Page 1 of 2 12 LastLast
Results 1 to 10 of 18

Thread: Word List Generator

  1. #1
    Just burned his ISO
    Join Date
    Mar 2006
    Posts
    7

    Default Word List Generator

    After getting WEP cracking down, I decided to give WPA a try. After some reading about coWPAtty and Rainbow Tables, it seems that the better dictionary or word list you have, the better chances of success.

    What if the target WPA passphrase is not in your word list? What if its just a random string of characters like you can get from grc.com password generator? Then your SOL!

    Sooooo....
    I wanted to find a word list generator for every possible combination of characters and I found this...

    http://freshmeat.net/projects/wg/

    After a bit I came up with the following.....

    $ perl ./wg.pl -l 8 -u 64 -v abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWX YZ0123456789\`\~\!\@\#\$\%\^\&\*\(\)\-\_\+\=\[\]\;\'\,\.\/\<\>\?\:\"\{\}\|\ > words.txt

    This will generate a list of "words" (actually character strings) between 8 and 64 characters long (-l 8 -u 64) and output it to a text file named "words.txt"
    (> words.txt).
    All the / characters are there because I was getting errors from not escaping bash command characters.

    I tested it with -l 2 -u 4 and lowercase alphas...then grepped it for dirty words ;>
    (c'mon...we all had a laugh in gradeschool doing that with the dictionary)

    $ grep (insert 4 letter word) words.txt
    It worked!

    Then I started it with the above parameters and it's been running for 45 minutes...up to 900 meg!!! This is going to be enormous!!! I think this might be a bit too much.

    Can someone check to make sure I didn't leave any characters out?

    I did not write the script and know very little about scripting so I cant answer anything about how it works.

  2. #2
    Just burned his ISO
    Join Date
    Sep 2006
    Posts
    2

    Default

    I think you can use John the Ripper to do something similar. If you've never used it it's under /pentest/password/john-1.7.2/run. You can do something on the lines of
    john -incremental=All --stdout > all.lst
    That produces a list of all combinations of the 95 printable ASCII characters of lengths 1 to 8. You can replace "All" with say "Alpha" or "Digit" to get just alpha or numeric passwords. It's also worth having a look at the john.conf file, you can change the min and max length of the generated passwords.
    To be honest though I think a password file like this would take forever to get through.

    **Edit**
    A list of all printable characters from Wikipedia (starting with a space)
    !"#$%&'()*+,-./0123456789:;<=>?
    @ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_
    `abcdefghijklmnopqrstuvwxyz{|}~

  3. #3
    Just burned his ISO
    Join Date
    Mar 2006
    Posts
    7

    Default

    Thanks for the tip about John! I've never used it, so I'll have to give that a try....definitely a good idea.

    You're right about a list that large...I left the script running and it created a file over 9 gig! It wanted to keep running but I ran out of disk space.

    My Idea was to use this huge list with coWPAtty and precompute it against the "Church of Wifi" top 1000 ssid's. That would generate a good lookup table for faster cracking. The problem is list size.....it's HUGE!! I need to get a new hd.

    The CoWf precomputed tables is 8 gig in size using 170,000 actual words...I wanted to be able to include random strings.

    I think this might be a bit too large a project for me. It would be better suited as a distributed project.
    For example:
    Using all characters...
    First person generates and precomputes length 8-10...
    Second does the same for length 11-12...
    repeat...to 64...
    as it goes up, it will have to be reduced to one length.

    Then consolidate.

    Damn, this might be unworkable because of sheer size. I'm not a coder but a "SETI@home" type of program would do this nicely.

  4. #4
    Just burned his ISO
    Join Date
    Mar 2006
    Posts
    7

    Default

    Oh, man!
    John ROCKS!!!

  5. #5
    Just burned his ISO
    Join Date
    Jul 2006
    Posts
    13

    Default

    Yep it sure does.
    Happy birthday have a pound sign (most US K.boards dont have one so when cracking pass's you may never get it)

    £

    Same is true of other (alt) keyboard

  6. #6
    Just burned his ISO
    Join Date
    Sep 2006
    Posts
    2

    Default

    Missed that one (and I'm from the UK so I have no excuse...).
    I suppose we had better add € too...

  7. #7
    Just burned his ISO
    Join Date
    Dec 2006
    Posts
    2

    Default

    oh, don't forget ñ its in allot of Spanish passwords! The list sounds cool, when i get my new server I might make it a project to do.

  8. #8
    Just burned his ISO
    Join Date
    Aug 2006
    Posts
    21

    Default

    hi

    when i tried to run this command

    perl ./wg.pl -l 4 -u 6 -v abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWX YZ0123456789\`\~\!\@\#\$\%\^\&\*\(\)\-\_\+\=\[\]\;\'\,\.\/\<\>\?\:\"\{\}\|\ > words.txt

    i have this message error

    File size limit exceeded

    what is my pb? i have large hard (80 Gigabytes free)

  9. #9
    kaaslander
    Guest

    Default

    I'm making a 26 digitaal wpa code dictionary.... I want to crack my wpa code, look like this
    " fs8903uied238nv01dh3890wlp "

    $ perl ./wg.pl -l 26 -u 26 -v abcdefghijklmnopqrstuvwxyz0123456789 > words.txt

    i was wondering, how long does it take to crack it, with aircrack?

  10. #10
    Junior Member
    Join Date
    Apr 2006
    Posts
    39

    Default

    What exactly did you expect? why do you think bruteforce attacks take so long? what you are trying to do is make a brute force dictionary

    so lets say for argument sake you look at the 128 characters in the standard ascii table and a password is only 4 characters long

    128x128x128x128= 268,435,456 bytes for a 4 character password=268mb

    6 chars 4,398,046,511,104 bytes 4.5TB if i got my factors right in my head and its a sunday afternoon so i might not have

    OK so 128 is extreme so try 70 characters (or so) on a standard key board with out any extra effort and not counting case sensitivity

    4 chars = 24,010,000 bytes
    6 chars = 117,649,000,000 bytes

    how much data do you think you'd need for 26 chars? that alone how long it would take to generate.

    generators are cool if you know its:-
    a. a small password
    b. you have a partial match
    c. you saw key strokes (shoulder surf) but you are not 100% certain.
    d. you can otherwise narrow the parameters
    e. erm thats all off the top of my head

    hope this helps

    Quote Originally Posted by granger53
    Thanks for the tip about John! I've never used it, so I'll have to give that a try....definitely a good idea.

    You're right about a list that large...I left the script running and it created a file over 9 gig! It wanted to keep running but I ran out of disk space.

    My Idea was to use this huge list with coWPAtty and precompute it against the "Church of Wifi" top 1000 ssid's. That would generate a good lookup table for faster cracking. The problem is list size.....it's HUGE!! I need to get a new hd.

    The CoWf precomputed tables is 8 gig in size using 170,000 actual words...I wanted to be able to include random strings.

    I think this might be a bit too large a project for me. It would be better suited as a distributed project.
    For example:
    Using all characters...
    First person generates and precomputes length 8-10...
    Second does the same for length 11-12...
    repeat...to 64...
    as it goes up, it will have to be reduced to one length.

    Then consolidate.

    Damn, this might be unworkable because of sheer size. I'm not a coder but a "SETI@home" type of program would do this nicely.
    --
    Windows 95 :-
    "32-bit extensions and a graphical shell for a 16-bit patch to an 8-bit operating system originally coded for a 4-bit microprocessor, written by a 2-bit company that can't stand 1-bit of competition".

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •