Exetools  

Go Back   Exetools > General > General Discussion

Notices

Reply
 
Thread Tools Display Modes
  #1  
Old 07-07-2024, 00:47
wx69wx2023 wx69wx2023 is offline
Family
 
Join Date: Sep 2023
Posts: 170
Rept. Given: 15
Rept. Rcvd 40 Times in 19 Posts
Thanks Given: 194
Thanks Rcvd at 501 Times in 118 Posts
wx69wx2023 Reputation: 40
password leaked

RockYou2024: 10 billion passwords leaked in the largest compilation of all time

Researchers discovered what appears to be the largest password compilation with a staggering 9,948,575,739 unique plaintext password

🔗 Source:
https://cybernews.com/security/rockyou2024-largest-password-compilation-leak/

🔗 Source archive:
https://disk.yandex.ru/d/1spMBmxcEnN95g
https://s3.timeweb.cloud/fd51ce25-6f95e3f8-263a-4b13-92af-12bc265adb44/rockyou2024.zip

magnet:?xt=urn:btih:4e3915a8ecf6bc174687533d93975b1ff0bde38a

Last edited by wx69wx2023; 07-07-2024 at 15:46.
Reply With Quote
The Following User Says Thank You to wx69wx2023 For This Useful Post:
flightwatch (01-08-2025)
  #2  
Old 07-07-2024, 04:39
chants chants is offline
VIP
 
Join Date: Jul 2016
Posts: 809
Rept. Given: 45
Rept. Rcvd 50 Times in 31 Posts
Thanks Given: 722
Thanks Rcvd at 1,120 Times in 518 Posts
chants Reputation: 51
Is this anything more than the results of plaintext leaks and all hash cracked passwords from prior leaks of the past years? My guess is rainbow table attacks have allowed passwords up to certain sizes and with certain character sets to be cracked in mass due to data leaks. The source of this dB was not clear.
Reply With Quote
The Following User Says Thank You to chants For This Useful Post:
flightwatch (01-08-2025)
  #3  
Old 07-07-2024, 05:19
kristamullpass6415 kristamullpass6415 is offline
Friend
 
Join Date: Sep 2023
Posts: 17
Rept. Given: 0
Rept. Rcvd 0 Times in 0 Posts
Thanks Given: 4
Thanks Rcvd at 12 Times in 8 Posts
kristamullpass6415 Reputation: 0
Quote:
Originally Posted by wx69wx2023 View Post
RockYou2024: 10 billion passwords leaked in the largest compilation of all time

Researchers discovered what appears to be the largest password compilation with a staggering 9,948,575,739 unique plaintext password
Not really.
Only some 10% of the passwords are new. Most are old ones from the 2021 leak. That is why it did not make big news this time.
Not worth the 45GB download.

-a.k.a Bl4ckCyb3rEnigm4 / Ethereal (my alternate nickname)

Last edited by kristamullpass6415; 11-09-2024 at 17:47.
Reply With Quote
The Following 2 Users Say Thank You to kristamullpass6415 For This Useful Post:
flightwatch (01-08-2025), niculaita (07-07-2024)
  #4  
Old 07-07-2024, 08:24
wx69wx2023 wx69wx2023 is offline
Family
 
Join Date: Sep 2023
Posts: 170
Rept. Given: 15
Rept. Rcvd 40 Times in 19 Posts
Thanks Given: 194
Thanks Rcvd at 501 Times in 118 Posts
wx69wx2023 Reputation: 40
https://cybernews.com/security/rockyou2024-largest-password-compilation-leak/

"The file with the data, titled rockyou2024.txt, was posted on July 4th by a hacker forum user ObamaCare."
these passwords came from a mix of old and new data breaches. Based rockyou2021.

You can check if your data was exposed in historic data breaches using the Cybernews data leak checker below.
https://cybernews.com/personal-data-leak-check/


""
Reply With Quote
The Following User Says Thank You to wx69wx2023 For This Useful Post:
flightwatch (01-08-2025)
  #5  
Old 08-12-2024, 02:11
ops ops is offline
Friend
 
Join Date: Oct 2023
Posts: 5
Rept. Given: 0
Rept. Rcvd 0 Times in 0 Posts
Thanks Given: 0
Thanks Rcvd at 5 Times in 3 Posts
ops Reputation: 0
https://specopssoft.com/blog/rockyou2024-analysis-password-leak/

Here is an analysis article, I also downloaded and analysis it myself. It was similar to the description in this article. I felt that it was not worth downloading and using, and the data was very messy.
Reply With Quote
The Following 3 Users Say Thank You to ops For This Useful Post:
flightwatch (01-08-2025), Gyrus (08-12-2024), wx69wx2023 (08-12-2024)
  #6  
Old 01-08-2025, 01:27
flightwatch flightwatch is offline
Friend
 
Join Date: Jan 2018
Posts: 20
Rept. Given: 2
Rept. Rcvd 0 Times in 0 Posts
Thanks Given: 42
Thanks Rcvd at 6 Times in 5 Posts
flightwatch Reputation: 0
Quote:
Originally Posted by kristamullpass6415 View Post
...Not worth the 45GB download...
When unpacked, it takes up 145 GB

And trying to find the password for one WPA.hash with dualGPU (RTX4080 and RTX 4070 Ti) is estimated at 90 minutes.

Can someone provide approximate times for the better cards? For example, RTX4090.
Reply With Quote
  #7  
Old 01-08-2025, 02:08
sendersu sendersu is offline
VIP
 
Join Date: Oct 2010
Posts: 1,211
Rept. Given: 334
Rept. Rcvd 234 Times in 124 Posts
Thanks Given: 288
Thanks Rcvd at 592 Times in 330 Posts
sendersu Reputation: 200-299 sendersu Reputation: 200-299 sendersu Reputation: 200-299
try Nvidia RTX50
Reply With Quote
The Following 2 Users Say Thank You to sendersu For This Useful Post:
flightwatch (01-08-2025), niculaita (01-08-2025)
  #8  
Old 01-08-2025, 05:55
niculaita's Avatar
niculaita niculaita is offline
Family
 
Join Date: Jun 2011
Location: here
Posts: 1,421
Rept. Given: 971
Rept. Rcvd 89 Times in 61 Posts
Thanks Given: 4,735
Thanks Rcvd at 487 Times in 346 Posts
niculaita Reputation: 89
2 month for RAR
__________________
Decode and Conquer
Reply With Quote
  #9  
Old 01-08-2025, 23:06
WRP WRP is offline
Family
 
Join Date: Nov 2010
Posts: 189
Rept. Given: 34
Rept. Rcvd 54 Times in 34 Posts
Thanks Given: 221
Thanks Rcvd at 236 Times in 106 Posts
WRP Reputation: 54
Quote:
Originally Posted by niculaita View Post
2 month for RAR
2 months on AES? Really?
Reply With Quote
  #10  
Old 01-09-2025, 00:20
niculaita's Avatar
niculaita niculaita is offline
Family
 
Join Date: Jun 2011
Location: here
Posts: 1,421
Rept. Given: 971
Rept. Rcvd 89 Times in 61 Posts
Thanks Given: 4,735
Thanks Rcvd at 487 Times in 346 Posts
niculaita Reputation: 89
Yes. I tried with passware 2022 and for password bigger than 30 till 128 in lenght only processor runs about 180 p / s. I do knot why only for shorts passwords video card works.
__________________
Decode and Conquer
Reply With Quote
  #11  
Old 01-09-2025, 04:07
traf0 traf0 is offline
Family
 
Join Date: Nov 2017
Posts: 91
Rept. Given: 3
Rept. Rcvd 5 Times in 5 Posts
Thanks Given: 251
Thanks Rcvd at 135 Times in 50 Posts
traf0 Reputation: 5
Quote:
Originally Posted by WRP View Post
2 months on AES? Really?
maybe because it is doing a dictionary attack, not searching the full key space
Reply With Quote
The Following User Says Thank You to traf0 For This Useful Post:
niculaita (01-10-2025)
  #12  
Old 01-10-2025, 02:21
niculaita's Avatar
niculaita niculaita is offline
Family
 
Join Date: Jun 2011
Location: here
Posts: 1,421
Rept. Given: 971
Rept. Rcvd 89 Times in 61 Posts
Thanks Given: 4,735
Thanks Rcvd at 487 Times in 346 Posts
niculaita Reputation: 89
How to search the full key space ?

rarhashes.txt
$RAR3$*1*bd8e558b92fd453c*cebb2d59*48*34*1*79c0a77fb8f9b042c07c78191c25f3b0b8fd4b8514868415341716ba8fe304fbbc4372df4cdc1757cff273c972f9df1d*35

hashcat -m 23800 rarhashes.txt rockyou.txt

?
__________________
Decode and Conquer
Reply With Quote
  #13  
Old 01-11-2025, 20:32
flightwatch flightwatch is offline
Friend
 
Join Date: Jan 2018
Posts: 20
Rept. Given: 2
Rept. Rcvd 0 Times in 0 Posts
Thanks Given: 42
Thanks Rcvd at 6 Times in 5 Posts
flightwatch Reputation: 0
Quote:
Originally Posted by niculaita View Post
...hashcat -m 23800 rarhashes.txt rockyou.txt...
"No such file or directory"

hashcat -m 12500 rarhashes.txt rockyou.txt

"Token length exception"

Last edited by flightwatch; 01-11-2025 at 21:23.
Reply With Quote
  #14  
Old 01-11-2025, 23:23
traf0 traf0 is offline
Family
 
Join Date: Nov 2017
Posts: 91
Rept. Given: 3
Rept. Rcvd 5 Times in 5 Posts
Thanks Given: 251
Thanks Rcvd at 135 Times in 50 Posts
traf0 Reputation: 5
Quote:
Originally Posted by niculaita View Post
How to search the full key space ?

rarhashes.txt
$RAR3$*1*bd8e558b92fd453c*cebb2d59*48*34*1*79c0a77fb8f9b042c07c78191c25f3b0b8fd4b8514868415341716ba8fe304fbbc4372df4cdc1757cff273c972f9df1d*35

hashcat -m 23800 rarhashes.txt rockyou.txt

?
it is not realistic searching the full key space for 128 bit key length
only in case of 40 bit long keys like Acrobat 2-4 or Office 97 documents
Reply With Quote
  #15  
Old 01-14-2025, 00:55
niculaita's Avatar
niculaita niculaita is offline
Family
 
Join Date: Jun 2011
Location: here
Posts: 1,421
Rept. Given: 971
Rept. Rcvd 89 Times in 61 Posts
Thanks Given: 4,735
Thanks Rcvd at 487 Times in 346 Posts
niculaita Reputation: 89
Quote:
Originally Posted by flightwatch View Post
"No such file or directory"

hashcat -m 12500 rarhashes.txt rockyou.txt

"Token length exception"
download https://disk.yandex.ru/d/1spMBmxcEnN95g and desarchive text file near hashcat.exe

rename text rockyou2024.txt to rockyou.txt

create a rarhashes.txt and copy inside the long hash and save

try again
__________________
Decode and Conquer
Reply With Quote
The Following User Says Thank You to niculaita For This Useful Post:
flightwatch (01-14-2025)
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



All times are GMT +8. The time now is 19:56.


Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX, chessgod101
( 1998 - 2025 )