Table of Contents
Wordlists play a crucial role for professionals like, Penetration testers and cybersecurity experts, especially when it comes to activities related to passwords. These include Dictionary Attacks , Password Cracking , Brute-Force Attacks , Security Assessments, and Testing .
In essence, Wordlists are known to be the collection of words, phrases, or character combinations that are systematically used for various purposes within the field of cybersecurity.
Most importantly, when it comes to password-related activities , wordlists are the heart of the operation. They provide the potential password options necessary for effective testing. Imagine wordlists as a foundation upon which the entire process of penetration testing is built.
If
you're interested in delving into wordlists and learning the basics of password
cracking, there's a resource linked below for you to explore.
Password Cracking: Methods and Tools
This article provides an in-depth exploration of various password cracking methods and tools used by cybersecurity professionals to assess and enhance password security. Understanding these techniques is crucial for effective security practices.
Wordlists come in two primary forms:
- Self-Generated Wordlist: This involves crafting your own collection of potential passwords using tools like Crunch, Cupp, and more. These tools allow you to tailor the wordlist to your specific needs.
- Pre-Built Wordlist: These wordlists are carefully assembled based on common and real-life passwords. They're ready to use and can save valuable time during testing.
Let's take a closer look at their applications within the
Kali
Linux environment
:
Pre-built WordLists
Pre-built wordlists
come ready-made with a wide collection of potential passwords based on
real-life scenarios. These wordlists are easily accessible in Kali Linux, and
you can also manually download them from different websites.
The one commonly I use is "
rockyou.txt
" as well as
the "CrackStation's Password Cracking Dictionary." But, CrackStation's
Password Cracking Dictionary requires a lot of internet data for downloading,
so I prefer "
rockyou.txt
" due to its accessibility.
You can conveniently locate various wordlist paths, including
"
rockyou.txt
," through a pre-installed application on your Kali Linux
system. Simply access the main menu, under the "Password Attack,"
section, and you will notice the "Wordlists" application.
On click, you'll come across an array of directories and file locations housing the wordlists on the terminal.
In particular, I've highlighted the "
rockyou.txt
,"
which resides within the
/usr/share/wordlists
directory.
If you wish to swiftly view the available wordlists within any directory, you can use the "ls -l" command followed by the specific path.
If you're interested in exploring the practical applications of these wordlists, the "John the Ripper" article is an excellent resource to dive into.
John the Ripper and Johnny: Usage and Examples
This guide provides usage instructions and examples for John the Ripper and Johnny, two popular password cracking tools. These tools are widely used by cybersecurity professionals to assess and strengthen password security.
It provides insights into the usage and effectiveness of
these tools for
password-related tasks
.
Generate a Wordlist
When pre-built wordlists fail to crack a password,
self-generated wordlists step in, to improve our chances of success. These
customized lists focus on the unique characteristics of the target, making
password cracking more effective.
You can find various Password Profiling tools in the
Password Attack sub-menu, such as, CeWL and crunch. But mostly, I use Cupp
password profile wordlist generator.
Let's explore these tools and learn the way to generate a wordlist.
CeWL: Custom Wordlist Generator
CeWL is a ruby app that spiders a given
URL to a specified
depth
, optionally following external links and returns a list of words that
can then be used for password crackers.
To learn how to use it, either click on the " Cewl " application or run the " cewl -h " command to access the help documentation.
For this demonstration, let's generate a wordlist using CeWL.
Our target will be Vulnweb.com.
Open a terminal and start by entering following format:
Where,
- -w: Save the output string to a text file.
Afterward, you can use the "ls" command to list files and directories. You'll find the generated file there.Afterward, you can use the "ls" command to list files and directories. You'll find the generated file there.
To take a look, open the file using a text editor like Nano.
And there you have it!
Let’s try with another parameter:
Where,
- - C: show the count for each word found. Let’s see how. Here you see the count number on the right side of a word.
Crunch: Generate Wordlists from the Character set
Kali Linux offers a convenient solution for crafting your
own dictionary, thanks to the tool known as Crunch.
To get started, first locate "Crunch" from application menu and click on it.
This action will display its basic usage instructions on your terminal screen.
But, if you want detailed information and it’s various examples, then access the manual page for Crunch by typing "man crunch."
Now, Let's generate a wordlist using Crunch:
Open a terminal and begin by following these commands:
Now, run the following command on the terminal:
Upon execution, you can see the resulting wordlist. you can open it using any text-editor .
Crunch also allows you to create wordlists with specific word limits, letters, and even special characters – simply provide the relevant specifications.
CUPP - Common User Passwords Profiler
The most common way to authenticate a form is the combination of a username or password or passphrase. If both match values stored within a locally stored table, the user is authenticated for a connection.
Password strength is a measure of the difficulty involved in guessing or breaking the password through cryptographic techniques or library-based automated testing of alternate values.
- A weak password might be very short or only use alphanumeric characters, making decryption simple.
- A weak password can also be easily guessed by someone profiling the user, such as a birthday, nickname, address, name of a pet or relative, or a common word such as God, love, money, or password.
That is why CUPP comes in place, and it can be used in situations like legal penetration tests or forensic crime investigations.
Steps to Install & Usage
Cupp does not come pre-installed with Kali Linux and so, we have to install it manually. Before installing CUPP on Kali Linux, update the repositories.
To Install CUPP use the following commands:
4. After installation, execute the tool using the following command to access its help documentation.
Let's generate a wordlist using CUPP:
1. To Create a Wordlist using CUPP then run cupp in interactive mode:
2. In the end, it will presented with a wordlist.