GitHub上的:
/danielmiessler/SecLists/tree/master/Passwords/Leaked-Databases
/duyetdev/bruteforce-database
一些博客的:
Large Password Lists: Password Cracking Dictionary’s Download For Free
by Noor Qureshiposted on December 9, from:/password-cracking-dictionarys-download-for-free/For cracking passwords, you might have two choices
1. Dictionary Attack
2. Brute Force Attack.
The Dictionary attack is much faster then as compared to Brute Force Attack.(There is another method named as “Rainbow table”, it is similar to Dictionary attack).
In order to achieve success in a dictionary attack, we need a large size of Password lists.
Here is the list of 1,717,681 passwords & More(Free to download):
If you didn’t get your required password in that dictionary or file you might wanna follow our custom wordlist tutorial forcreating your own wordlist.
10-million-combos.zip85MB
36.4GB-18_in_1.lst.7z5GB
WPA-PSK WORDLIST 3 Final (13 GB).rar 4GB
b0n3z-wordlist-sorted_REPACK-69.3GB.7z 9GB
b0n3z_dictionary-SPLIT-BY-LENGTH-34.6GB.7z 3GB
crackstation-human-only.txt.gz246MB
crackstation.txt.gz4GB
You can find 20+ wordlists here:/t/password-dictionaries/47
Password List Download Best Word List – Most Common Passwords
from:.uk//02/password-cracking-wordlists-and-tools-for-brute-forcing/ Last updated: October 9, | 692,250 viewsPassword list download below, best word list and most common passwords are super important when it comes to password cracking and recovery, as well as the whole selection of actual leaked password databases you can get from leaks and hacks like Ashley Madison, Sony and more.
Generate your own Password List or Best Word List
There are various powerful tools to help you generate password lists or wordlists for brute forcing based on information gathered such as documents and web pages such as:
–Wyd – password profiling tool
–Crunch – Password Cracking Wordlist Generator
–CeWL v5.1 – Password Cracking Custom Word List Generator
–RSMangler – Keyword Based Wordlist Generator For Bruteforcing
–The Associative Word List Generator (AWLG) – Create Related Wordlists
These are useful resources that can add unique words that you might not have if your generic lists, using a combination of generated lists, most common passwords and leaked password databases you can generate a very powerful selection of passwords for brute force cracking.
Also, add all the company related words you can and if possible use industry-specific word lists (chemical names for a lab, medical terms for a hospital etc).
And always brute force in the native language. There are some language-specific resources below.
Password List Download Best Word Lists
Although old, one of the most complete word list sets is here (easily downloadable by FTP too):
Oxford Uni Wordlists
This includes a whole bunch of language specific resources too (Afrikaans, American, Aussie, Chinese, Croatian, Czech, Danish, French, German, Hindi, Japanese, Polish, Russian, Spanish and more).
This is another famous pass list txt which is over 2GB uncompressed, Argon v2:
The Argon Wordlists
Here we have 50,000 words, common login/passwords and African words (this used to be a great resource):
Totse Word Lists
One of the most famous lists is still from Openwall (the home ofJohn the Ripper) and now costs money for the full version:
Openwall Wordlists Collection
Some good lists here organized by topic including surnames, family names, given names, jargon, hostnames, movie characters etc.
Outpost9 Word lists
Packetstorm has some good topic-based lists including sciences, religion, music, movies and common lists.
Packetstorm word lists
French Spanish & Language Specific Word Lists
There’s a good French word list here with and without accents, also has some other languages including names:
french.gz
Spanish password list that has 172122 words:
spanish.gz
Russian wordlist that has 296790 words:
russian2.tgz
Swedish password wordlist that contains 24292 words:
swedish.gz
Tools for Password List Brute Forcing
You can also check out some default password lists and if you aren’t sure what tools to use I suggest checking out:
Medusa 1.4 – Parallel Password CrackerTHC-Hydra – The Fast and Flexible Network Login Hacking ToolCain And Abel Download – Windows Password CrackerJTR (Password Cracking) – John the Ripper 1.7 Released
Enjoy! And as always if you have any good resources or tools to add – do mention them in the comments.
此外,还可以使用crunch来生成密码。
crunch默认安装在kali环境中(05-Password Attacks),Crunch可以按照指定的规则生成密码字典,生成的字典字符序列可以输出到屏幕、文件或重定向到另一个程序中,Crunch可以参数可能的组合和排列,其最新版本为3.6。并具备如下特征:
Crunch可以以组合和排列的方式生成字典它可以通过行数或文件大小中止输出现在支持恢复现在支持数字和符号模式现在分别支持大小写字符模式在生成多个文件时添加状态报告新的-l选项支持@,%^新的-d选项可以限制重复的字符,可以通过man文件查看详细信息现在支持unicode
Crunch其实最厉害的是知道密码的一部分细节后,可以针对性的生成字典,这在渗透中就特别有用,比如知道用户密码的习惯是taobao(taobao+数字年),这可以通过Crunch生成taobao+所有的年份字典,用来进行暴力破解攻击其效果尤佳!
例如:比较有用的命令
(1)生成pass01-pass99所有数字组合
crunch66-tpass%%>>newpwd.txt
(2)生成六位小写字母密码,其中前四位为pass
crunch66-tpass@@>>newpwd.txt
(3)生成六位密码,其中前四位为pass,后二位为大写
crunch66-tpass,,>>newpwd.txt
(4)生成六位密码,其中前四位为pass,后二位为特殊字符
crunch66-tpass^^>>newpwd.txt
(5)制作8为数字字典
crunch88charset.lstnumeric-onum8.dic
(6)制作6为数字字典
crunch660123456789–onum6.dic
(7)制作139开头的手机密码字典
crunch1111+0123456789-t139%%%%%%%%-onum13.dic
文件大小为1144 MB,还可以每次生成文件大小为20M,自动生成文件:
crunch1111+0123456789-t139%%%%%%%%-b20mib-oSTART
(8)在线使用生成的密码
不用把庞大的字典保存在硬盘上,生成一个密码用一个,不过消耗的时间多,比较占用cpu,参数最后面的-表示引用crunch生成的密码,例如无线密码在线破解:
crunch240123456789|aircrack-nga,cap-eMyESSID-w-crunch101012345--stodout|airolib-ngtestdlb-importpasswd–crunch160123456789|johnpwd.txt--stdin-
原文地址:/bonelee/p/9323488.html
如果觉得《暴力破解字典及字典生成器》对你有帮助,请点赞、收藏,并留下你的观点哦!