Categories

Mo Passwords, Mo Problems

We are all pretty familiar with rockyou.txt and if you’re not, it’s the one password file that is shipped with Kali by default. Honestly, if you’re using a password in this text file, you’re just asking to be hacked. Let’s assume the account you’re attacking isn’t using ‘p@55w0rd12’ or one of the other common passwords in this file. Say we want to expand our library to include more recent passwords. Let’s cover a few of these extra password files to take your cracking game to the next level!

Seclists

SecLists offers a comprehensive array of lists for use in security evaluations. This collection encompasses various types, such as usernames, passwords, URLs, strings for sensitive data searches, fuzzing payloads, among others.

Its purpose is to provide security testers with an easily accessible repository of diverse lists, readily available for use on a new testing system. This ensures that they have all necessary types of lists at their disposal for effective security testing.

This list is super easy to install with Kali. Just run this command and it’ll load up this highly recommended list:

sudo apt install seclists

RockYou2021

Coming in at a little over 82 billion passwords, this list is not only huge but also large in size too! Thirteen files and each one around 1 gigabyte compressed, you can just imagine how big this text file is.

Loading this file is pretty easy with github!

You’ll be downloading these files with either a torrent or just getting them off the web. Here are the links you’ll be needing for this little project.

Torrent Filehttps://mega.nz/file/bOxEUYLS#i4QuvXrfXQjPfWcsj4pokXEMPwZ7VZC1IzJwzPHlvmM

1GB Chunks https://mega.nz/folder/aDpmxCiD#f_pSJ0vV698-Ev1mbyYNAQ

Have some patience when you’re extracting this beast!

Crunch

Maybe you don’t like having your password list made for you. You’re in luck! If you have a little bit of CPU power, we can make our own password list. Please keep in mind that this can take a significant amount of time, so have patience!

Installing crunch is just as easy as seclists

apt sudo install crunch

Of course you’ll have to learn a bit of parameter syntax to start generating. Check out the crunch site to get started! Networkwalks also wrote up a very extensive article with all of the different parameters you can use.

Written by

Benjamin J.

As a technology enthusiast with over 30 years of experience in the field, I have developed a deep passion for computer security. My interest in this field began at a young age when I was first introduced to computers through an ancient MS-DOS system, and the very first command I discovered, 'dir', sparked my curiosity and desire to learn more. Throughout my professional career, I have dedicated myself to gaining a comprehensive understanding of hacking and its various techniques, with a particular focus on sharing this knowledge with others. I believe that equipping others with the tools and understanding they need to protect themselves is crucial in today's digital landscape.

Post navigation

Leave a Comment

Leave a Reply

Your email address will not be published. Required fields are marked *