- Wordlist Generator using Crunch [6 Methods]
- Requirements
- Crunch wordlists generator
- Installation
- How to use Crunch as Wordlist Generator
- Crunch options
- Generating passwords using crunch
- Generating alpha-numeric wordlist
- Using permutation for generating a wordlist
- Generate wordlists with limited words
- Generate wordlist with a specific pattern
- Wordlist fragmentation
- Generating compressed wordlist
- Conclusion
- 2 thoughts on “Wordlist Generator using Crunch [6 Methods]”
- Leave a Comment Cancel reply
- Ethical Hacking Tutorial
Wordlist Generator using Crunch [6 Methods]
Hello learners, in our previous guide we learned how to use hashview to crack password hashes from a predefined wordlist. In this guide, we will learn how we can use Crunch, an open source software to generate wordlist containing possible password combinations. While cracking hashes or attempting a brute force attack using worldlists available online such as Seclists may prove unfruitful in our attempt to decrypt passwords. This is where the Crunch comes in. Crunch is helpful in a case where we have a clue of what the password looks like.
Requirements
- PC running Kali Linux.
- Knowledge of using the terminal.
- Have a clue about the possible password structure.
Crunch wordlists generator
Crunch is a utility that comes preinstalled on various Linux distros. Crunch is used by security professionals to generate predefined wordlists to fit the needs of the user while cracking passwords. Some of the features of Crunch include;
- Crunch can generate wordlists for both permutation and combination ways.
- Crunch pattern supports the use of numbers and symbols.
- Runs on both windows and Linux.
- A user can add a status report while generating multiple files.
- it can break up output as defined in the command. i.e by file size or by the number of lines.
- You can resume wordlist generation.
- Has a new -l option for literal support of @, %^
- Has a new -d option to limit duplicate characters.
- It has Unicode support.
- Crunch patterns can support upper and lower case characters separately.
Installation
In order to install Crunch on Kali Linux we run the command.
sudo apt-get install crunch
To see if crunch has been installed we can run the command.
How to use Crunch as Wordlist Generator
Crunch options
Crunch has options that we can use to generate wordlists that fit our needs. These options are;
- -b: specifies the maximum size of the wordlist.
- -c: specifies the number of lines to write to the wordlist.
- -d: limits the number of duplicate characters
- -e: stop generating words at a certain string
- -f: specifies a list of character sets from the charset.lst file
- -i: inverts the order of characters in the wordlist
- -l: allows the literal interpretation of %,@^ when using -t
- -o: specifies the output wordlist file
- -p: prints permutations without repeating characters.
- -q: Like the -p option but it reads the strings from a specified file
- -r: resumes a previous session (cannot be used with -s)
- -s: specifies a particular string to begin the wordlist with
- -t: sets a specific pattern of @,%^
- -z: compresses the output wordlist file, accompanied by -o
- @represents lowercase letters
- ^represents special characters
- % represents numbers
- , represents uppercase letters
Generating passwords using crunch
Crunch allows us to generate wordlists containing at least a numerical value and an alphabetical value. To generate such combinations using crunch we run the command.
Where min is the minimum password length, max is the maximum password length, the character set is the set of characters to use for generating the password, and the output file specifies the file we want to save the generated passwords.
Generating alpha-numeric wordlist
In some cases, people prefer using both alphabet and numerals for passwords. While generating passwords in such cases, our charset will contain both numerals and alphabets as shown below.
As shown in the image above we have generated 335,664 possible passwords.
Using permutation for generating a wordlist
In a case where we are sure a certain phrase is used in a password we want to crack, we can use the -p flag to specify the phrase used so as to include it in our generated wordlist. Crunch also allows us to include more than one phrase while we generate wordlists. Permutations should be separated by a space in between as shown in the image below.
Generate wordlists with limited words
Crunch has an option that allows us to generate wordlists up to a specified number of lines. i.e. In a case where we want only a specific number of lines let’s say we only need the first 100 lines out of possible 1000 possible passphrase combinations. To achieve this we specify the number of lines y adding a flag -c after specifying the character set followed by the number of lines we want as shown in the image below.
Generate wordlist with a specific pattern
Some people may prefer using passwords that have a specific pattern. For example, a password with a phrase followed by numbers. Crunch provides an option to generate wordlists containing such passwords by specifying the pattern while generating the possible passwords using the flag -t. To do this, we use the special characters we discussed above. For example, in a case where a user has a password as a phrase followed by one number or more, we may use the following command.
Wordlist fragmentation
The wordlist fragmentation option is useful in a case where the generated wordlist has a large size spanning over several megabytes or even gigabytes. Using the -b flag while we generate wordlists, will split the wordlists into several files depending on the maximum size we have set for each wordlist file as shown in the image below.
From our working directory, we can see several wordlists we have generated.
While using the -b flag to split the wordlist files, we are required to add START after the output flag (-o)
Generating compressed wordlist
A compressed dictionary may be required in a case where we generate wordlist with a very size or in an event where we want to transfer the wordlist for use on another PC. To zip the generated wordlist we will add the -z flag and specify the kind of zip file we want; bzip2, gzip, 7z and lzma.
Conclusion
In the above guide, we have learned different techniques we can use to generate wordlists containing possible password combinations depending on the nature of the password we want to crack. Using Crunch we are able to generate wordlists that fit our needs saving us a lot of time. Crunch can be used to generate possible password combinations although its efficiency depends on whether we have a clue of the structure of the password we want to generate wordlist for. Using Crunch and hashview, we can be able to crack hashes of many common passwords.
Didn’t find what you were looking for? Perform a quick search across GoLinuxCloud
If my articles on GoLinuxCloud has helped you, kindly consider buying me a coffee as a token of appreciation.
For any other feedbacks or questions you can either use the comments section or contact me form.
Thank You for your support!!
2 thoughts on “Wordlist Generator using Crunch [6 Methods]”
Hi. How to make a password repeat a character no more than a certain number of times? For example, so that the % symbol in the password is repeated no more than 2 times? Reply
Leave a Comment Cancel reply
Ethical Hacking Tutorial
- Install Kali Linux
- Create Kali Linux bootable USB
- Dual boot Ubuntu with Kali Linux
- Install Kali Linux on VirtualBox
- Install Kali Linux on Raspberry Pi
- Install Kali Linux on Android
- Install Kali Linux on Apple M1 with UTM
- Setup Virtual PenTesting Lab
- Setup Android Pentesting Lab
- Setup Hacking Lab
- Manage Pentest Projects with Cervantes
- Nettacker — Automated Pentesting Framework
- MobSF: Android App Pentesting
- APKHunt: Android App Pentesting
- Hack Social Media Accounts — ZPhisher
- Analyze phishing email — Thephish
- Install Gophish phishing framework
- Gophish Phishing Campaign
- FiercePhish Phishing Campaign
- Snapchat Phishing using Grayfish
- Using SocialFish to Hack Credentials
- Social Engineering Toolkit Credentials Phishing
- Lockphish V2.0 PIN phishing attack
- Evil Twin WiFi Attack with Airgeddon
- Browser-in-the-Browser Attack
- Install Caine OS for Forensic Analysis
- Install Metasploit Framework
- Install OWASP Juice Shop
- Install DVWA
- Install Tor Browser
- Install Pyrit
- Embed payload in PDF File
- Embed Metasploit Payload on APK
- Payload Injection — Shellter
- Obfuscate Android Payload — ApkBleach
- Create windows undetectable payload — Technowlogger
- Learn hacking with Metasploitable
- Network Reconnaissance with Nmap
- BEeF Hacking Framework
- Intercept Network Traffic
- Track IP Address using Image
- Find Hidden Endpoints
- Using WiFi Honeypot for Ethical Hacks
- Hack Wi-Fi password
- Encode message in image — Steganography
- Shodan — The Search Engine for Hackers
- L3MON — Hack Android Mobile Remotely
- Torshammer — Perform DDoS attack
- Local File Inclusion Attack
- Using Xerosploit
- Using Arpspoof
- DVWA SQL Injection Exploitation
- DVWA Exploits
- Kali Vulnerability Scanner Tools
- WPScan: WordPress Vulnerability Scanner
- The Best 5 OSINT Tools
- Using Infooze Tool
- Using Mitaka Tool
- Create Reverse Shell
- WordPress Reverse Shell
- Subdomain Enumeration Tools
- SMTP Enumeration Tools
- DNS Enumeration Tools
- Wordlist Generator using Crunch
- Automate SSH Brute Force Attack
- Fuzzing Tools for Web Application Pentesting
- Bypass CSRF Protection
- Password Cracker — John The Ripper (JTR)
- Crack Hashed Password — Hashview
- Attack Login Forms with Burpsuite and THC-Hydra
- Perform Postgres DB Brute Force Attack
- Perform VNC Brute Force Attack