How To Create Custom Password Word List on Kali Linux by Crunch Tool for Brute Force Attack

Creating a Custom Wordlist
with Crunch

How To Create
Custom Password Word List on Kali Linux by Crunch Tool

Today we will learn
creating a custom wordlist
using Crunch on Kali Linux which hackers use for brute force attacks. Custom wordlists are very important
for executing successful brute force attacks. We can add all the information we
have into our wordlist. So let’s get
started

How to Create
Custom wordlist using Crunch on Kali Linux:

Step 1:

Start your Kali
Linux, open the terminal, and type crunch to see if the crunch is installed,
and whether or not it’s the most current version.

Step 2:

To view the manual
of crunch and options available, you can use the command man crunch.

Step 3:

The basic syntax
for crunch looks like this:

kali ) crunch (min)
max(max) (characterset) -t (pattern) -o (output filename)

Now, let’s go over
what’s included in the syntax above.

min= The minimum
password length.

max= The maximum
password length.

characterset= The
character set to be used in generating the passwords.

-t (pattern)= The
specified pattern of the generated passwords. For instance, if you knew that
the target’s birthday was 0728 (July 28th) and you suspected they used their
birthday in their password (people often do), you could generate a password
list that ended with 0728 by giving crunch the pattern @@@@@@@0728. This word generate passwords up to 11
characters (7 variable and 4 fixed) long that all ended with 0728.

-o (outputfile)=
This is the file you want your wordlist written to.

Step 4:

To create simple
wordlists type crunch (min) max(max)

Ex: crunch 8 10

When we execute
this statement, crunch estimates how large the file will be (1463 TB) and then
begins to generate the list.

What if we knew
that the target always used number passwords between 6 and 8 characters? We
could generate a complete list of password possibilities meeting these criteria
and send them to a file in the root user’s directory called number8.lst by typing:

crunch 6 8
1234567890 -o /root/numericwordlist.lst

Step 5:

If we knew that the
target has a password of 8 characters and ends with 1&2 we can use the
following command:

crunch 8 8 -t
@@@@@@12 -o /root/pass.lst

Step 6:

One of the beauties
of crunch is the ability to select a specific character set or create your own
character set for generating your password list. If we know the likely
character set the target is using for their password, we can select the
character set to generate our password list. We can find the choice of
character sets at:

/usr/share/rainbowcrack/charset.txt

Now, if we know
that our target is using an eight character password with only alphabetic
characters, we can generate a list of all the possibilities in crunch with the command:

crunch 8 8 -f
/usr/share/rainbowcrack/charset.txt loweralpha-numeric -o
/root/loweralphanumeric.lst

This will
generate all the 8-character passwords using the lower alphabetic and number characters.

This is how we can
make use of crunch. You can go through the manual and check out the other
available options.

All these videos
Tutorials for educational purpose only,

Subscribe Our YouTube Channel

 

LEAVE A REPLY

Please enter your comment!
Please enter your name here