Attention: The articles published on this wiki are for education purpose, to use during a CTF or for an authorized penetrationtest. By using the wiki, you've agreed to use this knowledge in an ethical way and do not evil in any perspective.
CeWL is a ruby app which spiders a given url to a specified depth, optionally following external links, and returns a list of words which can then be used for password crackers such as John the Ripper.
CeWL also has an associated command line app, FAB (Files Already Bagged) which uses the same meta data extraction techniques to create author/creator lists from already downloaded.
Usage Scan to a depth of 2 (-d 2) and use a minimum word length of 5 (-m 5), save the words to a file (-w ords.txt), targeting the given URL (https://example.com):
cewl --with-numbers -d 2 -m 5 -w words.txt http://$ip/Parameters explained
| Switch | Example | Description |
|---|---|---|
| -d | -d 4 | Depth to spider to, default 2 |
| -m | -m 7 | Minimum word length, default 3 |
| -w | -w words.txt | Write the output to the file |
| -u | -u $agent | User agent to send |
| --with-numbers | --with-numbers | Accept words with numbers in as well as just letters |
| --lowercase | --lowercase | Lowercase all parsed words |
| -h | -h | Show help |
Crunch is a wordlist generator where you can specify a standard character set or a character set you specify. crunch can generate all possible combinations and permutations.
The Syntax The basic syntax for crunch looks like this in the CLI:
crunch min<min> max<max> <characterset> -t <pattern> -o <output filename>Parameters explained
Now, let's go over what's included in the syntax above.
| Argument | Description |
|---|---|
| min | The minimum password length. |
| max | The maximum password length. |
| characterset | The character set to be used in generating the passwords. |
| -t | The specified pattern of the generated passwords. |
| -o | This is the file you want your wordlist written to. |
For instance, if you knew that the target's birthday was 0728 (July 28th) and you suspected they used their birthday in their password (people often do), you could generate a password list that ended with 0728 by giving crunch the pattern @@@@@@@0728. This word generate passwords up to 11 characters (7 variable and 4 fixed) long that all ended with 0728.
Example
crunch 3 9 <characterset> -t <pattern> -o wordlist.txt