Wordlist
A wordlist is a text file containing a collection of words for use in a dictionary attack.
Wordlist Usage
A dictionary attack using a wordlist relies on the fact that most users choose weak passwords. Very common passwords include password, computer, work, and most of the popular female names.
Common Dictionary Attacks Using A Wordlist
The most common uses for wordlists are auditing windows passwords and Unix passwords.
It is also possible to use a wordlist to recover passwords on documents and files, such as Zip passwords.
In fact, a wordlist can be used to to attempt a dictionary attack against any system which allows repetitive login attempts, such as SSH or POP3.
Selecting the Right Wordlist Size
If you have a large number of target accounts, a small wordlist will give you the fastest results. If you have a small number of target accounts, or a single target account, a larger wordlist will increase your chance of randomly finding the right password or key.
Finding a Wordlist
ftp.ox.ac.uk is a great source for an extensive selection of wordlists.
Slang Wordlists
Here are a few slang wordlists which you may find useful:
- Australian Slang
- Computer and Internet Slang
- Cajun Slang
- British Isles Slang
- Canadian Slang
- Miscellaneous Slang
|
|
Comments (1)
Leave a Reply
- Dictionary Attack
A dictionary attack consists of trying “every word in the dictionary” as a possible password for an encrypted message. A dictionary attack is generally more efficient than a brute force attack because users typically choose poor passwords. Dictionary attacks are generally far less successful against systems that use passphrases instead of passwords. Improving Dictionary Attacks [...]...
- How to Audit Unix Passwords
To audit Unix passwords, you must compare each encrypted password in the Unix password file with a set of potential encrypted passwords. These potential encrypted passwords are created by encrypting every password in a list of plaintext passwords. This is an example of a dictionary attack. The Unix passwd File Location The traditional location for [...]...
- How to Audit Windows NT/2000/XP Passwords
Microsoft Windows NT/2000/XP passwords are encrypted as 32-bit one-way hashes using the MD4 messages digest algorithm. This is similar to the way that Unix stores passwords, although the hashing algorithm is different. For compatibility with legacy Microsoft LAN Manager software, Windows NT/2000/XP also stores the passwords redundantly as a 56-bit DES (Data Encryption Standard) hash. [...]...
- Brute Force Attack
A brute force attack consists of trying every possible code, combination, or password until the right one is found. Determining the Difficulty of a Brute Force Attack The difficulty of a brute force attack depends on several factors, such as: How long can the key be? How many possible values can each key component have? [...]...
- How Does ICQ Password Recovery Work?
Methods of ICQ password recovery include: Resetting your ICQ password online Recovering stored ICQ passwords ICQ password brute force attack Reset your ICQ Password The easiest way to recover a ICQ password is to go to the ICQ Get a New Password page. To use this page, enter your ICQ number and ICQ will e-mail [...]...
oi o senhor sabe maria sugnifica de ingles?