Word lists ,Crunch, John and Hash Cat - All Kali Word List Tools Explained.

🔐 Overview Of Wordlists ,Crunch, John and Hash Cat - All Kali Word List Tools Explained.🔐

Common Password Formats

Understanding password security is crucial, considering different encryption methods for a password like "R@nT4g*Ne!":

• SHA-1:

  • Output: 12bf203295c014c580302f4fae101817ec085949
  • Characteristics: 40 characters, no clear decryption method.

• SHA-1 with Salt:

  • Output: bc6b79c7716722cb383321e40f31734bce0c3598
  • Characteristics: 40 characters, with the addition of the word "Free."

• MD5:

  • Output: 4e84f7e8ce5ba8cdfe99d4ff41dc2d41
  • Characteristics: Encoded into a 128-bit string.

• AES (Advanced Encryption Standard):

  • Characteristics: Utilizes a symmetric encryption algorithm with a variable bit length.

-- Encryption Algorithms

• SHA-1-512 (-1-512) Stands for the buffer size when that increases the level of encryption is higher.

-- One Way Hash - Designed for cryptography

• MD5 and MD4 example (Not Recommended to be Used Vulnerable).

Lets Checkout some commands basics.

Commands Basics

This command is used to generate an actual

echo -n "adminpassword" | sha1sum

Result :

bash efacc4001e857f7eba4ae781c2932dedf843865e

• HashID is used to determine the type of hash

• Create a new file called new.hash
  

touch new.hash

• Use the nano text editor the copy the result above or create your own.

nano new.hash

• Note : Inside nano to save the file press CTRL + X and then Y then ENTER To save the file .

• Now use hashid to determine what hash type this file is using
  

hashid -m new.hash

1. Crunch The Command Used here Creates lists with every possible combination of number, you can also use crunch with uppercase and lowercase letters , special characters.

Syntax
Usage: crunch <min> <max> [options]

┌──(root㉿kali)-[~]
└─# crunch 1 3 0123456789 -O /home/kali/Desktop/phonepassword.txt 

• Optional Commands for testing
• Its Optional (Requires alot of PC Resources).

┌──(root㉿kali)-[~]
└─# crunch 3 10 0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ 

• Optional - Add generated list to already existing file like rockyou.txt

┌──(root㉿kali)-[~]
└─# crunch 1 3 0123456789 >> /usr/share/wordlists/rockyou.txt

1. Wordlists

Simply used to generate rockyou.txt and show Word List Files on Kali.

┌──(root㉿kali)-[~]
└─# wordlists 

Result

/usr/share/wordlists
├── amass - /usr/share/amass/wordlists
├── dirb - /usr/share/dirb/wordlists
├── dirbuster - /usr/share/dirbuster/wordlists
├── fasttrack.txt - /usr/share/set/src/fasttrack/wordlist.txt
├── fern-wifi - /usr/share/fern-wifi-cracker/extras/wordlists
├── john.lst - /usr/share/john/password.lst
├── legion - /usr/share/legion/wordlists
├── metasploit - /usr/share/metasploit-framework/data/wordlists
├── nmap.lst - /usr/share/nmap/nselib/data/passwords.lst
├── rockyou.txt
├── rockyou.txt.gz
├── sqlmap.txt - /usr/share/sqlmap/data/txt/wordlist.txt
├── wfuzz - /usr/share/wfuzz/wordlist
└── wifite.txt - /usr/share/dict/wordlist-probable.txt

┌──(root㉿kali)-[~]
└─# cd /usr/share/wordlists // cd into wordlists directory 
┌──(root㉿kali)-[~]
└─# ls -la // list all directory items
┌──(root㉿kali)-[~]
└─# gunzip /usr/share/wordlists/rockyou.txt.gz //extracts rockyou.txt if not extracted already

2. John The Ripper

Always check the -h or --help option for any tool used on kali to check the syntax and options.

• Review Options </>

┌──(root㉿kali)-[~]
└─#john --help

• Check File Formats John Can Crack. </>

┌──(root㉿kali)-[~]
└─# john --list=formats // formats and protocols that can be used with john

┌──(root㉿kali)-[~]
└─#john --wordlist=/usr/share/wordlists/rockyou.txt --format=Raw-SHA1 --fork2 SHA1.txt

┌──(root㉿kali)-[~]
└─#john --show --format=Raw-SHA1 SHA1.txt

The Same commands apply for SHA224, SHA256, MD5, MD4 for example and the check the formats that john support with the command provided in the above.

3. HashCat - Advanced Password Cracker

• Utilizes markov statistical theory A russian scientist - with AI.🤖
• Check PassGAN

🔑 Core Attack Modes 🔑

• Dictionary Attack - Tries all words in a list, also known as "straight" mode. (Attack mode 0, -a 0)
• Combinator Attack - Concatenates words from multiple wordlists. (-a 1)
• Brute-force Attack and Mask Attack - Tries all characters from given charsets, per position. (-a 3)
• Hybrid Attack - Combines wordlists with masks (-a 6) and masks with wordlists (-a 7); can also be done with rules.
• Association Attack - Uses additional information like a username, filename, or hint to attack a specific hash. (-a 9)

Read more about Markov Chains.

hashcat --help
hashcat -m 100 new.hash rockyou.txt

4. MSF/WordLists

Check MetaSploit WordLists

ls -lh /usr/share/metasploit-framework/data/wordlists/

Common Password Formats

Understanding password security is very important, with various tools transforming passwords in distinct ways. Let's consider the password "R@nT4g*Ne!" (Rent Forgone, in common terms) and observe its transformation through different encryption methods:

SHA-1:

Output: 12bf203295c014c580302f4fae101817ec085949
Characteristics: 40 characters, no clear decryption method.
SHA-1 with Salt:

Output: bc6b79c7716722cb383321e40f31734bce0c3598
Characteristics: Still 40 characters, with the addition of the word "Free."
MD5:

Output: 4e84f7e8ce5ba8cdfe99d4ff41dc2d41
Characteristics: Encoded into a 128-bit string.
AES (Advanced Encryption Standard):

Characteristics: Utilizes a symmetric encryption algorithm with variable bit length.
Note: The outcome of AES encryption is highly variable, depending on factors like bit length, making it nearly impossible to predict the final password representation.
In summary, these encryption methods offer different levels of security and characteristics, with varying degrees of complexity and resistance to decryption.

References

🔗Kali Linux Wordlist: What you need to know
🔗crunch
🔗WordLists - Kali-Tools
🔗WordLists - GitLab - repository
🔗John - Kali-Tools .
🔗Openwall -github repository -John
🔗John-The-Ripper-Tutorial - Techy Rick
🔗Openwall -John - Offical Website .
🔗Hash Cat - Wiki
🔗Cap 2 Hashcat
🔗Markov - Chain
🔗Hash Cat - Forums
🔗Security Stack Exchange - Question 260773
🔗StationX - How to use Hashcat
🔗MSF/Wordlists - charlesreid
🔗MSFConsole
🔗How to use hashcat
🔗MSF/Wordlists - charlesreid1
🔗Where do the words in /usr/share/dict/words come from?
🔗SCOWL (Spell Checker Oriented Word Lists)
🔗The spell utility -spell - find spelling errors (LEGACY) - UNIX
What are Different Types of Cryptography?
sha1-vs-sha2-the-technical-difference-explained-by-ssl-experts/
🔗password-encryption
🔗Secure-Programs
SHA-1
🔗What-are-computer-algorithms
🔗What Are MD5, SHA-1, and SHA-256 Hashes, and How Do I Check Them? - howtogeek.com
🔗kali-linux-wordlist-what-you-need-to-know

Johnny
Openwall -info wiki -Johnny
Openwall -github repository -Johnny