This document discusses a password collection called W3@|cP@$s. It contains dictionaries of passwords gathered from multiple sources on the internet. The document provides statistics on the number and types of passwords collected, such as the frequency of different character sets and length distributions. It also describes the features of the collection, including the ability to filter passwords, count totals, and check sample passwords. The collection contains over 3.5 billion passwords gathered using automated bots to find password dumps from sites like pastebin.com.
3. What is it?
1) Need more p@s$W0rdS
2) Dictionary bruteforce
3) Ultimate dictionary
– Duplicates remove
4) All in one place
Defcon Russia (DCG #7812) 3
4. What is it?
Too many dictionaries
Too little time
Defcon Russia (DCG #7812) 4
5. Features
• Source and Alt. links (+
drive/dropbox/mega)
• Passwords count
• Size
• Recovery rate
– Recovery rate to size
• Some samples ( for better
understanding)
Defcon Russia (DCG #7812) 5
15. Results!
Defcon Russia (DCG #7812) 15
• ~3.5 billions of passwords (5
– 32 symbols)
• Wi-Fi spec. dictionary ( 8 –
32)
• ~ 5TB downloaded (some
kind of win)
• In most cases everything can
be cracked!
16. FIALS!
Defcon Russia (DCG #7812) 16
1) Toooo big
– 40 gigs ? Really?
– Hard to get (no
torrent yet)
2) Junk dictionaries
– Too slow with
complex rules
• But still rulez
22. What?
Defcon Russia (DCG #7812) 22
1) Collect dumps, leaks from different resources
2) Fully automatic
3) Own bot(s) with bugs and vulnerabilities
So what is it was and what is it now?
23. History
Defcon Russia (DCG #7812) 23
Pastebin.com only
• Full access to dumps
• Dull bot
• Moderation (
• Search?
Purpose: passwords!