File size

[Difermo]

I'm new to ethical hacking. I'm creating my own dictionary for my country. I was wondering if I have file.txt (size is 2.29MB or 2,408,448 bytes) that have 240 000 lines of passwords, can I somehow find out how big will be file2.txt if it have every possible combination combining 2 words?
For example file.txt have:

dog
cat
bird

And file2.txt must have

dogdog
dogcat
dogbird
catdog
catcat
catbird
birddog
birdcat
birdbird

Thats 3^2. Sou by my calculation that file shoud be 575000mb or 561gb. Am I wrong?

[HTH]

If you have a 240000 pw dictionary that means your idea would create 240000*240000 (240,000 for each of the original 240,000) passwords, and each roughly twice as long as well. If we presume that 2,408,448 bytes is all data then every line in the first file be ~10 bytes, drop one for the '\n', double it for the new length, add in the new '\n' and we have 19 bytes per line.

19 bytes per line, 240,000^2 lines, would be roughly 1.1 TERABYTES, I presume you forgot to double the line length in your calculations.

[Killeramor]

That is a big ass file

[Difermo]

1.1T is Huge. That file would cover every possible combination that regular people use for wifi and demonstrate to my friends how bad password they have.
I can delete 150 000 since I covered every year from 1900 until 2000. Plus I wanted to have all combinetions even smoler then 8 char. But I will add to script to remove every combination that have less then 8.
File have 45 000 lines only with names, surnames, middlenames and words that people generaly use. Everything else is birthday combinations and numbers with special simbols.

[madf0x]

1.1T is Huge. That file would cover every possible combination that regular people use for wifi and demonstrate to my friends how bad password they have.
I can delete 150 000 since I covered every year from 1900 until 2000. Plus I wanted to have all combinetions even smoler then 8 char. But I will add to script to remove every combination that have less then 8.
File have 45 000 lines only with names, surnames, middlenames and words that people generaly use. Everything else is birthday combinations and numbers with special simbols.

I literally can't think of a WPA implementation that would even accept password lengths of 7 or less, so if your focusing on WPA, you might as well cut those lengths out. Also keep in mind that many tools have issues with opening large files like that, so when you go to generate it, split it into numbered chunks so you can feed them into your tools incrementally.

File most def wouldn't cover every possible password used by regular people. More and more APs are setup with a default semi-unique password that you are simply not going to reliably get in a generated password list(outside of flukes or abusing vendor specific bad pseudo-random passwords). Just something to keep in mind. Not to mention as per WPA specification, the ssid is mixed into the crypto, making rainbow tables unfeasible except for some very common ssids, with that in mind remember that its gunna take some serious horsepower to power through a terabyte plus sized list.

You may be better off collecting a few different raw lists and mixing and sorting them manually, so that way you test real world passwords first. Essentially assume that if someone has been proven to use a given password once, someone else is using the same password elsewhere. Far easier to guess that then to try and generate a bunch of 'unique' passwords. Of course the exception being for targeted password generation. However, in the context of wifi security targeted password generation is only reliably useful against business, companies, etc that are more likely to standardize their passwords for easy employee use.  Home users are gunna be using either the default complex password, or using a common password you can find in other lists. Thats just assuming they aren't picking out good secure passwords in the first place.


All this being said, theres a good reason why a lot of serious wifi security research goes into avoiding passwords whenever possible or abuse implementations.

[Difermo]

Well I'm new and so I wanted to create password list for my country (not english language) that I can use not just for WPA/WPA2 hack but for other thinks. That's why I left passwords with lengths less then 7. First list I hade was with dates like 22.12.2012 and same just without dots 22122012
It also hade all numbers up to 7 lenght. I remove them two. Leaving just dayofmonths (0210).
I removed dates from 1900 to 1950 and all that have dots. Plus I get all passwords to lowercase.
The file is 0.560mb. So it will produce wordlist.txt that will be 62gb. Since I inserted code in python script not to print if lenght is less then 8 It would probebly be lower then 50gb.

I tought to run it with aircrack since i collect handshake but I see aircrack cant work with files bigger then 2gb. Is that true? How to split them in kali linux? since i dont know how to do that in python (just started learning it)

I downloaded lots of password list. But lots of them are for diferent languages and the one that have cracked passwords that people use, doesnt work. So the only solution was to build my own dictionary for my country (it doesn't exist or people hide it).

I gess I will have to read a lot for ethical hacking. It's good to know how it works and protect myself (as much as possible). I'm gona read this forum but any sugestion where to start? Some good online ebook or tutorial ?

I will be thankful for everything