Results 1 to 4 of 4

Thread: Wordlist format

  1. #1
    Just burned his ISO
    Join Date
    Feb 2012

    Default Wordlist format

    Hi guys,
    I'm a bit of a n00b and I need to demonstrate brute force attacks on some products my company sells.

    I would like to include a key that I know into a wordlist, so that I can demonstrate a successful hack in a reasonable amount of time.
    I tried editing the default wordlist in backtrack 5 by putting it quite high up in the file, ( I put it in the A's) but it seemed to skip right over it.

    Am I doing something wrong?

    If I were to create my own wordlist of 20 or so keys, what format does it need to be?
    Can it just be a simple file with strings and new lines?

    etc etc.

  2. #2
    Super Moderator Archangel-Amael's Avatar
    Join Date
    Jan 2010

    Default Re: Wordlist format

    Most tools that use wordlist don't generally care where, or what the list is called. but something like wordlist.lst (list file ) would be just fine. wordlist.txt (text file) will also work.
    There are also tools in BT to help you create a list if you need to make some custom ones. But something like you have above with your passphrase it it will suffice.
    To be successful here you should read all of the following.
    If you are new to Back|Track
    Back|Track Wiki
    Failure to do so will probably get your threads deleted or worse.

  3. #3
    Just burned his ISO
    Join Date
    Feb 2012

    Default Re: Wordlist format

    (filename).lst will work like mentioned above just fine.

    My question to you is how are you demonstrating a bruteforce attack by using a list that contains known keys? That isnt really performing a bruteforce attack if you are using keys in a list that you already know work before hand. Sounds like you're trying to fool people into believing they are more vulnerable then they actually are. Wordlist won't work on a random character password and to bruteforce a random character password that is 10+ chars can take a looong time.

  4. #4
    Junior Member
    Join Date
    Mar 2007

    Default Re: Wordlist format

    Are you asking a question or are you telling yourself the answer.????

    if you want to do a proper brute force without a dictionary it will take a couple of days to run an 8 char length password.

    you already know the password and are putting it in a dictionary. your still trying billions of passwords.
    (AMD 64 6cores 3.6Ghz) using 5 cores on a vm can crunch an 8 char passphase BruteForce in just over a day if I brutefore knowing that I only have 36different chars. so all lowercase and numbers (0-9)

    36 few seconds
    1296 seconds
    46656 minutes
    1679616 couple of hours

    unfortunately I dont have the skill to get cuda to work on BT5 yet as this would reduce the time considerably

    I have a question for you. why are you..... If you know the password and for demo you put the password in a dictionary your still brute-forcing with a list of passwords may or maynot work.
    I would rather do research and Bruteforce something I think is the password than just use every single computation it makes the most sense....

    for your demo you might want to change the key on the access point to something that a brute force will get in a few minutes.

    Last edited by dwjs1974; 02-24-2012 at 07:30 PM.

Similar Threads

  1. Wordlist Generator Script - Revamping Original Wordlist
    By mcurran in forum OLD Programming
    Replies: 5
    Last Post: 01-22-2010, 06:13 AM
  2. IVS and PCAP format cannot be used together
    By Takedown32 in forum OLD Latest Public Release - BackTrack4 Beta
    Replies: 9
    Last Post: 08-08-2009, 04:53 AM
  3. WPA cracking...big wordlist or just good wordlist.
    By Abraxas in forum OLD Newbie Area
    Replies: 11
    Last Post: 04-07-2009, 02:12 PM
  4. Replies: 2
    Last Post: 11-25-2008, 11:42 AM
  5. Replies: 28
    Last Post: 10-23-2008, 10:28 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts