Read up on crunch, the wordlist generator included with Backtrack 5.
Creating custom, targeted wordlists
Hi
Let's consider this scenario.
I go into a company to pentest their network, inc wireless.
Through passive monitoring I find out the company name or internal domain name, and maybe even a few usernames.
Is there a way I can generate a custom targeted wordlist to incorportate the infomation I know about?
I.E Company name is company
So the wordlist will automatically include passwords like:
company
Company
C0mpany
c0mpany
company1
etc..
As well as the usual bunch of most common passwords?
Re: Creating custom, targeted wordlists
Read up on crunch, the wordlist generator included with Backtrack 5.
Re: Creating custom, targeted wordlists
At one point there was a OffSec script for this. I did a really quick search but couldn't find it. It was in one of the annoncement forums over the past number of years. I tried it at one point and it was fairly functional, though I do believe I reported a crash issue with it that never got a reply (IIRC).
You might want to checkout: CeWL http://www.digininja.org/projects/cewl.php
There are any number of tools that can perform the manipulations you're talking about if you have the base wordlist.
Crunch, hashcat maskprocessor, WLM etc.
Tape has lots of good blogs about wordlist prep and manipulation:
http://adaywithtape.blogspot.ca/
Last edited by thorin; 03-26-2012 at 10:32 AM.
I'm a compulsive post editor, you might wanna wait until my post has been online for 5-10 mins before quoting it as it will likely change.
I know I seem harsh in some of my replies. SORRY! But if you're doing something illegal or posting something that seems to be obvious BS I'm going to call you on it.
Re: Creating custom, targeted wordlists
I think I actually blushed when I read that
Re: Creating custom, targeted wordlists
Thanks guys I will check them out!
Posting Permissions