Password Profiling Tutorial

[overflow]

Password Profiling

Using random word-lists to crack passwords can be a very long process due to large number of combinations. Password Profiling means, using words used by or about the victim in order to generate and include those in a customized word list.
To make this task shorter you can try to profile the password, because the creators of passwords are human beings, beings of habits. So I'll show you the basics of profiling passwords and you can research and customize deeper..


1. Scrape the web-server and output the generated word-list from words found in that web-server using cewl in kali linux

Code: [Select]

cewl www.example.com -w example-list.txt
To check for the length of your generated word-list:

Code: [Select]

cat example-list.txt |wc -l
2. Customize your generated wordlist by adding rules in john the ripper

Code: [Select]

nano /etc/john/john.conf
and then proceed to add rules to those passwords in order to customize a better word-list

example:

$[0-9]$[0-9]  #In each word, this rule will add 2 numbers at the end of the word

Finally, just output the word-list one more time and you got yourself a list of possible passwords used by the victim.

[th3l4st]

I suggest you take a look at CUPP on GitHub! It's a tool written in python that creates wordlists based on information you input. I read of a guy who actually managed to find 16 passwords in 20 tries with it!

https://github.com/Mebus/cupp