Custom wordlists

Using John

  • Download target site
    • # wget -r -l 2 www.<targetwebsite>.com
  • Produce uniq list
    • # grep -hr "" www.<targetwebsite>.com/ | tr '[:space:]' '\n' | sort | uniq > wordlist.lst
  • Clean list
    • # egrep -v '('\,'|'\;'|'\}'|'\{'|'\<'|'\>'|'\:'|'\='|'\"'|'\/'|'\/'|'\['|'\]')' wordlist.lst | sort -u > wordlist.clean.lst
  • Regenerate list w/ John
    • # john --wordlist=wordlist.clean.lst --rules --stdout | uniq > final.wordlist.lst

Using Crunch

Syntax: crunch <min> max<max> <characterset> -t <pattern> -o <output filename>

  • Letters and numbers mixed, minimum 8 max 8 letters
    • # crunch 8 8 -f /usr/share/rainbowcrack/charset.txt mixalpha -o /root/alphawordlist.lst
  • Password set to 10 char with the last four set to fixed & ¬†first six to be variable
    • # crunch 10 10 -t @@@@@@0728 -o /root/birthdaywordlist.lst