Welcome guys! Today we will learn
to create a custom wordlist using Crunch on Kali Linux which hackers use for brute force attacks. Custom wordlists are very important for executing successful brute force attacks. We can add all the information we have into our wordlist. So let’s get started.
Step 1: Start your Kali Linux, open the terminal, and type
crunch to see if the crunch is installed, and whether or not it’s the most current version.
Step 2: To view the manual of crunch and options available, you can use the command
man crunch.
Step 3: The basic syntax for crunch looks like this:
kali > crunch <min> max<max> <characterset> -t <pattern> -o <output filename>
Now, let’s go over what’s included in the syntax above.
- min= The minimum password length.
- max= The maximum password length.
- characterset= The character set to be used in generating the passwords.
- -t <pattern>= The specified pattern of the generated passwords. For instance, if you knew that the target’s birthday was 0127 (Jan 27th) and you suspected they used their birthday in their password (people often do), you could generate a password list that ended with 0127 by giving crunch the pattern @@@@@@@0127. This word generate passwords up to 11 characters (7 variable and 4 fixed) long that all ended with 0728.
- -t @,%^
@ will insert lower case characters
, will insert upper case characters
% will insert numbers
^ will insert symbols
- -o <outputfile>= This is the file you want your wordlist written to.
Step 4: To create simple wordlists type crunch <min> max<max>
Ex:
crunch 8 10
When we execute this statement, crunch estimates how large the file will be (1463 TB) and then begins to generate the list.
What if we knew that the target always used number passwords between 6 and 8 characters? We could generate a complete list of password possibilities meeting these criteria and send them to a file in the root user’s directory called number8.lst by typing:
crunch 6 8 1234567890 -o /root/numericwordlist.lst
Step 5 : If we knew that the target has a password of 8 characters and ends with 1&2 we can use the following command:
crunch 8 8 -t @@@@@@12 -o /root/pass.lst
Step 6: One of the beauties of crunch is the ability to select a specific character set or create your own character set for generating your password list. If we know the likely character set the target is using for their password, we can select the character set to generate our password list. We can find the choice of character sets at:
cat /usr/share/rainbowcrack/charset.txt
Now, if we know that our target is using an eight character password with only alphabetic characters, we can generate a list of all the possibilities in crunch with the command:
crunch 8 8 -f /usr/share/rainbowcrack/charset.txt loweralpha-numeric -o /root/loweralphanumeric.lst
This will generate all the 8-character passwords using the lower alphabetic and number characters.
This is how we can make use of crunch. You can go through the manual and check out the other available options.
===========================
Leave a comment below in comment section if you have any related queries.
