Ever needed to generate a wordlist? For example... You can hear and see the general keys someone types in; so you have an idea of length and possible characters. This greatly lowers the number of possibilities when trying to brute force. I got this script off of freshmeat.net but posted here for the combo usage with perl. There is also another method via John The Ripper that I will post up at some point.
wg.pl
http://digilander.libero.it/reda/downloads/perl/wg.pl
Well, blogger wont let me put up the code (go figure). It errors when I try to post. If you know how to make it work, I would greatly appreciate it. For now, that is the direct link to the code. I will keep a copy of it just in case it disappears. Maybe I will put it into an image or something (eggh, I know) but at least we will still have it.
Using this Perl script, we can now create our brute-force word-list. :)
perl ./wg.pl -l 8 -u 10 -v abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWX YZ0123456789\`\~\!\@\#\$\%\^\&\*\(\)\-\_\+\=\[\]\;\'\,\.\/\<\>\?\:\"\{\}\|\ > pass1.txt
This will make a list 8-10 characters long.
All the / characters are there because of errors from not escaping bash command characters.
My suggestion is to run this multiple times. First to make a list of all 8 character passwords, then again with 9, then again with 10, etc. etc. That way you can load up only the needed number and it will take WAY less time. You can replace the abcdefg...ABCD...1234... with only the characters needed too (from above when you had an idea of what keys were hit).
The next thing I would do is to grep out known character combos. So if you know they hit a 'r' and then a 'b', run 'grep rb pass.txt > pass2.txt Hopefully this will greatly narrow down your list (depending on how many keys you know they hit in order) and in effect narrow down your brute force time.
Enjoy!
Wednesday, April 23, 2008
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment