# Password lists ## Entropy Calculator {% embed url="" %} ## Default Credentials {% content-ref url="/pages/qqzJ1keOOlfL6KlhTMDd" %} [Default Credentials](/0xss0rz/pentest/brute-force/default-credentials.md) {% endcontent-ref %} Bruteforce with default credz: {% embed url="" %} ## Top20 - France ``` 123456 123456789 azerty qwerty123 qwerty1 azertyuiop marseille doudou loulou 12345678 1234561 000000 chouchou motdepasse soleil mypassphrase 1234567 password nicolas camille ``` ## Top200 ``` 123456 123456789 12345678 password qwerty123 qwerty1 111111 12345 secret 123123 1234567890 1234567 000000 qwerty abc123 password1 iloveyou 11111111 dragon monkey 123123123 123321 qwertyuiop 00000000 Password 654321 target123 tinkle zag12wsx 1g2w3e4r gwerty123 gwerty 666666 1q2w3e4r5t Qwerty123 987654321 1q2w3e4r a123456 1qaz2wsx 121212 abcd1234 1qaz2wsx asdfghjkl 123456a 88888888 Qwerty123! Qwerty1! 112233 q1w2e3r4t5y6 football zxcvbnm princess Qwerty1 aaaaaa Abcd1234 Password1 sunshine 147258369 Qwerty1234 fuckyou Qwerty12 123qwe computer baseball 159753 superman azerty dearbook pokemon michael 1234qwer 1234561 888888 daniel 111222tianya 12345678910 1qaz2wsx3edc 123456789a 123654 P@ssw0rd qwer1234 Qwerty1? 789456123 123456789 Qwerty123? q1w2e3r4 shadow 222222 soccer qwe123 7777777 22535 asdasd admin killer testing qazwsx asdf1234 1314520 555555 12341234 michelle a123456789 charlie liverpool master 123abc 7758521 woaini asdfgh password123 starwars jordan jessica 999999 unknown 1q2w3e 1111111 789456 pakistan 12qwaszx ashley 1111111111 welcome aa123456 jennifer 11223344 thomas 159357 asd123 andrew nicole anthony 147258 trustno1 qwerty12 naruto jonathan hunter 102030 basketball cambiami letmein 987654321 hello chocolate zinch internet samsung asdfasdf Aa123456 justin passw0rd purple blink182 whatever g_czechout tigger123 samantha joshua alexander hannah qazwsxedc 11111 andrea minecraft matthew changeme 123456! 87654321 jordan23 qq123456 1qazxsw2 william 1234567891 123456123 12344321 buster cookie babygirl butterfly batman lol123 qwert robert summer amanda 123654789 aaaaaaaa benjamin mysapce1 333333 facebook chelsea family hello123 maggie freedom cheese ``` ## Top400 {% embed url="" %} ## Small RockYou - 500 {% embed url="" %} ## Rockyou {% embed url="" %} ## Fasttrack {% embed url="" %} ## WeakPass {% embed url="" %} {% embed url="" %} ## Custom List - Tools {% embed url="" %} ### PassGAN {% embed url="" %} ### kwprocessor - generate wordlists of keyboard walks {% embed url="" %} ``` ./kwp basechars/full.base keymaps/en-us.keymap routes/2-to-16-max-3-direction-changes.route > ~/keyboard_walks-2-to-16-3-direction ``` ### CeWL - generate wordlist from crawling website {% embed url="" %} ``` cewl --depth 10 --with-numbers --write cewl.txt "$TARGET" ``` ``` cewl --depth 3 --write cewl.txt http://IP:PORT/wordpress ``` ``` cewl --write cewl_test.txt http://IP:PORT/wordpress ``` ``` $ cewl https://www.inlanefreight.com -d 4 -m 6 --lowercase -w inlane.wordlist $ wc -l inlane.wordlist 326 ``` ### CeWLer - generate wordlist from crawling website {% embed url="" %} ``` cewler --output cewler.txt --depth 5 --min-word-length 2 "http://IP:PORT/wordpress" ``` ``` cewler --output cewler.txt --depth 5 --lowercase --min-word-length 2 --without-numbers "$TARGET" ``` ### Cupp - generate wordlist from known PII ```shell-session cupp -i ___________ cupp.py! # Common \ # User \ ,__, # Passwords \ (oo)____ # Profiler (__) )\ ||--|| * [ Muris Kurgas | j0rgan@remote-exploit.org ] [ Mebus | https://github.com/Mebus/] [+] Insert the information about the victim to make a dictionary [+] If you don't know all the info, just hit enter when asked! ;) > First Name: William > Surname: Gates > Nickname: Bill > Birthdate (DDMMYYYY): 28101955 > Partners) name: Melinda > Partners) nickname: Ann > Partners) birthdate (DDMMYYYY): 15081964 > Child's name: Jennifer > Child's nickname: Jenn > Child's birthdate (DDMMYYYY): 26041996 > Pet's name: Nila > Company name: Microsoft > Do you want to add some key words about the victim? Y/[N]: Phoebe,Rory > Do you want to add special chars at the end of words? Y/[N]: y > Do you want to add some random numbers at the end of words? Y/[N]:y > Leet mode? (i.e. leet = 1337) Y/[N]: y [+] Now making a dictionary... [+] Sorting list and removing duplicates... [+] Saving dictionary to william.txt, counting 43368 words. [+] Now load your pistolero with william.txt and shoot! Good luck! ``` ### Bopscrk {% embed url="" %} ### GeoWordlists {% embed url="" %} ### LDAPWordlistHarvester {% embed url="" %} ### Crunch {% embed url="" %} All possible character combinations created for 5 character passwords ``` crunch 5 5 -o 5char.pwd ``` ### PsudoHash - Generates keyword-based password mutations {% embed url="" %}
### RSMangler - perform various manipulations on a wordlist {% embed url="" %} ### TheMentalist {% embed url="" %} ### Bash ``` for i in $(cat pwlist.txt); do echo $i; echo ${i}2019; echo ${i}2020; done > pwd.txt ``` ``` cp pwd.txt pwlist.txt ``` ``` for i in $(cat pwlist.txt); do echo $i; echo ${i}\!; done > pwd.txt ``` ### Hashcat #### Rules ``` echo 'password' > pw ``` ``` hashcat --stdout pw -r /usr/share/hashcat/rules/best64.rule ``` ``` hashcat --stdout pw -r /usr/share/hashcat/rules/best64.rule > pwlist ``` #### Mutation ```shell-session $ cat custom.rule : c so0 c so0 sa@ c sa@ c sa@ so0 $! $! c $! so0 $! sa@ $! c so0 $! c sa@ $! so0 sa@ $! c so0 sa@ ``` ```shell-session $ hashcat --force password.list -r custom.rule --stdout | sort -u > mut_password.list $ cat mut_password.list password Password passw0rd Passw0rd p@ssword P@ssword P@ssw0rd password! Password! passw0rd! p@ssword! Passw0rd! P@ssword! p@ssw0rd! P@ssw0rd! ``` ### John - Improve the custom list As we all know few password are just simple words. Many use numbers and special characters. To improve our password list we can use john the ripper. We can input our own rules, or we can just use the standard john-the-ripper rules ``` john ---wordlist=inlane.wordlist --rules --stdout > wordlist-modified.txt ``` {% embed url="" %} ## Remove password not compliant - Password policy Example: We know that the password must meet the following conditions: 1. 8 characters or longer 2. contains special characters 3. contains numbers ```bash sed -ri '/^.{,7}$/d' william.txt # remove shorter than 8 sed -ri '/[!-/:-@\[-`\{-~]+/!d' william.txt # remove no special chars sed -ri '/[0-9]+/!d' william.txt # remove no numbers ``` ## [Earn Free Crypto / BTC with Cointiply](https://cointiply.com/r/pkZxp) [**Play Games Earn Cash Rewards**](https://cointiply.com/r/pkZxp)
--- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://0xss0rz.gitbook.io/0xss0rz/pentest/brute-force/password-lists.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.