AdSense

Sunday, October 15, 2017

Password profiling with CEWL / Wordlist mangling with JOHN THE RIPPER


PASSWORD PROFILING WITH CEWL / WORDLIST MANGLING WITH JOHN THE RIPPER

- Layout for this exercise:




1 - Password profiling with CEWL

- CEWL (Custom Word List generator) scans for a list of words and phrases taken from the web server of a targeted organization and returns a textfile with the corresponding wordlist.


 

- The option -m allows to specify the minimum length of the returned words:




- The option -w outputs the result to a textfile:




- Let's apply cewl to www.whitelist1.com, setting the minimum number of letters to 6, and outputting the result to the file whitelist_wordlist.txt:





- The number of lines is 7011:



- Let's see some of the strings found:




- Another interesting option is to create an email list with all emails founded by cewl, using these options:





- Applying cewl again to the web server domain:





- The new text file contains just 3 lines:







- Finally, the option -c counts for how many times words appear at the wordlist:









2 - Wordlist mangling with John The Ripper

- There are certain practices that users tend to apply to passwords in order to mutate them. 


- For instance, adding numbers at the beginning and/or the end, swapping out to lower/uppercase letters, etc ...

- John The Ripper allows to modify a wordlist of passwords according to different criteria.

- For instance, let's add two numbers to the end of each password, just modifying the john.conf file:






- Now, the original whitelist1_wordlist.txt is modified to mutated_whitelist1_wordlist.txt




- The new file contains 1046909 strings, in comparison with the original one, containing 7011:






- Let's check how the last passwords of the wordlist have been modified: