14 February 2008 | 496,520 views

Password Cracking Wordlists and Tools for Brute Forcing

Check For Vulnerabilities with Acunetix

I quite often get people asking me where to get Wordlists, after all brute forcing and password cracking often relies on the quality of your word list.

Do note there are also various tools to generate wordlists for brute forcing based on information gathered such as documents and web pages (such as Wyd – password profiling tool) These are useful resources that can add unique words that you might not have if your generic lists.

Also add all the company related words you can and if possible use industry specific word lists (chemical names for a lab, medical terms for a hospital etc).

And always brute force in the native language.

You can find a simple wordlist generator in PERL here.

Although old, one of the most complete wordlist sets is here (easily downloadable by FTP too):

Oxford Uni Wordlists

There’s a good set of lists here including many european languages and topic specific lists:

The Argon Wordlists

Here we have 50,000 words, common login/passwords and African words (this used to be a great resource):

Totse Word Lists

There’s a good French word list here with and without accents, also has some other languages including names:

Wordlists for bruteforce crackers

One of the most famous lists is still from Openwall (the home of John the Ripper) and now costs money for the full version:

Openwall Wordlists Collection

Some good lists here organized by topic:

Outpost9 Word lists

Packetstorm has some good topic based lists including sciences, religion, music, movies and common lists.

Packetstorm word lists

You can also check out some default password lists and if you aren’t sure what tools to use I suggest checking out:

Enjoy! And as always if you have any good resources or tools to add – do mention them in the comments.

Digg This Article!



Recent in Hacking Tools:
- BurpSentintel – Vulnerability Scanning Plugin For Burp Proxy
- Garmr – Automate Web Application Security Tests
- ParanoiDF – PDF Analysis & Password Cracking Tool

Related Posts:
- The Associative Word List Generator (AWLG) – Create Related Wordlists for Password Cracking
- Crunch – Password Cracking Wordlist Generator
- RSMangler – Keyword Based Wordlist Generator For Bruteforcing

Most Read in Hacking Tools:
- Top 15 Security/Hacking Tools & Utilities - 1,864,275 views
- Brutus Password Cracker – Download brutus-aet2.zip AET2 - 1,053,180 views
- wwwhack 1.9 – Download wwwhack19.zip Web Hacking Tool - 622,635 views

Low-cost VPS Hosting

35 Responses to “Password Cracking Wordlists and Tools for Brute Forcing”

  1. eM3rC 14 February 2008 at 8:06 am Permalink

    Wow awesome post!

    I could have really used this a couple of weeks ago. Thanks Darknet!

  2. madmax 14 February 2008 at 10:49 am Permalink

    Nice……

  3. Chaosvein 14 February 2008 at 4:07 pm Permalink

    Sad there was no mention of Brutus even though it is old school.

  4. agent0x0 14 February 2008 at 6:47 pm Permalink

    Nice article. The Openwall “full version” CD is primo…highly recommended!

  5. James C 14 February 2008 at 9:32 pm Permalink

    I hate brute force’in its way to slow.

  6. hal 15 February 2008 at 2:05 am Permalink

    Funny, I just spent a few hours putting together a dictionary for John the Ripper. Gave me a reason to dust off my crappy perl skills to merge, sort, and de-dupe the file.

  7. Pantagruel 15 February 2008 at 2:12 am Permalink

    Thanks for the great compilation of wordlists. I guess most of the really interrested folks have compiled their lists over the past few years. But it never bad to do a diff against these well established ones.

  8. eM3rC 15 February 2008 at 5:54 am Permalink

    @agentoxo

    Ill check that out. Thanks for the recommendation.
    Ophcrack is also a good linux distro for password cracking.

  9. zupakomputer 15 February 2008 at 7:19 pm Permalink

    I’m always suprised anything really requiring a password would allow more than a reasonable amount of login attempts.

    Of course, that they’d likely set up automated password resets or reminders should the account be locked out in that way, is probably just making another route open to be exploited to gain entry. Guess where else they store password files! Plus it’ll use javascript when it’s not even needed. I’ve gotten fond recently of running javascript-intensive sites through the W3C verifier when they don’t display right on my browser, then sending them e-mails saying do they know their site / page contains 700+ errors in code – that’s a real figure btw, for a site with loads of network security articles…(not this site, in case anyone thinks that’s some sort of dig, it was techrepublic).

  10. Tom 16 February 2008 at 12:29 am Permalink

    Great article.
    OPHCrack is a nice tool for NT passwords

  11. eM3rC 16 February 2008 at 3:40 am Permalink

    @zupakomputer
    It seems that a lot of the java heavy sites are quickly scripted and usually have a lot of ways in.

    Poor programming? Maybe. Improper knowledge of computer security when programmed? Most likely.

  12. zupakomputer 17 February 2008 at 6:54 pm Permalink

    A lot of webdesign is taught via using apps like say Dreamweaver or Frontpage (or whatever ones have javascript insert selection buttons, I haven’t used any new editions for ages), the coding isn’t always taught.

    Even a simple text-and-some-images (no js) page done in a Frontpage I have here generates a huge amount of code when you look at the code view; so say if it were replaced via ftp there’s a ton of places to hide or just shove some extra lines in.
    Of course if that’s noticed then the page would likely be re-replaced again with the intended original, but the point is they probably wouldn’t know how it was altered even if the code was read over.

  13. eM3rC 17 February 2008 at 10:46 pm Permalink

    When looking at web design or any other cookie cutter programming pieces of software there will always be gaps and glitches. Computers are not perfect and never will be.

    For people using something like Dreamweaver or Frontpage it seems like the best thing to do if your in a hurry (or just don’t want to hand write the entire website by hand) is to use the program, distribute the code, then go back and hand correct any errors or cut down on the code so its efficient and more secure, then update the site. Although its iffy of when you should do this. It would seem to be ok for jobs that need the site fast but also want it to be safe.

  14. zer0x 19 February 2008 at 2:16 pm Permalink

    If you need basic dictionary quickly on a linux system don’t forget about the ispell dictionary files usually found under /usr/share/dict.

    There are currently 25 languages available from the ubuntu repositories :D

  15. zer0x 19 February 2008 at 2:54 pm Permalink

    @hal – If you don’t have perl etc. available you can pretty much guarantee the following will work on most *nix systems for a quick merge-sort-remove duplicates:

    cat *.wordlist | sort | uniq > wordlist.all

    Whilst i’m here.. quick l337 speak filter anyone?

    cat plain.wordlist | sed -e 's/a/4/g' -e 's/e/3/g' -e 's/i/1/g' -e 's/o/0/g' -e 's/s/5/g' -e 's/t/7/g' > l337.wordlist

    :D

  16. whap 30 April 2008 at 3:41 am Permalink

    zerox, I love the filter! that really was a good idea.

  17. Got_WEP? 11 July 2008 at 8:58 pm Permalink

    Ok, I have a question. I have been looking everywhere and I cant find a bruteforce list dictionary anywhere! I found a program that will write one (kind of): http://www.governmentsecurity.org/forum/?showtopic=8342 but it takes feakin forever, like 3 wps! it would take years to make a proper dict with say 16 chars, and it only writes how many chars you specify. I need one that will write all possibilities from 1 char to like 16, all possibilities based on a charset, and will write at like 100,000 a sec to make it worth the while. does anyone know or have any idea where to get such a program? Or is there a list already created like this? I know it would have to be HUGE! It wouldnt have to be up to 16 chars in length, I would settle for like 10. Thanks!

  18. haliborange 12 July 2008 at 1:04 pm Permalink

    You won’t get anything worthwhile anyway from anyone that uses known words as their password. For that other thing, try writing a bash script that uses each character (for however x amount of characters the password is) in combination with all other characters; it’s just maths. That part isn’t the hard bit – the hard bit is getting that to run over a remote connection, as well as actually sending each combo as a login try. You’d have to wrap them up in disguised spoofed packets, from behind a fortess connection, or you get caught and then you die. You Die! You go cracker hell!

  19. razta 13 July 2008 at 5:18 pm Permalink

    @haliborange
    “You wont get anything worthwhile anyway from anyone that uses known words as their password.”

    There are old machines on lots of networks that have been forgot about and have weak passwords, these machines can be very useful to a hacker.

    A weak paypal account password is worthwhile to almost any one with bad intentions.

    Just because some one uses a weak password doesnt mean breaking it isent worth while.

  20. Baba ORLY 14 July 2008 at 2:59 am Permalink

    I wouldn’t count stealing a paypal users password as worthwhile! Are you going to check first to see if they’re really rich and can afford to lose a few quid? I meant worthwhile in the sense of ‘should you do that or not’ cause bad karma is definitely NOT worthwhile.

    Fair enough though about going into other boxes, but it’s still about intent of why you would do that; ‘hacker’ and ‘cracker’ used to be distinct terms and hacker never meant being an online bagsnatcher. Besides for online password cracking you would need to be capturing their login$ beforehand somehow, and that would mean listening in on paypals authentication servers in the above case. You wouldn’t just be able to keep logging in over and over again with each generated password, it’d be noticed someplace secure like paypal.

    Hell! You go crackerhell!

  21. Got_WEP? 14 July 2008 at 12:41 pm Permalink

    Well, let me get down to the reason I would like such a file. I am currently looking at WPA wireless hacking, and the only thing I need is a 4-way handshake, and I can work on cracking my way in offline. I have the handshake (very easy to attain), but I think that a much more permenant solution to trying random words would be to use EVERY combination. And I already have a method that will try up to 200,000 possibilties a second. So once your in the network, you can just sit back and watch traffic go by and get all that juicy info you want. But thats not what I want, i’m not that evil. And also, about making a bash script, I dont know the first thing about making one but if you would like to throw one out there that would get the job done that would be awesome. ;)

    And oh yeah, I need the possibilities of 6 chars. and up, because WPA passkeys have to be a minimum of 6 chars. I dont even know how many possibilites that is, say for all lower case, uppercase, and 0-9. I used to know the formula to figure that out but its been a long time and I have forgotten. It might not even be a feasible option after getting so far up in character length, like 10 characters, I dont know.

  22. boris not-the-webmaster 14 July 2008 at 6:23 pm Permalink

    I too forgot how to calculate that, and if I remember correctly from the info I then got – add up all the characters in use, and multiply that number by itself (for a 2-character key; for a third character you use each of the previously generated combos alongside each character again, and so on). But I’m not confident that is correct (that the rule is to merely multiply it – it looks more like you do that first then for each additional character you add on the amount of characters in use), and being maths it’s impossible to look it up unless you’ve studied a lot of maths and know what the terms are for the operations and functions you want to do.
    (exactly like network security and computers in general then – you know what you want to look for, but what have they named it?)

    Anyways…..isn’t there a WPA cracker built in to one of the well-known wireless apps? I thought aircrack or wireshark did that; maybe not then. I haven’t gotten into that much because I ain’t got anything portable like a laptop.

    [ eg for a 20 character set - 1st column = 20 (different characters); 2nd column 1st row = 20; 2nd column 2nd row = 20; 2nd column 3rd row = 20 ......... down to 2nd column 20th row = 20; then the third column is the same as the second column and so on - the amount of columns representing the length of the password - if it's outputted that way then you have a wordlist of all combos,
    so it's 20 and add 20 twenty times if the password was only 2 characters from a character set of 20.
    I'm rubbish at getting rules for these kinds of things, I never really did any maths, I can just see how it would be coded to run - as far as running it being feasible, that just depends on your hardware. But nooo, I don't have a pre-written script. I don't think it'd be that difficult to write though. ]

  23. Got_WEP? 14 July 2008 at 6:42 pm Permalink

    Aircrack is exactly what I am using, but it requires you to provide your own dictionary in a .txt or .pwl, thats why I am going this route. I think that the formula has to do with the factoral if I remember correctly, as how combinations of 6 charaters are there would be 6! (6 factoral) or 6x5x4x3x2x1. but that is if each columb has only one chacter. ie how many combinations of 123456 are there like 234516 and so on. Now how to incorporate that where each place has multiple possibilites, that is the formula I forgot. I think I have some old algebra 2 books around somewhere, I will just have to dig them up and figure all this out so I know if I’m waisting my time or not.

  24. razta 14 July 2008 at 6:59 pm Permalink

    @Baba ORLY/haliborange/anyotheraliasyouwishtobeknownas

    You have completly missed my point. As for bad karma, if there was such a thing I would definitely be burning in hell fire right now.

    “Besides for online password cracking you would need to be capturing their login$ beforehand somehow, and that would mean listening in on paypals authentication servers in the above case. You wouldn

  25. what goes around comes around 15 July 2008 at 12:07 pm Permalink

    Right sure – there’s no soul audit after you die. You keep banking on that one since you know all about why this reality even exists. Maybe if we crack your hdd encryption it’ll have the Unified Field Theory: Proof on it in its final form. Cause every human culture on the planet, except for one that began very recently, are all wrong about what existence actually is, and it’s your proofless model that sometimes claims to be ‘rationalist’ that is correct, because as we all know so many people have returned from the dead to explain that there’s no need at all to behave properly or to be in any way responsible.
    Besides you probably are in hell anyway and you haven’t noticed that yet. You are aware of the kind of timescales and factors you are using there to arrive at the conclusion that there’s no such thing as cause-and-effect in the physical reality of thoughts, emotions, and actions?
    What do you think you can do to avoid cause-and-effect: build a time-machine and keep skipping about in time to try to avoid the ripples in this finite pond from converging upon you? Forever?

    You’re the one that clearly hasn’t got a clue what you’re gibbering on about, if you think you can keep on logging in to a place like paypal in realtime, over and over again trying different passwords until you get the right one. Do you realise how many back-and-forths they do per each submitted password? And how obvious it is in terms of timings if you are submitting many logins in an automated way?

    How exactly do you intend to get the password a user types in unless you are capturing the data they are sending to be logged in as? Other methods of getting passwords are OTHER METHODS and don’t require being bruted online at any point.

    Got_WEP: Such a script would work in perl also, if you know that.

    I reckon it already exists someplace, it’s kind of like a skeleton key that is hardware dependent – for any given character-set and password length it can generate all possibilities.

    So you can either have prepared files of character sets or enter the used characters in manually, and the process would build up tables that are then used as the wordlists (which you input into the cracker apps / exes / etc).
    So if it’s A-Z a-z 0-9 (length=2) then you need to tell it to do a column for each of those, and then alongside each you tell it to put all the other characters. eg 61 instances of A paired with every other used character, 61 instances of B paired with every other used character, and so on.
    Then you’ve generated all combos when the length=2, so to add in for length=3 it’s the same process: you just add to the end of each 2-length column the third character (and again you need to insert all possible characters in that third column – per each of the 2-length column combos).
    So that would build up a list of every possible combo, for the given character set.

    The other part, is separate, the part where you want to be able to use the wordlist in. Where you can ignore certain strings and have it only run through combos that have a particular character in a particular place, and all that.

    I wonder how long the likes of the Roadrunner would take to generate all combos of an a-zA-Z0-9 up to say 256 length password…….I suppose it depends on what it’s coded in and how the hw is doing those calculations. Must be fast though, even on mismatched hw-languages.

  26. Darknet 15 July 2008 at 4:25 pm Permalink

    You guys need to learn yourself something about Rainbow Tables and Rainbow Cracking..

  27. dat b true 17 July 2008 at 10:33 am Permalink

    “You guys need to learn yourself”

    Oh no! It’s my Scottish English teacher!

  28. dat b true 17 July 2008 at 10:42 am Permalink

    So that’s what you were talking about here with all that rainbow tables stuff, I thought those were about IP configs (ie – having tables of ranges to be scanned and IPs you use for various testing scenarios). As usual, something I’ve thought right through has a weird inappropriate name and is known as something else entirely.

    What dee hell is a ‘salted hash’? I’m guessing it doesn’t come with NaCl sprinkled on it.

  29. razta 17 July 2008 at 10:35 pm Permalink

    @dat b true
    To my understanding a salted hash is an encrypted hashed password which has been encrypted with a salt.

    Salt = Encryption key
    Hash = Encrypted text

    The salt can be changed every time the hash is queried and is irreversable.

    Thats my understanding I may be way off line.

  30. ovni 18 July 2008 at 12:37 pm Permalink

    Double encryption then? it sounds like.

    O.T.:

    I know a lot of encryption systems say they are irreversible, I’m not so sure that’s true (ie: actually possible, although they are ‘practically’ irreversible). Is it really feasible to do anything to a number that cannot be done in reverse……maybe what they mean is that when an encrypt is being done based upon previously obtained values, and then also has some kind of randomisation of data thrown in, it’s harder to break because even if you know what the encryption standard in use is – you’re having to backwards calculate a value to fit whatever round of the encryption standard deals with that phase, hence there could be many possibilities and you then have to backwards calculate each of those also.

    (there’s a certain cartoony funny quality to all this though, given that if you have an all-possibilities wordlist and an appropriate bruter (and the hw) then the ‘game’ is up, and everyone has to rely on constantly changing morphing encrypts. At least, that’s how it looks to me anyway when I’m reading through the great lengths and amount of phases that go into generating what turns out to be the usual – a keyword that unlocks the encrypted data or communication.)

    “And by the way, ah hates the rabbit!”

  31. Got_WEP? 24 July 2008 at 8:30 pm Permalink

    Ok, time to update my earlier postings regarding finding or creating a brute force word list, and let you all know what I figured out on the subject.

    So it turns out that I came across my answer while studying to take CompTIA’s security plus exam. According to the security + book, the answer is based on exponential factors. I will quote the passage:

    “Passwords should be as long and as complicated as possible. Most security experts believe a password of 10 characters is the minimum that should be used if security is a real concern. If you use only the lower case letters of the alphabet, you have 26 characters with which to work. If you add the numeric values 0 through 9, you’ll get another 10 characters. If you go one step further and add the uppercase letters, you’ll then have an additional 26 characters, giving you a total of 62 characters with which to construct a password.

    If you use a four-character password, this would be 62x62x62x62, or approximately 14 million password possibilities. If you use five characters in your password, this would give you 62 to the fifth power, or approximately 92 million password possibilities. If you used a 10-character password, this would give you 64 to the tenth power, or 8.3 x 10^6 (a very big number) possibilities. As you can see, these numbers increase exponentially with each position added to the password. The four-digit password could probably be broken in a day, while the 10-digit password would take a millennium to break given current processing power.
    If your password used only the 26 lowercase letters from the alphabet, the four-digit password would have 26 the the fourth powe, or 456,000 password combinations. A five-character password would have 26 to the fifth power, or 11 million, and a 10-character password would have 26 to the tenth power, or 1.4 x 10^15. This is still a big number, but it would take only half a millennium to break it.”

    So in my situation if i were to create a brute force word list that only covered the MINIMUM number of characters required in a WPA key, the possiblities would be 62^6, or 56,800,235,584 words in my word list. And that does not included nonalpabetic characters such as #,$, and %.
    Oh well, i guess i will just stick with really large random password lists.

  32. razta 24 July 2008 at 11:40 pm Permalink

    You could do it with out a list. Just have the software try every posible combination, starting with the most common/easy first. This is the way JTR works.

  33. Darknet 25 July 2008 at 5:58 am Permalink

    Breaking WEP is done by leveraging a weakness in the crypto implementation, this is how most cracking works.

    Using pure simple brute force isn’t practical.

    Like Rainbow crack for ‘reversing’ hashes, it only works if they are unsalted.

    And Windows hashes can be cracked so quickly due a flaw in the way they are stored.

  34. zupakomputer 25 July 2008 at 3:15 pm Permalink

    D’you mean that because the encryption method is known, and the character set in use is known, that the password hashes having been aquired (because where those are stored – is also known) coupled with some background info on who the passwords belong to (eg – their username), makes it easier to ‘guess’ a range of potentials?
    That sounds like a lot of on-site recce though. Either that or you’d have to have gotten into the system anyway, to be able to get the password hashes! So while you’re in there, you could have easily made an admin account (and then some) – so then you don’t need anyone’s passwords…

    (I get that there are those easily-guessable words that are likely to be used, and during any security testing you’d obviously have to emulate what any attacker would bruteforce with; then it’s a case of ‘well we found 20 people using these insecure passwords, so you’ll have to have those changed and inform them not to use such things’)

    I still think that the actual generation of all possible combos is possible realistically with some more recent hardware (eg – a couple of overclocked CPUs and say 3 GPUs in SLi), but again those combos still have to be entered-in – offline that’s fairly easy, as automatic login scripts exist even if you don’t know what to write them in yourself, but online in realtime it’s obviously much more difficult to pull off. But given an anonymous high-bandwidth link to the machine the access is wanted to, it’s still in the realms of possibility, and getting more possible day by day. Even a botnet could be busy processing away for that purpose.

  35. zupakomputer 25 July 2008 at 3:23 pm Permalink

    re: the first paragraph I wrote just there – fair enough, maybe some people want a password for an account so they can use that account as un-noticed as possible, and they wouldn’t want to make an admin or root account to do things with. But I still don’t see how that process would be any less noticable than an extra account – unless they aren’t going to do anything using the cracked account. Cause as soon as they do anything shady – it’s likely to show up, then they are locked out again anyway when the admins realise someone’s legit account is compromised.

    Anything stealthy where you wouldn’t want what you’re doing to show up, hence the preference to have access to existing accounts; again – you don’t need to go to all that bother to install a rootkit or similar (the bother of having to get the hashes to begin with, etc, which means that you must have been in the system already).