there often random email addresses in known password word lists?→

How does the –os-shell parameter in Sqlmap work? Is it still anonymous over Tor?

Posted on April 24, 2022 by UndercoverDog

How does the –os-shell parameter in Sqlmap work? I know its uploading a backdoor, but how is Sqlmap uploading it and is the file just a normal reverse shell trojan?
Also, is it still anonymous when being used over the –tor switch?

Continue reading How does the –os-shell parameter in Sqlmap work? Is it still anonymous over Tor?→

What are the differences between Wi-Fi Protected Setup 1.0 and 2.0?

Posted on April 21, 2022 by UndercoverDog

What is the difference between Wi-Fi Protected Setup (WPS) 1.0 and 2.0?
Is WPS 2.0 still as unsecure as 1.0?

Continue reading What are the differences between Wi-Fi Protected Setup 1.0 and 2.0?→

Are there some routers that have WPS, but without a fixed Pin?

Posted on April 21, 2022 by UndercoverDog

My router only seems like to support the push button method, but I thought every router with wps has a fixed wps pin, or am I wrong?

Continue reading Are there some routers that have WPS, but without a fixed Pin?→

Wireshark breaks arp packets of own machine?

Posted on April 20, 2022 by UndercoverDog

When opening Wireshark with the network adaptor wlp3s0, my PC (the same PC) loses connection to the ap and starts sending arp requests to get the bssid of the router, but (probably) doesn’t receive any response since ping google.com doesn’… Continue reading Wireshark breaks arp packets of own machine?→

Can you use an FPGA with hashcat?

Posted on April 16, 2022 by UndercoverDog

Hashcat lists FPGAs as OpenCL device type in its help.

– [ OpenCL Device Types ] –
# | Device Type
===+=============
1 | CPU
2 | GPU
3 | FPGA, DSP, Co-Processor

Can you really connect and use an FPGA with hashcat?

Continue reading Can you use an FPGA with hashcat?→

How secure and anonymous is the –tor parameter in Sqlmap?

Posted on April 7, 2022 by UndercoverDog

How secure and anonymous is the –tor parameter in Sqlmap?
Does it really send every request over Tor and does it have any IP/DNS/STUN requests leak loopholes?

Continue reading How secure and anonymous is the –tor parameter in Sqlmap?→

Hashcat brute force – markov chains

Posted on March 29, 2022 by UndercoverDog

Hashcat uses Markov chains by default when using brute force mode. Do they really speed up the cracking since a randomly generated password normally has the same probability for every combination?

Continue reading Hashcat brute force – markov chains→

What’s a good wordlist for German WiFi passwords? [closed]

Posted on March 23, 2022 by UndercoverDog

What is a good wordlist for German WiFi passwords?

Continue reading What’s a good wordlist for German WiFi passwords? [closed]→