In one of the courses I am busy with there was a requirement to create a password file to use during a brute force attempt – and the hints given were that the password is 5 characters and that it uses only q,w,e.

So from a shell on a Kali machine type the following:

crunch  5 5 qwe > pass.txt

The first 5 means a minimum of 5 characters, the second 5 means the maximum amount of characters, the three letters are what needs to be used in the password file, and lastly we > send the standard output to a file called pass.txt.

This can of course also be done using Burpsuite with the following options:
burpbrute

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s