Lab4.1 Password Guessing - adamcunningham9990/SEC335-Journal GitHub Wiki
A tool used for generating custom word lists from a website.
cewl -w [output] [website]
example: cewl -w /home/student/Desktop/list1.txt 192.168.4.243/bios/Dunston.html
Remember you need to cut down this list manually in order to keep a low number of results!
A tool used for mangling passwords into different styles (reverse, l33t speak, numbers, exclamation points, etc.)
rsmangler [options] --file [input file] --output [output file]
example: rsmangler --min 9 --max 12 --file Goldstein --output GoldsteinMangled
This specific example mangles the words in the file Goldstein, making the minimum length of the mangles 9 and the maximum 12.
Remember to use the --min and --max flags to set the lengths of the password you want.
Use the command wc -l to check how many lines the mangled output file is. Should be <1500 lines.
A tool used for username and password combination guessing through different modules.
medusa -h [host] -u/U [username/username list] -p/P [password/password list] -M [module]
example: medusa -h 192.168.4.246 -u jeastman -P EastmanMangled -M http
This specific example searches the host 192.168.4.246 for passwords for the username jeastman, using the list EastmanMangled on http.
Remember, http web scans are very quick and can handle about 1500 lines, stuff like SSH is much slower and requires shorter lists.
FLAGS ARE CASE SENSITIVE. -u and -p are for single entries, -U and -P are for file entries.
-M is required, use http/ssh for most cases.