Before starting this blog, we understand a scenario. During the password attack, we need a dictionary file. Dictionary files are usually text files that contain a large number of common passwords. These passwords often used in conjunction with password-cracking tools. But sometimes users are so intelligent. They use bright passwords such as Pentesblog@123 andmobilenumbers. These types of passwords are not involved in the dictionary file. Now we require a crunch tool often hackers create passwords with the help of a crunch tool. But you don’t know, How to Create a Wordlist with the Crunch tool. “Don’t worry” In this blog, we will talk about the crunch tool, How to create custom wordlists with the crunch tool in Kali Linux. Let’s start this blog.
What is a crunch in Kali Linux?
Crunch is a powerful custom wordlist generator tool that has a lot of advanced features. For more information, view the crunch’s man page.
Crunch wordlist generator for Windows and Linux
According to this image! We want to generate a dictionary file, which will have a minimum and maximum length of six. I will prefer to use the crunch tool that is pre-installed in Kali Linux. We will not need to install it. As you know, I have mentioned each blog. Follow the below command.
min= The minimum password length. max= The maximum password length. char-set= Choose your character –o = Save your Dictionary file
crunch 6 6 12345b -o word.txt
Finally, Our effort was successful. Crunch has created a custom dictionary file. Let’s count these words help of the wc command, which is present in Kali Linux. Follow these commands.
wc -l word.txt
Crunch has many pre-defined character-sets in /usr/share/crunch/ folder. We will use that predefined character-sets. First of all, we show that character-sets on our terminal.
Look at the image carefully. It depends on you which character-sets you use. Assume! We have chosen it now append with the crunch tool.
Ex: mixalpha, lalpha etc.
We would enter a command similar to the following:
crunch 7 7 -f /usr/share/crunch/charset.lst lalpha-numeric-symbol14-space | more
Crunch, It can be used to generate more customized password lists. For example, consider the following situation. You are mid-engagement and have cracked a few user passwords from a specific device, As shown in the image.
Let’s create a more customized dictionary using the crunch tool. We would enter the following command. First of all, we will understand its working pattern.
-t = Specified pattern of the generated passwords.
, = Uppercase
@ = Lowercase
^ = Special character
% = Numeric value
crunch 9 9 -t ,@@@@^%%% | more
In the final stage, we will generate a 10 digit password such as the mobile number. Without wasting time, we would begin the following command.