of 12
8/19/2019 wordlist_parte2
1/12
8/19/2019 wordlist_parte2
2/12
palaGras decentemente y se centró a continuación5 puede limpiarlo con más comandos sed y
el inspector contrase"a ver más aGaIo en el post\. ?ara eliminar todos los perOodos de la
parte delantera de las palaGras; sed s / X [. ] / / Mi weG.t t ?ara eliminar cualJuier coma
desde el final de las palaGras; sed s / [5] V / / Mi weG.t t personaIes a"adiendo a cada palaGra
en lista de palaGras por eIemplo5 - \ ;sed s / V / - / wordlist.t t> wordlist- .t t ?ara
eliminar lOneas en el archivo Jue contiene cierto carácter con L L\; sed / / d Mi
wordlist.t t o para crear un nuevo archivo con esos camGios; sed / / d wordlist.t t>
wordlist-.t t una Guena información soGre el uso del !*D se puede encontrar aJuO . )* %% *l
comando tr es muy $til5 asO5 por eIemplo5 para camGiar de may$scula a min$scula o
viceversa; tr [b upperb] [b lowerb] > wordlist lower.t t información se puede
encontrar aJuO . Usando +get y la ,-, %%%%%%%%%%%%%%*sta es la forma más refinada de
conseguir las palaGras de una página weG5 incluso GaIando varias capas en la páginaweG. ?rimero hacemos una carpeta y mover a la misma; mQdir tr tr cd *ntonces comenKamos
a wget grap todo desde un sitio5 especificando la profundidad Jueremos ir M l\ wgetMrMl -M&D
httpb//www.theregister.co.uQ DespuHs de ir a la y lo utiliKan para e traer todas las
palaGras de los archivos descargados. cd / pentest / password / wyd perl wyd.pl M nMo T /
wordlist'(.t t T / '( / Buelve a raOKcd T / gato wordlist'(.t t P sort P uniJ>
'( sorted uniJ.t t )sO Jue ahora tenemos un archivo t t con todas las palaGras desde el -er
nivel de theregister.co. uQ en orden alfaGHtico sin duplicados. !u mano para recordar Jue el
LtipoL función Gasa la ordenación en el orden Jue se define en la taGla )!C:: y asO se ordenaráen lugar de )6CaGc )a6GCc. ?ara conseguir un verdadero orden alfaGHtico ordenar5 utilice la
opciónMf mando5gato wordlist'(.t t P sortMf P uniJ> '( sorted uniJ.t t $ontrase a
nspector %%%%%%%%%%%%%%% ?uede utiliKar inspector contrase"a para tener ordenados los
archivos de lista de palaGras de hasta Gasándose en la longitud de contrase"a mOnima y
má ima y Jue el conIunto de caracteres Jue desea Jue contenga. gato '( sorted uniJ.t t P
pwMinspectorMm #M -0> '( optimised.t t )sO lo anterior algunas maneras de oGtener listas de
palaGras y la manera de manipular a su gusto
http://www.oracle.com/technology/pub/articles/dulaney_sed.htmlhttp://linux.about.com/library/cmd/blcmdl1_tr.htmhttp://www.oracle.com/technology/pub/articles/dulaney_sed.htmlhttp://linux.about.com/library/cmd/blcmdl1_tr.htm
8/19/2019 wordlist_parte2
3/12
8/19/2019 wordlist_parte2
4/12
8/19/2019 wordlist_parte2
5/12
8/19/2019 wordlist_parte2
6/12
8/19/2019 wordlist_parte2
7/12
? A 6 = : C ) D % ? % ( C : & ' ) * & -#b#0
" 3 $ - ' ) " * & :
4 U 5 6 $ " * U $ - ' ) " *
http://adaywithtape.blogspot.com/2011/0 /wordlist!manipulation!revisited.html
&ome tools 7or creating / editting wordlists;
$runch
%%%%%%
Crunch is a pretty easy yet powerful dictionary generator with general usage;
pentest/password/crunch [from length] [to length] [charset] > filename.t t
:f you want a # character password list with Iust numGers the code is;
/pentest/passward/crunch # # ,- #01234 > pass-.t t
:f you want a 1 character password list with lowercase and numGers5 the code is;
/pentest/password/crunch 1 1 aGcdefghiIQlmnopJrstuvw yK,- #01234 > pass .t t
Eou can also fi parts of the passwords; if for instance you are thinQ the password will always
start off with for instance LpassL followed Gy numGers5 you can use crunch to do the worQ for
http://adaywithtape.blogspot.com.es/2009/05/wordlists-and-wordlist-manipulation_11.htmlhttp://adaywithtape.blogspot.com/2011/07/wordlist-manipulation-revisited.htmlhttp://adaywithtape.blogspot.com.es/2009/05/wordlists-and-wordlist-manipulation_11.htmlhttp://adaywithtape.blogspot.com/2011/07/wordlist-manipulation-revisited.html
8/19/2019 wordlist_parte2
8/12
you.
/pentest/password/crunch 3 3 ,- #01234 Mt passNNNN > password.t t
'hat still results in a file with -,,,, possiGle comGinations though.. can checQ the numGer of
lines with ;
cat password.t t P wc Ml
'he synta for crunch gets slightly more complicated when dealing with special characters.
:f for instance you wanted to maQe a five character wordlist with all possiGle special
characters5 you would need to escape certain special characters using GacQslash R
:f you wanted to fi certain characters5 using the Mt function5 then again5 you would need to
escape certain characters5 ie ;
/pentest/password/crunch 0 0 L RS RT R NUVWXYZ \M ^_[`] ;b RLRP5 .>/ L Mt LNN RL R RNL
Using &'(
8/19/2019 wordlist_parte2
9/12
%%%%%%%%
!ed is short for !tream*ditor5 and although e tremely powerful.. not easy to use and
definately too complicated for me.. !o herewith Iust an e ample;
Eou can copy the contents of a weGpage with a simple select all and copy 5 paste this into a
t t file5 save t t file weG.t t\ ;
8/19/2019 wordlist_parte2
10/12
'ransform a space into a new line;
sed se[[bspaceb]]eRneg Mi weG.t t
(emove empty lines;
sed /XV/d Mi weG.t t
'hen sort alphaGetically and e clude duplicates;
cat weG.t t P sort P uniJ > weG sorted uniJ.t t
!o with Iust a Ctrl _ )5 Copy Y ?aste and lines of code you have a wordlist of all words on
a specific weGpage.
%Gviously some weGsites are Getter suited for this than others5 however it is still a JuicQ and
dirty way to get a decently focussed wordlist and you can then clean it up further with sedcommands and password inspector see lower down in the post\.
'o remove any periods from the front of the words;
sed s/X[.]// Mi weG.t t
'o remove any comma from the end of the words;
sed s/[5]V// Mi weG.t t
8/19/2019 wordlist_parte2
11/12
)ppending characters to each word in wordlist such as - \;
sed s/V/- / wordlist.t t > wordlist- .t t
'o delete lines in file containing certain character containing L L\;
sed / / d Mi wordlist.t t
or to create a new file with those changes;
sed / / d wordlist.t t > wordlist-.t t
!ome good information on !*D usage can Ge found here .
)*
%%
'he tr command is handy as well5 for instance to change upper to lower case or vice versa;
tr [bupperb] [blowerb] > wordlist lower.t t
:nformation can Ge found here .
Using +get 8 +yd
%%%%%%%%%%%%%%
'his is much more refined way of getting words from a weGsite5 even going down several
layers in the weGsite.
7irst we maQe a folder and move to it;
mQdir tr
cd tr
'hen we start wget to grap all from a site5 specifying how deep we want to go Ml\
wget Mr Ml - Mnd httpb//www.theregister.co.uQ
'hen to go to wyd and use it to e tract all words from the downloaded files.
cd /pentest/password/wydperl wyd.pl Mn Mo T/wordlist'(.t t T/'(/
http://www.oracle.com/technology/pub/articles/dulaney_sed.htmlhttp://www.oracle.com/technology/pub/articles/dulaney_sed.htmlhttp://linux.about.com/library/cmd/blcmdl1_tr.htmhttp://www.oracle.com/technology/pub/articles/dulaney_sed.htmlhttp://linux.about.com/library/cmd/blcmdl1_tr.htm
8/19/2019 wordlist_parte2
12/12
9ead GacQ to root
cd T/
cat wordlist'(.t t P sort P uniJ > '( sorted uniJ.t t
!o now we have a t t file with all words from the -st level of theregister.co.uQ in alphaGetical
order without duplicates.
:ts handy to rememGer that the sort function Gases the sorting on the order as defined in the
)!C:: taGle and so will sort )6CaGc instead of )a6GCc.
'o get a real alphaGetical sorting order5 use the Mf command;
cat wordlist'(.t t P sort Mf P uniJ > '( sorted uniJ.t t
4assword nspector
%%%%%%%%%%%%%%%Eou can use ?assword inspector to tidy up wordlist files Gased on minimum
and ma imum password length and which character set you want it to contain.
cat '( sorted uniJ.t t P pwMinspector Mm # M -0 > '( optimised.t t
!o the aGove some ways to get wordlists and how to manipulate them to your liQing
? % ! ' * D 6 E ' ) ? * ) ' -#b#0
$ - - ' ) & :
4 & ) " $ - - ' )
http://adaywithtape.blogspot.com.es/2009/05/wordlists-and-wordlist-manipulation_11.htmlhttp://adaywithtape.blogspot.com.es/2009/05/wordlists-and-wordlist-manipulation_11.html