UPC Broadband routers use 8 capital letters as default password for Wifi and TP Link routers use the 8 digit default WPS PIN. Both can be easily generated with Crunch. Crunch password list generation. Let’s use the following command to have Crunch generate a wordlist containing all combinations of 4 letters. So many sites these days have you create a 'complex' password which usually ends up being an 8-character password with a mix of letters, symbols, and numbers like J5bZ9p! Sites call passwords like these 'strong' when in reality many of them could be hacked in under a day by a determined hacker.
Below are some dictionaries that can be used with Backtrack or Kali Linux. They are plain Wordlist dictionaries used to brute force WPA/WPA2 data captures with aircrack-ng.These are dictionaries that have been floating around for some time now and are here for you to practice with.
Let me first say that I'm doing nothing illegal. I'm doing this for learning purposes only. Using my own virtual network.So I am trying to SSH into a server and say I know there is a user called urbasnlug so ssh urbanslug@ipadress but I need the root passoword.I have a wordlist that contained only strings without alphanumeric strings. How would I use this wordlist to crack a password that has an alphanumeric password which is of mixed cases but the number in the password never goes past 100Say the wordlist had the strings:passwordHow could I use these list to crack a password such as PaSSword99.Maybe in ways other than with the use of word lists.If you can't help me at least tell me why you can't.I can write a C or Python module to do this but I know that there has to be something out there that already exists. You would have to get a string, then iterate it to have it upper/lowercased. 'password' is 8 characters, so you can have 1.
So you have two things to achieve here. The first is generating the set of passwords you wish to try.
The second is throwing that list of passwords against your server.The first problem is a classic use case of, you can have it read in your wordlist, apply some mangling rules (such as appending 0-99 to each word, permuting cases etc), and output a final, complete password list.The second problem is quite easy to solve once you have the password list. You could just loop over the passwords in bash, but if you're really lazy, has an SSH scanner that reads a password list for you.Of course, breaking this down into two stages means you are storing the huge password list as a file. In general you would be more likely to pipe the output from John The Ripper to your SSH scanner, rather than using an intermediate file. First off it will be difficult to get the root password if you are only logged in as a normal user. However, there are different ways of getting 'root' which I believe go beyond the scope of this forum.Nonetheless, I don't get the correlation of where you wordlist comes to play if already know the characters present in the root password;which would mean you have the root password anyway.Try and use to try and retrieve password. You however need a wordlist eg rockyou.txt or any of those available in the OpenWall site (makers of John the Ripper, which is another tool which is only as good as your wordlist.