If you try to hack by brute forcing attack on password to login, or try to crack passwords hashes, you will need a good password list that fit your situation based on information you gathered about the target.
Crunch is the tool that do all of that for you, it is flexible and easy to customize based on password lengths , group of characters , even a combination of some words, or based on patterns !
01. Installing crunch :
crunch installed by default in kali linux and all other penetration testing distributions , but also available for almost any linux distribution :
for Debian / Ubuntu :
apt install crunch
for Red hat / CentOS / Fedora :
yum install crunch
02. using crunch :
Crunch can create a wordlist based on criteria you specify. The output from crunch can be sent to the screen, file, or to another program.
Usage: crunch <min> <max> [options]
where min and max are numbers
By default crunch use lower-case characters ,but we can customize as we want , and output to stream which can be redirected to a file using -o file option.
03. Simple crunch password list :
To create password list of lower-case chars from minimum 2 characters up to 4 characters and output to file named list :
root@kali:~# crunch 2 4 -o list
Crunch will now generate the following amount of data: 2357212 bytes
2 MB
0 GB
0 TB
0 PB
Crunch will now generate the following number of lines: 475228
crunch: 100% completed generating output
root@kali:~#
Notice the list size is about 2 MB , and passwords counts is 475228 .
To create a list from custom characters (for example a combination of abc123) :
root@kali:~# crunch 2 4 abc123 -o list
Crunch will now generate the following amount of data: 7452 bytes
0 MB
0 GB
0 TB
0 PB
Crunch will now generate the following number of lines: 1548
crunch: 100% completed generating output
root@kali:~#
04. crunch password list based on character set :
crunch comes with predefined character set which stoed at /usr/share/crunch/charset.lst
read it to know the char set names :
root@kali:~# vim /usr/share/crunch/charset.lst
To create a list based on char set of uppercase letters , use ualpha as char set name after selecting char set file path :
root@kali:~# crunch 2 3 -f /usr/share/crunch/charset.lst ualpha -o list
Crunch will now generate the following amount of data: 72332 bytes
0 MB
0 GB
0 TB
0 PB
Crunch will now generate the following number of lines: 18252
crunch: 100% completed generating output
root@kali:~#
There is many predefined char set , explore it and use the required one , you may even define a custom char set if needed .
05. Crunch password list based on pattern :
you can use a pattern to match for more specific passwords, use -t followed by pattern :
-t @,%^
@ will insert lower case characters
, will insert upper case characters
% will insert numbers
^ will insert symbols
Example: to create a password list of 5 characters starting with uppercase, then lowercase letter, then one symbol , then tow numbers:
-t ,@^%%
root@kali:~# crunch 5 5 -t ,@^%% -o list
Crunch will now generate the following amount of data: 13384800 bytes
12 MB
0 GB
0 TB
0 PB
Crunch will now generate the following number of lines: 2230800
crunch: 100% completed generating output
root@kali:~#
Use the min , max numbers as the number of pattern chars.
06. Resume crunch task :
-r Tells crunch to resume generate words from where it left off.
-r only works if you use -o.
You must use the same command as the original command used to generate the words and append -r at the end.
Example: using the same above example
root@kali:~# crunch 5 5 -t ,@^%% -o list Crunch will now generate the following amount of data: 13384800 bytes 12 MB 0 GB 0 TB 0 PB Crunch will now generate the following number of lines: 2230800 ^CCrunch ending at Rx`61 root@kali:~# crunch 5 5 -t ,@^%% -o list -r Resuming from = Rx`61 Crunch will now generate the following amount of data: 13384800 bytes 12 MB 0 GB 0 TB 0 PB Crunch will now generate the following number of lines: 2230800 crunch: 31% completed generating output root@kali:~#
Did you notice , after press ctrl + C , it remeber the ending point , then use that point to start from as showing with bold text above !!
Very good for large list generation.
07. More about crunch :
that was the common used ways to use crunch, for more reading, read manual page , and read character set file to be familiar with.
man crunch
vim /usr/share/crunch/charset.lst
That was it, i hope it was simple, thanks for joining me.
Enjoy !
Thanks