2WIREXXX Improvement

[initiate6]

Hi there, great work. I just wanted to let you know about my 2WIREXXX bruteforce hack I made a while back. The passwords these 2wire routers generate have a flaw where they are to random. Meaning they don't repeat a number more then 3 or 4 times in a row. so you wont see 333, 777, 999 in any char position. I have came across a few where I have seen it happen but very rare. I have never see a number repeat 4 times. So I created a python script to filter out all of these passwords. I'm sure you can add an option so first you can filter out 3+ out filter out 4+ if the 3+ didn't work for cracking the password.

I suck at writing C or I would just do a pull request.

I haven't cracked 2WIREXXX lately so I don't have stats on my 2x 1080ti but when I was using my AMD 7950 I was able to do the entire ?d^10 keyspace in 24 hours. using my script I cut that down to 4 hours where I would typically find the password in 1 to 2 hours.

Anyways here is my repo: https://github.com/initiate6/2WIRE_BRUTEFORCE/blob/master/2wireBruteForce.py

Would be great to see you add it to your tool. Let me know if you have any questions.

[soxrok2212]

Hi! Thanks for your suggestion. By default, Hashcat uses "Markov-chain like optimizations". This means that it will automatically try more likely candidates such as 0193847263 before it tries 0222333887.

FWIW, on two stock 1080 Ti, you can run the entire 10^10 keyspace in a max of roughly 2.5 hours, which, on pure bruteforce, would take 1 hour 15 mins on a statistical average. In practice, you will see even shorter than that with Markov enabled.

Given that Hashcat already implements a more advanced approach of this, I feel like it would be wasteful and would add more overhead and would be best to let Hashcat do the work. It appears that the script you wrote is from ~5 years ago, so during that time it would've been effective since Hashcat didn't get use optimizations, it was just a straight, incremental bruteforce. Let me know if you have any other questions or concerns (or if you have something that might make me consider otherwise to add this feature).

Source: https://hashcat.net/wiki/doku.php?id=frequently_asked_questions#i_want_to_optimize_my_brute-force_attack_by_ordering_letters_by_frequency_in_a_custom_charset_how_to_do_it_does_it_make_sense

[initiate6]

Duh!, yeah, you are right :D I don't think it would be worth it. Back in the day it was awesome. I forgot about how the Markov chains would work in this scenario and it would be a lot faster.