Apr 082010
 
 April 8, 2010  Posted by at 11:32 am security Tagged with: , , , , , , , , ,  Add comments

I wanted a larger wordlist than the default /usr/share/john/password.lst, with only 3115 words. Openwall sells a really great wordlist, but if you don’t need anything that fancy you can follow these instructions. The apt-get bit is debian specific. I will install dictionaries and then concatenate them all into one file, remove duplicates, lower case and configure john to use the new list.

apt-get install john wamerican-huge wamerican-insane wamerican-large wamerican-small wamerican aspell
aspell dump master > custom-wordlist
cat /usr/share/john/password.lst >> custom-wordlist
cat /usr/share/dict/american-english* >> custom-wordlist

You can concatenate more wordlists into the custom-wordlist file as you find them. Debian has lots more dictionary type packages. For instance, apt-cache search wordlists. Use dpkg -L [installed-package-name] to find where the actual word list file is installed.
Lets count how many lines (words) are in our wordlist so far:

wc -l custom-wordlist

I got 1484152, There must be tons of duplicates. Lets get rid of them. We can also lowercase everything, since john toggles case automatically for us.

tr A-Z a-z < custom-wordlist.txt > custom-wordlist_lowercase

Now we remove the duplicates

sort -u custom-wordlist_lowercase > custom-wordlist_lowercase_nodups

How many lines do we have now?

wc -l custom-wordlist_lowercase_nodups
613517

Now we can set john up to use our custom wordlist file.

Edit the file /etc/john/john.conf
Wordlist = [path to custom-wordlist_lowercase_nodups]

Now we are ready to crack some passwords! First, combine the passwd and shadow files. This will allow john to use the GECOS information from the passwd file. GECOS is the user information fields such as first, last and phone. These fields will be used by john to make a more educated guess as to what that users password might be.

unshadow passwd shadow > unshadow.txt

run john against the resulting unshadow.txt file

john unshadow.txt
Loaded 15 password hashes with 15 different salts (FreeBSD MD5 [32/64 X2])

  2 Responses to “* Creating a custom wordlist for john the ripper”

  1. what about generating wordlist following, for example, this rules: “compose words using only one ‘a’, two ‘b’, only three ‘c’, five ‘d’ and so on and one ‘2’”?
    and also: “skip when word contains ‘abc’, or ‘ccc’…”? and maybe more: “for every word perform left char shifting by one, as: abbcdd2d -> bbcdd2da -> bcdd2dab and so on…”? that’s why I’ve wrote bruteforge! you should give a look.

  2. I went to download it, all I could find was a binary. Not really sure what it is… where can I get the source? Also, I don’t see any license for this software. What are you distributing it under?

 Leave a Reply

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

(required)

(required)

*