This blog entry is on how to quickly create a custom wordlist to use with a password cracker. This is something I have been wanting to learn for a while but was unsure how to do it. I learned this technique from a video created by pur3h4t3. I link to his blog can be found at the bottom of this entry.
You may want to create a custom wordlist using a companies website. What the method I am demonstrating will do is take a website, synjunkie.blogspot.com in this example, and create a wordlist using all the words on that site. Hopefully these words may be relevant to my target.
I will cover how to use this list with a password cracker in a later blog entry.
Tools
All tools i use are on the backtrack3 CD.
- wget
- wyd.pl
- pw-inspector
Creating the Wordlist
1. First I create a directory that I am going to download a copy of the website into. After changing to that directory I quickly grab the site using wget.
wget - r http://synjunkie.blogspot.com
2. After grabbing the site I use wyd.pl to extract all the words from the site into a single file.
wyd.pl -n -o /root/sj/wordlist.txt /root/sj/synjunkie.blogspot.com/
3. I then cat the file that I have created out, piping it through sort and uniq, to put it in order and remove any duplicate words.
cat wordlist.txt | sort | uniq > wordlist2.txt
This then gives me a file called wordlist2.txt that is a bit smaller as the duplicates have been removed.
4. Next I use pw-inspector to go through the file and remove any words that do not meet the criteria.
cat wordlist2.txt | pw-inspector -m 1 -M 20 >customlist.txt
The criteria I have set here is words should be a minimum of 1 letter and a maximum of 20. If you know that your target hes a minimum password legnth of 8 characters you could remove all words with less than 8 characters using this tool.
6. The result is a file called customlist.txt that contains words that may be more relevant to a target.
cat customlist.txt
Links
http://pur3h4t3.blogspot.com/
http://www.remote-exploit.org/backtrack.html
