One of the most used password pentesting method is password dictionary attack. In this case, the cracking tool sequentially checks all possible passwords stored in special files called password dictionary.
Typically, password dictionary store frequently used passwords and familiar words, such as names and place names.
Password Dictionaries may contain words from various languages of the world. Password crackers check them one by one in search of a suitable one.
If you decide to use password dictionary attack, you will need some basic dictionaries or whats called password list.
Kali password dictionary
These hacking dictionaries are already present o Kali Linux. So we can safely use it without download anything.
RockYou (/usr/share/wordlists/rockyou) is the most popular pentest dictionary for any business. It can also be used for WiFi, but I recommend that you first clean up inappropriate passwords using the same pw-inspector.
So if you are using Kali Linux before you download any password dictionary you may check rockyou password list that comes in every kali Linux image.
You can use it to perform a dictionary attack, at least try the one you have before you download a new one.
Kali Linux provides some Password dictionary files as part of its standard installation named rockyou.txt.
you can find that file here :
if this one doesn’t work check the end of this article and you will find what you want.
but for now let’s check rockyou.txt.gz.
So let’s take a copy of rockyou.txt.gz to root directory
To do so write this command:
cp /usr/share/wordlists/rockyou.txt.gz .
Now to unzip rockyou wordlist type:
you will get a new file rockyou.txt
To know how many passwords this file contains type:
wc -l rockyou.txt
The password inside this file include password’s with more and less then 8 characters
so if you want to use it for WPA2 Penetration Testing you should make a dictionary that contains passwords with minimum 8 characters so it becomes a wpa dictionary and Make sure you have a monitor mode wifi adapter that support WPA2 cracking
To do that type this command :
cat rockyou.txt | sort | uniq | pw-inspector -m 8 -M 63 > rockyoulist.txt
rockyoulist.txt contains 9606665 passwords that’s a huge list 😉
I called mine rockyoulist.txt but maybe you should call it passwordlist.txt if you are making it for WiFi penetration or anything you want just remember it.
Now you have a good password list containing the most used password in the world.
Best password dictionary Download
To download new password dictionary / password lists to make your list even bigger check those tow website with an updated dictionary
Weakpass is the best place to get new password list with fresh and updated password, the website update it’s list almost everyday, honestly you wont need any other place to download password list after trying weakpass.com
you can download by direct link or using torrent both are availabl
Skullsecurity is not updating it’s list at all but you may check it ! it was one of the best one day.
Password dictionary attack
Not all software contains exploitable vulnerabilities (as some would like). But the chain, as you know, breaks at the weakest link. And it doesn’t matter how strong the rest of the links are if we find the weak.
Very often, the weak link is the person. That is why social engineering is quite popular. Another type of attack, which I would also attribute to the human factor, is an attack on weak passwords. As it became known from recent news , even some computer security professionals, real hackers, sometimes use weak passwords.
Password attacks can be divided into two large groups: a hash attack and an attempt to pick up a password for authentication. We will not dwell on their characteristics in detail. Since password dictionary attack is possible in both groups.
So we come to the most important thing – where to get the dictionaries. Different tasks require different dictionaries:
- if we brute force login to a remote service, then we need not very large dictionaries, but with the most common usernames and passwords. This is due to the fact that most network services have a customized brute force protection. Those. so that our IP is not blocked by an automatic script, we must make a long interval between attempts. It will take a lot of time, so it makes sense to start only with the most popular sets of words;
- Bruteforcing a Wi-Fi network password (in an intercepted handshake), we still need a high-quality dictionary with popular passwords, but the larger the dictionary, the better, especially if you have medium or strong hardware;
- Bruteforcing the addresses of admin areas, subdomains, directories, files – you need a specialized dictionary with the most common addresses.
I think the meaning is clear: you can’t have one best dictionary for all occasions. There should be several such dictionaries.