قالب وردپرس درنا توس
Home / Tips and Tricks / How to use Wordlister to create custom password combinations to crack «Null Byte :: WonderHowTo

How to use Wordlister to create custom password combinations to crack «Null Byte :: WonderHowTo



Using Wordlister and all of its options

We will be working on Kali Linux to demonstrate Wordlister, but any other Linux distribution should be enough.

First of all we have to download Wordlister from GitHub. We can use the wget utility to get it directly from our terminal via HTTP:

  ~ # wget https://raw.githubusercontent.com/4n4nk3/Wordlister/master/wordlister.py

--2020-02-24 12: 45: 36-- https://raw.githubusercontent.com/4n4nk3/Wordlister/master/wordlister.py
Resolving raw.githubusercontent.com (raw.githubusercontent.com) ... 1
51.101.148.133 Connect to raw.githubusercontent.com (raw.githubusercontent.com) | 151.101.148.133 |: 443 ... connected. HTTP request sent and waiting for response ... 200 OK Length: 6195 (6.0 K) [text/plain] Save as: "wordlister.py" wordlister.py 100% [======================================================================================================================>] 6.05K --.- KB / s in 0s 2020-02-24 12:45:36 (18.5 MB / s) - & # 39; wordlister.py & # 39; saved [6195/6195]

The script requires Python 3 to function properly. So if it is not already installed, run the following command: [19659004] ~ # apt-get install python3

Now we can run the script with the command python3 :

  ~ # python3 wordlister.py

Use: wordlister.py [-h] --input INPUT --perm PERM --min MIN --max MAX
[--test TEST] [--cores CORES] [--leet] [--cap] [--up]
                     [--append APPEND] [--prepend PREPEND]
  wordlister.py: Error: The following arguments are required: --input, --perm, --min, --max 

This gives us some usage information and also contains the required arguments. We can add the -h flag to display the somewhat more organized and informative help menu:

  ~ # python3 wordlister.py -h

Use: wordlister.py [-h] --input INPUT --perm PERM --min MIN --max MAX
[--test TEST] [--cores CORES] [--leet] [--cap] [--up]
                     [--append APPEND] [--prepend PREPEND]

 A simple word list generator and mangler written in Python.

optional arguments:
-h, --help Display and exit this help message
--test TEST Output first iterations (single process / core)
--cores CORES Enter the desired process / core pool manually
use
--leet Activate l33t mutagen
--cap Activate the activation of mutagen
--up Activate mutagen in capital letters
- append APPENDIX the selected word (append to all passwords & # 39; word & # 39;)
--prepend PREPEND Appends the selected word (precede all passwords & # 39; word & # 39;)

required arguments:
--input INPUT Name of the input file
--perm PERM Maximum number of words to be combined on the same line
--min MIN Minimum generated password length
--max MAX Maximum generated password length 

To be able to use Wordlister, we first need an input file with a list of passwords for which we want to create and disfigure permutations.

Use your preferred text editor to create a text file with a few common passwords (I only use a small number of passwords here for demonstration purposes as the permutations can get quite large). This is what mine looks like:

  ~ # cat list.txt

password
hunter2
secret
iloveyou 

Now we can run the script. Here are the required arguments:

  • input = the name of the text file that contains passwords
  • perm = the number of permutations to be combined in the same line
  • min = the minimum length of a generated password
  • max = maximum length of a generated password

Here is the complete command and its output:

  ~ # python3 wordlister.py --input list.txt - perm 2 - min 6 - max 32

secret
password
hunter2
I love you
secret password
secretethunter2
secretiloveyou
Password secret
passwordhunter2
Passwortiloveyou
hunter2password
hunter2iloveyou
iloveyousecret
hunter2secret
iloveyoupassword
iloveyouhunter2 

We can see that the given passwords have only been combined for all possible permutations.

Wordlister contains a handful of useful arguments, which are also optional. The leet option converts all letters to numbers using leetspeak:

  ~ # python3 wordlister.py --input list.txt --perm 2 --min 6 --max 32 --leet

I love you
1l0v3y0u
hunter2
Hunt3r2
password
p455w0rd
secret
53cr3t
iloveyouhunter2
iloveyoupassword
1l0v3y0uhunt3r2
1l0v3y0up455w0rd
iloveyousecret
1l0v3y0u53cr3t
hunter2iloveyou
Hunt3r21l0v3y0u
hunter2password
Hunt3r2p455w0rd
Passwortiloveyou
p455w0rd1l0v3y0u
passwordhunter2
p455w0rdhunt3r2
hunter2secret
Password secret
p455w0rd53cr3t
secretiloveyou
Hunt3r253cr3t
53cr3t1l0v3y0u
secretethunter2
53cr3thunt3r2
secret password
53cr3tp455w0rd 

The cap option capitalizes the first letter of each password:

  ~ # python3 wordlister.py --input list.txt --perm 2 --min 6 --max 32 - -Cover

I love you
secret
hunter2
password
I love you
hunter2
secret
password
IloveyouSecret
Iloveyouhunter2
Iloveyoupassword
IloveyouHunter2
Iloveyousecret
IloveyouPassword
SecretIloveyou
Secret password
Secretiloveyou
SecretHunter2
Secrethunter2
Passwortiloveyou
passwordHunter2
iloveyouSecret
passwordhunter2
iloveyoupassword
Password secret
iloveyouHunter2
iloveyouhunter2
Secret Password
iloveyousecret
iloveyouPassword
PasswortIloveyou
password secret
Hunter2Iloveyou
Hunter2Secret
Hunter2password
Hunter2secret
Hunter2iloveyou
Hunter2Password
hunter2Secret
hunter2Iloveyou
hunter2password
hunter2iloveyou
hunter2secret
secret password
PasswortIloveyou
hunter2Password
Password Secret
Passwortiloveyou
secret password
secretIloveyou
PasswordHunter2
Passwordhunter2
secretiloveyou
Password secret
secretHunter2
secretethunter2 

The option up converts every letter of a word to uppercase:

  ~ # python3 wordlister.py --input list.txt --perm 2 --min 6 --max 32 - -above

SECRET
secret
hunter2
hunter2
I LOVE YOU
password
PASSWORD
I love you
SECREThunter2
Secret Password
SECRETHUNTER2
SECRETILOVEYOU
SECRET PASSWORD
SECRETiloveyou
secretethunter2
secret password
secretHUNTER2
secretILOVEYOU
hunter2password
hunter2iloveyou
hunter2ILOVEYOU
hunter2PASSWORT
password secret
passwordHUNTER2
Password secret
PasswortILOVEYOU
passwordhunter2
Passwortiloveyou
HUNTER2SECRET
HUNTER2secret
HUNTER2ILOVEYOU
HUNTER2PASSWORT
Hunter2 password
HUNTER2iloveyou
ILOVEYOUsecret
ILOVEYOUSECRET
ILOVEYOUhunter2
ILOVEYOUpassword
secret password
ILOVEYOUHUNTER2
secretiloveyou
hunter2SECRET
hunter2secret
ILOVEYOUPASSWORD
PASSWORThunter2
PASSWORD SECRET
PASSWORDHUNTER2
Password Secret
PASSWORDILOVEYOU
PASSWORTiloveyou
iloveyouSECRET
iloveyousecret
iloveyouhunter2
iloveyoupassword
iloveyouHUNTER2
iloveyouPASSWORD 

With the option append an arbitrary word is appended to all passwords:

  ~ # python3 wordlister.py --input list.txt --perm 2 --min 6 --max 32 - Append 1969

secret
secret1969
password
Passwort1969
I love you
iloveyou1969
hunter2
hunter21969
secret password
secretpassword1969
secretiloveyou
secretiloveyou1969
secretethunter2
secretethunter21969
Password secret
passwordsecret1969
Passwortiloveyou
passwordiloveyou1969
passwordhunter2
passwordhunter21969
iloveyousecret
iloveyousecret1969
iloveyoupassword
iloveyoupassword1969
iloveyouhunter2
iloveyouhunter21969
hunter2secret
hunter2secret1969
hunter2password
hunter2password1969
hunter2iloveyou
hunter2iloveyou1969 

With the option prefix each password is preceded by a certain word:

  ~ # python3 wordlister.py --input list.txt --perm 2 --min 6 --max 32 - - Prepare Dave

secret
Dave Secret
I love you
Daveiloveyou
password
Dave Password
hunter2
Davehunter2
secretiloveyou
Davesecretiloveyou
secret password
Dave Secret Password
secretethunter2
Davesecrethunter2
iloveyoupassword
iloveyouhunter2
Daveiloveyouhunter2
Daveiloveyoupassword
Password secret
Dave Password Secret
iloveyousecret
Daveiloveyousecret
Passwortiloveyou
Davepasswordiloveyou
passwordhunter2
Davepasswordhunter2
hunter2secret
Davehunter2secret
hunter2iloveyou
Davehunter2iloveyou
hunter2password
Davehunter2password 

And of course each of these options can be combined for a larger number of potential passwords:

  ~ # python3 wordlister.py --input list.txt --perm 2 --min 6 --max 32 --leet - -cap --append 1969

secret
secret1969
hunter2
53cr3t
53cr3t1969
hunter21969
Hunt3r2
Hunt3r21969
password
Passwort1969
P455w0rd
P455w0rd1969
I love you
Iloveyou1969
I love you
1l0v3y0u
iloveyou1969
1l0v3y0u1969
secret
Secret1969
1l0v3y0u
53cr3t
1l0v3y0u1969
53cr3t1969
password
Passwort1969
p455w0rd
p455w0rd1969
hunter2
Hunter21969
Hunt3r2
Hunt3r21969
secretethunter2
secretethunter21969
secret password
secretpassword1969
53cr3thunt3r2
53cr3thunt3r21969
secret password
53cr3tp455w0rd
secretPassword1969
53cr3tp455w0rd1969
53cr3tP455w0rd

... 

This list can become quite long from just a few initial passwords, so it can be beneficial to create a custom word list for targeted password cracking.

Instead of printing the results on the terminal screen, we can route them to a text file that can later be used for cracking:

  ~ # python3 wordlister.py --input list.txt --perm 2 - min 6 --max 32 --leet --cap --append 1969> mywordlist.txt 

Wordlister has a function that only outputs the specified number of iterations if we want to control the length of our list a little better. To do this, use the option test :

  ~ # python3 wordlister.py --input list.txt --perm 2 --min 6 --max 32 --test 10

password
secret
I love you
hunter2
Password secret
Passwortiloveyou
passwordhunter2
secret password
secretiloveyou
secretethunter2 

We can also manually specify the number of cores to be used with the cores option. This can be useful if not all resources are to be used at the same time:

  ~ # python3 wordlister.py --input list.txt --perm 2 --min 6 --max 32 --cores 1

hunter2
password
secret
I love you
hunter2password
hunter2secret
hunter2iloveyou
passwordhunter2
Password secret
Passwortiloveyou
secretethunter2
secret password
secretiloveyou
iloveyouhunter2
iloveyoupassword
iloveyousecret 

As we can see, this simple tool can be incredibly powerful when it comes to creating targeted word lists.


Source link