Using dictionary attacks
In this recipe, we will examine dictionary or wordlist attacks. A dictionary attack uses a predetermined set of passwords and attempts to brute-force a password match for a given user against the wordlist. There are three types of dictionary lists that are generally generated:
Username Only: Lists that contain generated usernames only
Password Only: Lists that contain generated passwords only
Username and Password Lists: Lists that contain both generated usernames and passwords
For our demonstration purposes, we will utilize Crunch to generate our very own password dictionary.
Getting ready
This recipe requires an installation of Crunch on your Kali installation
How to do it...
The good thing about Kali Linux, unlike BackTrack, is that Kali already includes Crunch.
Open a terminal window and enter the
crunchcommand in order to see the Crunch help file:crunch
The basic syntax for generating a password with Crunch is
crunch [minimum length] [maximum length] [character set...
