Home / Security / Hacking / Create a custom cracking Wordlist

Create a custom cracking Wordlist

To perform a good pentest, nothing better than a custom wordlist to crack passwords. We may be able to generate a custom wordlist that reflects our knowledge of the target or the organization’s password policy (For example : 10chars min, Special chars …)

Information Gathering

To build a good wordlist, you’ve to know the company you target (for your legal pentest :)). The first step is to collect usefull informations like :

  • Geographical area(s) of the company : Collect all Countries / Areas & Cities where the company is located
  • Industry classification : Depending of the industry classification, you will customize your wordlist. If your target produce fruits for example, dump a fruit name list, and adapt the language following the company geographical area :)
  • Name & Surname : Governments offer Names & Surnames lists in open-data, for example, for france : Liste de prénoms et patronymes
  • LinkedIn : The best Database. You can use a scraper as ScrapedIn to dump company profiles and extract keywords.
  • Company Website : You can dump some keywords from the company website, You can use CeWL to dump the keywords.

Customizing the wordlist

Mentalist

Mentalist is a graphical tool for custom wordlist generation. It utilizes common human paradigms for constructing passwords and can output the full wordlist as well as rules compatible with Hashcat and John the Ripper.

Install Mentalist on Centos (GUI mandatory /!\)

Install Mentalist on Windows

I used Chocolately to install the last Python on my computer, it’s very simple : chocolately

Once it’s done, enter the following commands in a powershell console :

Download the latest version of Mentalist with git, install it & run it

Loading...

Using It

Once we’ve mentalist Installed & Running, we’ll load our custom wordlist, and continue to customize it

When you start Mentalist, you’ve the “Base Words”, click the + button, to add your custom wordlist

Now you’ve your wordlist added, lets play, Click the + button, in the upper right corner, then choose :

  • Case : If you want to change Uppercase to Lowercase etc .. My advice is to choose the option : Upper First, Lower rest
  • Substitution : You can substitute letter to special chars, like a to @ …
  • Prepend : Add Words / Numbers … before your words
  • Append : Add words / numbers … after your words

When you finished, click on “Process” in the menu, Select “Full wordlist” and choose a file to save your new wordlist.

Conclusion

Building a custom wordlist is very simple, and it will take you only a couple of hours, to have a better result than just using some wordlist dumped on internet, even if they still work fine :).

A last advice, and I’ll writte a blog post about that, you’ve to combine your wordlist with a bruteforce attack. It’s really powerfull & simple with Hashcast.

Loading...

About Alexandre Nogard

Check Also

Forcepoint : Deploy the SMC on AWS | Part II

In the first Howto Forcepoint : Deploy the SMC on AWS | Part I, we …

Forcepoint : Deploy the SMC on AWS | Part I

How to deploy Forcepoint SMC (Security Management Center) on AWS ? This is a good …

Investigate if your linux server has been hacked or not

We’re a lot to face intrusion attemps in our IS. There can be many interests …

Leave a Reply

Your email address will not be published. Required fields are marked *