Crunch comes pre-installed in Kali Linux in this tutorial we will be using Kali Linux 2017.2
In many of our password and cracking disciplines, we often need to use a wordlist that will essentially attempt thousands of potential passwords per second. This is often referred to as a dictionary attack, even though we need not rely solely on dictionary words. These wordlists may have any combination of characters and words in an attempt to crack a complex password offline.
The basic syntax for crunch looks like this:
Lets go over what’s included in the syntax listed above.
max = The maximum password length.
characterset = The character set to be used in generating the passwords.
-t <pattern> = The specified pattern of the generated passwords. For instance, if you knew that the target’s birthday was 0728 (July 28th) and you suspected they used their birthday in their password (people often do), you could generate a password list that ended with 0728 by giving crunch the pattern @@@@@@@0728. This word generate passwords up to 11 characters (7 variable and 4 fixed) long that all ended with 0728.
-o <outputfile> = This is the file you want your wordlist written to we can also do this will strings and or a mixture.
man crunch will let your view Crunch Manual pages.
1) Start Crunch
2) Choose what options you would like as different options give different wordlist variations heres a few examples.
# crunch 4 8 HackingVision12345 -o numbersletters.txt
Image Shows Crunch Running in Kali Linux using the following command.
This command will generate a wordlist in Crunch using only numerical digits. where (6) is the shorted length of password (8) represents the largest length of the passwords to be generated by Crunch.
mage shows wordlist being generated in numeric form using Crunch in Kali Linux# crunch 10 10 -t @@@@@@0728 -o /root/birthdaywordlist.lst
The command above will generate a wordlist with all possible birthday patterns in numeric.
The @ sign is used to represent a wildcard of all possibilities, while the literals “0728” represent the fixed values.
Now lets say we know that our target is using an eight character password with only alphabetic characters, we could generate a list of all the possibe passwords in crunch with the following command:
#crunch 8 8 -f /usr/share/rainbowcrack/charset.txt mixalpha -o /root/alphawordlist.lst
3) Go to output folder where the generated wordlists are stored.