Nmap Development mailing list archives
Re: wordlists for Ncrack
From: ithilgore <ithilgore.ryu.l () gmail com>
Date: Wed, 29 Jul 2009 02:41:52 +0300
Solar Designer wrote:
On Tue, Jul 28, 2009 at 03:59:11AM +0300, ithilgore wrote:The gathering of username and password lists has gone well so far and I found out about another great archive of such files here: http://theargon.com/achilles/wordlists/ However, a proper sorting of all these has to take place. Soon.As you're probably aware, I've done quite some work sorting, rejecting, and merging wordlists a few years ago: http://www.openwall.com/wordlists/ ftp://ftp.openwall.com/pub/wordlists/ Typical reasons for a rejection were a wordlist file being a duplicate or a wordlist file meant to be language-specific containing too many words from other languages (detected with a script). The resulting wordlists all start with comments giving the original file names that I ended up merging. For example, languages/English/3-large/lower.gz starts with: #!comment: Pre-processed input wordlist files: #!comment: 10001fr.equ 74550com.mon famous pocket-dic #!comment: 10002fr.equ Antworth freja.diku.dk sf #!comment: 10196pla.ces aussie ftp.cs.vu.nl shakespeare #!comment: 113809of.fic biology ftp.uu.net shakesp-glossary #!comment: 21986na.mes computer.names knuth_britsh simtel20.army.mil #!comment: 256772co.mpo CRL knuth_words special.eng #!comment: 354984si.ngl englex-dict male-names Unabr.dict #!comment: 366often.mis english.abbrs minix Unix.dict #!comment: 3897male.nam english.names muller web2 #!comment: 4160offi.cia english.words myths-legends web2a #!comment: 4946fema.len english-zedz numbers words-english #!comment: 6213acro.nym engwords.txt ospd wordset_4k languages/English/4-extra/lower.gz adds: #!comment: Pre-processed input wordlist files: #!comment: english.maybe length09.txt length18.txt length27.txt #!comment: english.trash length10.txt length19.txt length28.txt #!comment: length02.txt length11.txt length20.txt length29.txt #!comment: length03.txt length12.txt length21.txt length30.txt #!comment: length04.txt length13.txt length22.txt length31.txt #!comment: length05.txt length14.txt length23.txt length32.txt #!comment: length06.txt length15.txt length24.txt misc.names #!comment: length07.txt length16.txt length25.txt mobythes #!comment: length08.txt length17.txt length26.txt org.names Obviously, most of these wordlists are too large to be used with Ncrack. I'd recommend just password.lst from here: http://cvsweb.openwall.com/cgi/cvsweb.cgi/Owl/packages/john/john/run/ maybe with systems' default passwords added. Please note that this revision of password.lst (bundled with John the Ripper) is currently slightly newer than one found in the wordlists collection.
Alexander, do we have your permission to use these lists as part of Ncrack's lists (that are going to shipped with Ncrack)? This applies to having them as separate lists as well as having some of the passwords in a greater mix of other passwords. In either case, please inform us about any requirements to include any license header or anything similar.
Alexander
Thanks, ithilgore _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Status Report #14 of 17 Luis M. (Jul 27)
- <Possible follow-ups>
- Status Report #14 of 17 J Marlow (Jul 27)
- Re: Status Report #14 of 17 ithilgore (Jul 27)
- Re: Status Report #14 of 17 Joao Correa (Jul 27)
- Re: Status Report #14 of 17 Patrick Donnelly (Jul 27)
- Re: Status Report #14 of 17 venkat sanaka (Jul 28)
- Re: Status Report #14 of 17 ithilgore (Jul 27)
- wordlists for Ncrack (was: Status Report #14 of 17) Solar Designer (Jul 28)
- Re: wordlists for Ncrack ithilgore (Jul 28)
- Re: wordlists for Ncrack Solar Designer (Aug 12)