Search This Blog

Saturday, October 12, 2019

Tutorial Password Cracking - creating a good brute force wordlist

Password Cracking Basic Tutorials

This tutorial will show you how to create a wordlist for fast bruteforce password cracking. This should be used if dict attacks have failed.

As with all my tutorials - USE LINUX. There is no reason not to, it takes 30 minutes and its way better for hacking. It also uses way less system resources, which is important for stuff like password cracking as it's resource intensive. If you can't set linux up just post/PM and I'll help.

1) get Crunch - type: sudo apt-get install crunch

2) You use crunch like this: crunch <min> <max> <charset> -t <pattern> – o <filename.lst>

min = minimum length of the password

max = maximum length of the password

Charset = Which characters you want to add in your wordlist like abcdefghijklmnopqrstuvwxyz or 1234567890. You will need to do upper and lower case if you want all of them.

-t <pattern> = This is the pattern you want to follow. Lets say you saw them enter the first three letters ('cat' and know the last letter is 'x') and it's an 6 digit password, you could do something like: cat@@x
This will make all passwords start with cat and change the characters that use @.

-o <output?> is what you want to call the output file.

3) so type: crunch 6 6 abcdefghijklmnopqrstuvwxyz -t cat@@x -o catfile.lst

4) type: cat catfile.lst

5) You should see something like:
catusx
catutx
catuux
catuvx
catuwx
catuxx
catuyx
catuzx
catvax
catvbx


6) you can do more complicated things with other options if you need to.

7) be careful of opening a big wordlist in an editor/terminal. It might crash your system if it's too big. There are special tools for editing them.

8) use this with your favourite password cracking program

Hope this helps

No comments:

Post a Comment

Certified Ethical Hacker v12 Course

  CEH v12 - Certified Ethical Hacker - Part 1 https://mega.nz/folder/zQJ2VQAC#1ecvG2NKK08-TVG3URLFIw CEH v12 - Certified Ethical Hacker - Pa...