Crunch is a tool for creating a wordlist, which can be used to brute-force or audit password strength. However crunch can use patterns to reduce wordlists sizes, can compress output files in various formats, and now includes a message showing the size of the wordlists that will be created, you can cancel the creation of a wordlist by pressing “CTRL” C in Windows “COMMAND” C on Mac.
Why create a wordlist using crunch?
Crunch can be used to build a custom wordlist, hackers use that tool to create targeted wordlists for their victims and brute force their passwords. You can create a custom wordlist using crunch to break into someone’s wifi password if you have collected some information using social engineering.
How to install Crunch?
The crunch comes pre-installed in Kali Linux and for windows, you can download this tool.
If you own Linux you can simply apt-get install crunch.
Create Wordlist Using Crunch Video:
The full range of options is as follows:
-b Maximum bytes to write per file, so using this option the wordlist to be created can be split into various
sizes such as KB / MB / GB (must be used in combination with "-o START" switch)
-c Number of lines to write to the output file must be used together with "-o START"
-d Limits the number of consecutive identical characters (crunch v3.2)
-e Specifies when crunch should stop early (crunch v3.1)
-f Path to the charset.lst file to use, standard location is '/pentest/passwords/crunch/charset.lst
to be used in conjunction with the name of the desired charset list, such as 'mixalpha-numeric-space'
-i Inverts the output sequence from left-to-right to right-to-left
(So instead of aaa, aab, aac, aad, etc, the output would be aaa baa caa daa)
-l When specifying custom patterns with the -t option, the -l switch allows you to identify which of the characters
should be taken as a literal character instead of a place holder ( @,%^ )
-o Allows you to specify the file name/location for the output, e.g. /media/flashdrive/wordlist.txt
-p Prints permutations of the words or characters provided in the command line.
-q Prints permutation of the words or characters found in a specified file
-r Resumes from a previous session, exact same syntax to be used followed by -r
-s Allows you to specify the starting string for your wordlist.
-t Allows you to specify a specific pattern to use. Probably one of the most important functions!
Place holders for fixed character sets are ;
@ -- lower case alpha characters
, -- upper case alpha characters
% -- numeric characters
^ -- special characters (including space)
-u Supresses the output of wordlist size & line-count prior to starting wordlist generation.
-z Adds support to compress the generation output, supports gzip, bzip & lzmaBASIC USAGE AND CHARACTER SETS
Make your own custom wordlist using crunch:
The default installation directory in Kali Linux for crunch is: /usr/bin/crunch and you can find crunch charset.txt inside /usr/share/crunch/ directory.
Basic Usage of Crunch:
Usage: crunch <min> <max> [option]
Also, any desired character set can be entered manually in the command line;
crunch 6 6 0123456789ABCDEF
Certain characters will need to escape with a backslash \ ;
Creating Wordlist in Certain Sizes:
Using the -b switch, we can tell crunch to create a wordlist that is split into multiple files
of user-specified sizes.
This must be done in conjunction with -o START.
The size definition can be; kb, MB, GB or KiB, mib, gib
kb, MB, and GB are based on the power of 10 (i.e. 1KB = 1000 bytes)
KiB, mib, and gib are based on the power of 2 (i.e. 1KB = 1024 bytes).
The output files will be named after the first and last entry in the wordlists.
To create a wordlist split into files of not more than 1MB;
Creating Wordlists in Blocks of certain Line count:
(ie. number of passphrases per file)
Using the -c switch you can have crunch create wordlists that do not contain more than the
a specified number of lines.
This must be used in conjunction with -o START.
To create files containing no more than 200000 (200 thousand) lines (passphrases);
crunch 6 6 0123456789 -c 200 -o START
Stopping Crunch Wordlist at Pre-determined time:
crunch 6 6 -t %%%%%% -e 333333
Using Fixed Charset.txt in Crunch:
crunch 6 6 -f /usr/share/crunch/charset.lst ualpha -o START
There’s ton more charsets inside /usr/share/crunch/charset.lst
Inverting the output direction in a crunch
Using the –i option will invert the direction in which the wordlist is created, from left-to-right to right-to-left.
Note that this does not change the content of the created wordlist, it only changes the initial direction in which it is created.
Creating Permutations in Crunch:
Crunch can also be used to create permutations for either;
> characters/words entered in the command line with the -p switch.
> lines in a wordlist with the -q switch
Although there is no min/max character setting, this still needs to be entered for both
the -p and -q switch.
Using the -p switch you can create permutations of characters or of all words entered in the command line.
Creating permutations of letters (fun for anograms) ;
