DEV Community

Cover image for Word lists ,Crunch, John and Hash Cat - All Kali Word List Tools Explained.
ANDGOEDU
ANDGOEDU

Posted on • Edited on

Word lists ,Crunch, John and Hash Cat - All Kali Word List Tools Explained.

πŸ” Overview Of Wordlists ,Crunch, John and Hash Cat - All Kali Word List Tools Explained.πŸ”

Common Password Formats

Understanding password security is crucial, considering different encryption methods for a password like "R@nT4g*Ne!":

  • SHA-1:

    • Output: 12bf203295c014c580302f4fae101817ec085949
    • Characteristics: 40 characters, no clear decryption method.
  • SHA-1 with Salt:

    • Output: bc6b79c7716722cb383321e40f31734bce0c3598
    • Characteristics: 40 characters, with the addition of the word "Free."
  • MD5:

    • Output: 4e84f7e8ce5ba8cdfe99d4ff41dc2d41
    • Characteristics: Encoded into a 128-bit string.
  • AES (Advanced Encryption Standard):

    • Characteristics: Utilizes a symmetric encryption algorithm with a variable bit length.

-- Encryption Algorithms

  • SHA-1-512 (-1-512) Stands for the buffer size when that increases the level of encryption is higher.

-- One Way Hash - Designed for cryptography

  • MD5 and MD4 example (Not Recommended to be Used Vulnerable).

Lets Checkout some commands basics.

Commands Basics

This command is used to generate an actual

echo -n "adminpassword" | sha1sum
Enter fullscreen mode Exit fullscreen mode

Result :

bash efacc4001e857f7eba4ae781c2932dedf843865e

  • HashID is used to determine the type of hash

  • Create a new file called new.hash

touch new.hash
Enter fullscreen mode Exit fullscreen mode
  • Use the nano text editor the copy the result above or create your own.
nano new.hash
Enter fullscreen mode Exit fullscreen mode
  • Note : Inside nano to save the file press CTRL + X and then Y then ENTER To save the file .

  • Now use hashid to determine what hash type this file is using

hashid -m new.hash
Enter fullscreen mode Exit fullscreen mode
  1. Crunch The Command Used here Creates lists with every possible combination of number, you can also use crunch with uppercase and lowercase letters , special characters.
Syntax
Usage: crunch <min> <max> [options]

β”Œβ”€β”€(rootγ‰Ώkali)-[~]
└─# crunch 1 3 0123456789 -O /home/kali/Desktop/phonepassword.txt 

Enter fullscreen mode Exit fullscreen mode
  • Optional Commands for testing
  • Its Optional (Requires alot of PC Resources).
β”Œβ”€β”€(rootγ‰Ώkali)-[~]
└─# crunch 3 10 0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ 
Enter fullscreen mode Exit fullscreen mode
  • Optional - Add generated list to already existing file like rockyou.txt
β”Œβ”€β”€(rootγ‰Ώkali)-[~]
└─# crunch 1 3 0123456789 >> /usr/share/wordlists/rockyou.txt

Enter fullscreen mode Exit fullscreen mode

1. Wordlists

Simply used to generate rockyou.txt and show Word List Files on Kali.

β”Œβ”€β”€(rootγ‰Ώkali)-[~]
└─# wordlists 

Enter fullscreen mode Exit fullscreen mode

Result

/usr/share/wordlists
β”œβ”€β”€ amass - /usr/share/amass/wordlists
β”œβ”€β”€ dirb - /usr/share/dirb/wordlists
β”œβ”€β”€ dirbuster - /usr/share/dirbuster/wordlists
β”œβ”€β”€ fasttrack.txt - /usr/share/set/src/fasttrack/wordlist.txt
β”œβ”€β”€ fern-wifi - /usr/share/fern-wifi-cracker/extras/wordlists
β”œβ”€β”€ john.lst - /usr/share/john/password.lst
β”œβ”€β”€ legion - /usr/share/legion/wordlists
β”œβ”€β”€ metasploit - /usr/share/metasploit-framework/data/wordlists
β”œβ”€β”€ nmap.lst - /usr/share/nmap/nselib/data/passwords.lst
β”œβ”€β”€ rockyou.txt
β”œβ”€β”€ rockyou.txt.gz
β”œβ”€β”€ sqlmap.txt - /usr/share/sqlmap/data/txt/wordlist.txt
β”œβ”€β”€ wfuzz - /usr/share/wfuzz/wordlist
└── wifite.txt - /usr/share/dict/wordlist-probable.txt

Enter fullscreen mode Exit fullscreen mode
β”Œβ”€β”€(rootγ‰Ώkali)-[~]
└─# cd /usr/share/wordlists // cd into wordlists directory 
β”Œβ”€β”€(rootγ‰Ώkali)-[~]
└─# ls -la // list all directory items
β”Œβ”€β”€(rootγ‰Ώkali)-[~]
└─# gunzip /usr/share/wordlists/rockyou.txt.gz //extracts rockyou.txt if not extracted already
Enter fullscreen mode Exit fullscreen mode

2. John The Ripper

Always check the -h or --help option for any tool used on kali to check the syntax and options.

  • Review Options </>
β”Œβ”€β”€(rootγ‰Ώkali)-[~]
└─#john --help
Enter fullscreen mode Exit fullscreen mode
  • Check File Formats John Can Crack. </>
β”Œβ”€β”€(rootγ‰Ώkali)-[~]
└─# john --list=formats // formats and protocols that can be used with john
Enter fullscreen mode Exit fullscreen mode
β”Œβ”€β”€(rootγ‰Ώkali)-[~]
└─#john --wordlist=/usr/share/wordlists/rockyou.txt --format=Raw-SHA1 --fork2 SHA1.txt
Enter fullscreen mode Exit fullscreen mode
β”Œβ”€β”€(rootγ‰Ώkali)-[~]
└─#john --show --format=Raw-SHA1 SHA1.txt
Enter fullscreen mode Exit fullscreen mode

The Same commands apply for SHA224, SHA256, MD5, MD4 for example and the check the formats that john support with the command provided in the above.

3. HashCat - Advanced Password Cracker

  • Utilizes markov statistical theory A russian scientist - with AI.πŸ€–
  • Check PassGAN

πŸ”‘ Core Attack Modes πŸ”‘

  • Dictionary Attack - Tries all words in a list, also known as "straight" mode. (Attack mode 0, -a 0)
  • Combinator Attack - Concatenates words from multiple wordlists. (-a 1)
  • Brute-force Attack and Mask Attack - Tries all characters from given charsets, per position. (-a 3)
  • Hybrid Attack - Combines wordlists with masks (-a 6) and masks with wordlists (-a 7); can also be done with rules.
  • Association Attack - Uses additional information like a username, filename, or hint to attack a specific hash. (-a 9)

Read more about Markov Chains.

hashcat --help
hashcat -m 100 new.hash rockyou.txt
Enter fullscreen mode Exit fullscreen mode

4. MSF/WordLists

Check MetaSploit WordLists

ls -lh /usr/share/metasploit-framework/data/wordlists/

Enter fullscreen mode Exit fullscreen mode

Common Password Formats

Understanding password security is very important, with various tools transforming passwords in distinct ways. Let's consider the password "R@nT4g*Ne!" (Rent Forgone, in common terms) and observe its transformation through different encryption methods:

SHA-1:

Output: 12bf203295c014c580302f4fae101817ec085949
Characteristics: 40 characters, no clear decryption method.
SHA-1 with Salt:

Output: bc6b79c7716722cb383321e40f31734bce0c3598
Characteristics: Still 40 characters, with the addition of the word "Free."
MD5:

Output: 4e84f7e8ce5ba8cdfe99d4ff41dc2d41
Characteristics: Encoded into a 128-bit string.
AES (Advanced Encryption Standard):

Characteristics: Utilizes a symmetric encryption algorithm with variable bit length.
Note: The outcome of AES encryption is highly variable, depending on factors like bit length, making it nearly impossible to predict the final password representation.
In summary, these encryption methods offer different levels of security and characteristics, with varying degrees of complexity and resistance to decryption.

References

πŸ”—Kali Linux Wordlist: What you need to know
πŸ”—crunch
πŸ”—WordLists - Kali-Tools
πŸ”—WordLists - GitLab - repository
πŸ”—John - Kali-Tools .
πŸ”—Openwall -github repository -John
πŸ”—John-The-Ripper-Tutorial - Techy Rick
πŸ”—Openwall -John - Offical Website .
πŸ”—Hash Cat - Wiki
πŸ”—Cap 2 Hashcat
πŸ”—Markov - Chain
πŸ”—Hash Cat - Forums
πŸ”—Security Stack Exchange - Question 260773
πŸ”—StationX - How to use Hashcat
πŸ”—MSF/Wordlists - charlesreid
πŸ”—MSFConsole
πŸ”—How to use hashcat
πŸ”—MSF/Wordlists - charlesreid1
πŸ”—Where do the words in /usr/share/dict/words come from?
πŸ”—SCOWL (Spell Checker Oriented Word Lists)
πŸ”—The spell utility -spell - find spelling errors (LEGACY) - UNIX
What are Different Types of Cryptography?
sha1-vs-sha2-the-technical-difference-explained-by-ssl-experts/
πŸ”—password-encryption
πŸ”—Secure-Programs
SHA-1
πŸ”—What-are-computer-algorithms
πŸ”—What Are MD5, SHA-1, and SHA-256 Hashes, and How Do I Check Them? - howtogeek.com
πŸ”—kali-linux-wordlist-what-you-need-to-know

Johnny
Openwall -info wiki -Johnny
Openwall -github repository -Johnny

Top comments (0)