Word List Creation

bopscrk:

# download
git clone https://github.com/r3nt0n/bopscrk
cd bopscrk 
pip3 install -r requirements 

#OR 
pip install bopscrk

# Run with the following 
bopscrk --min 5 --max 10 --case --leet -w WORDS,TO,ADD,TO,LIST -n 5

Crunch:

# create wordlists between 8 and 9 chars
crunch 8 9

# just use the chars abc and numbers 123
crunch 8 9 abc123

Crunch also allows us to specify a pattern with the -t option with or without a character set. Different symbols in the pattern define the type of character to use.

• @ represents lowercase characters or characters from a defined set

• , represents uppercase characters

• % represent numbers

• ^ represents symbols

crunch 11 11 -t password%%%

The -p option generates unique words from a character set or a set of whole words. Although we still need to provide the minimum and maximum length, those numbers are ignored.

crunch 1 1 -p abcde12345
# or 
crunch 1 1 -p dog cat bird
# or 
crunch 5 5 -t ddd%% -p dog cat bird

this can be used against application by piping the output:

crunch 11 11 -t password%%% | aircrack-ng -e wifu crunch-01.cap -w -

JohnTheRipper:

nano /etc/john/john.conf
...

[List.Rules:Wordlist]
# Try words as they are
:
# Lowercase every pure alphanumeric word
-c >3 !?X l Q
# Capitalize every pure alphanumeric word
-c (?a >2 !?X c Q

...

# Add two numbers to the end of each password
$[0-9]$[0-9]
$[0-9]$[0-9]$[0-9]
# Case toggler for cracking MD4-based NTLM hashes (with the contributed patch)
# given already cracked DES-based LM hashes.  Use --rules=NT to use this.

Create using the following:

john --wordlist=/usr/share/john/password.lst --rules --stdout 

This can be passed to applications like aircrack-ng by piping, e.g.:

john --wordlist=/usr/share/john/password.lst --rules --stdout | aircrack-ng -e wifu -w - ~/wpa-01.cap