Generating Wordlists
Mahran Al-Zyoud
|
10 steps
Creating a Keyword-based Wordlist
Sometimes, web developers and IT professionals set passwords that reflect their organization’s goals, mission, products, or services. These passwords, while easy to remember, can make systems vulnerable to targeted attacks. **Custom Wordlist Generator (CeWL)** is a powerful tool designed for penetration testers to create targeted wordlists. By crawling (spidering) a website, CeWL gathers keywords that are likely to be associated with the organization. These keywords are then used to build a custom dictionary for **dictionary-based password attacks**. Such attacks attempt to guess passwords by systematically testing each word in the custom wordlist against a system or encrypted file.
1
To create a custom wordlist with keywords from a targeted website, please use the following command: [[cewl example.com -m 4 -w example_wordlist.txt]] This command will generate a custom wordlist containing words with a minimum length of 4 characters using keywords from the website example.com. It will then output the results in the example_wordlist.txt file within your current working directory.
2
Next, run the [[cat example_wordlist.txt]] command.
3
Here is another example.
4
Now, run [[nano AAU_wordlist.txt]]
5
To determine the number of words in the AAU_wordlist.txt file, run [[cat AAU_wordlist.txt | wc -l]] Keep in mind that **CeWL** extracts keywords from a website to generate a custom wordlist; however, it does not guarantee that these keywords will match the actual password used to access the target system.
Generating a Custom Wordlist Using Crunch
**Crunch** is a versatile offline password generator designed for penetration testers to create highly customized wordlists for dictionary-based password attacks. This tool stands out for its ability to generate all possible combinations of characters based on user-defined criteria or rules, such as specific lengths, character sets, or patterns. The generated wordlist is then output into a single dictionary file, ready to be used in password attacks. Crunch uses the following syntax to generate a wordlist: [[crunch <min-length> <max-length> \[options\] –o output_file.txt]]
6
To create a custom wordlist with a fixed length of 4 characters, which can be a combination of characters from 0 to 9, a to z, and A to Z, use the following command: [[crunch 4 4 0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ -o crunch_output.txt]]
7
As shown in the following screenshots, **Crunch** generated all possible combinations that met our criteria: (use [[nano crunch_output.txt]])
8
9
10
Using [[tail crunch_output.txt]] will display the last 10 lines of the file.
To learn more about how to generate customized wordlists, use the [[man crunch]] command to view additional syntax and examples.
