Re: Word lists/dictionaries.

[Jonathan Cran <jcran () 0x0e org>]

> > I am trying to find as many word lists as possible for cracking
> > whatever it is to be cracked... So if anyone has any links to some
> > descent word lists, please send it my way.
> >
> > Will post what I collected when I collate everything.


there's also the venerable openwall wordlists (openwall.org).
additionally, there's been a number of fairly high-profile breaches
and subsequent leak of real-world passwords lately:

hotmail: http://current.com/technology/91108676_email-password-leak-update-gmail-yahoo-aol-and-hotmail-hit-too.htm
rockyou: http://securitystream.info/data-breaches/easy-passwords-found-in-rockyou-data-leak/

you should be able to track those lists down with relative ease.

also, someone is going to say this, i might as well take a stab at it
--> as with all bruting,  ymmv, and it's generally better to generate
custom lists based on what you're bruting, taking into account
technology, admin / policy sophistication, geolocation, and industry
among other things. check out wyd for a bit more info.


jcran

--
Jonathan Cran
jcran () 0x0e org
515.890.0070

------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified. 

http://www.iacertification.org
------------------------------------------------------------------------