Create a wordlist of only numbers

[Candle]

Hi,
does anybody know how I can create a wordlist of only numbers?

The FritzBox from AVM has only a numeric wpa password.

[Awesome]

This isn't really even worth dignifying a response, but I'm feeling nice today...

Code:

python -c "for n in xrange(0, 99999999): print '%08d' % n" | aircrack-ng  -w - -b 00:11:22:33:44:55 psk.cap

This will try every 8 digit integer from 0 to 99999999 as key. YMMV, since the keyspace here is 100000000 keys. On a relatively recent Core 2 Duo chip, I get about 1150 keys/sec so it would take just over 24 hours to run.

[Jano]

Hi Candle,

- There are many alternatives: custom scripts, wordlist generators (pwgen, gen.pl, ecc..), and do not forget John The Ripper.
- Search in Google

Bye Jano

[Candle]

Hi tried jack the ripper but I couldn't figure out what I should type in to let him generate the wordlist with numbers

[Jano]

Hi Candle,

Hi tried jack the ripper but I couldn't figure out what I should type in to let him generate the wordlist with numbers

- JTR has many useful features to modify and extend the personal dictionaries using his "Rules", and is very fast in the generation of new password.
- This is an example for generate the wordlist with numbers, with "Standard Charset": (password max lenght 8-)

Code:

jano:~/Pentest/john/run$ ./john -i=Digits --stdout | sed '10q'
00000000
10000000
10000001
10000010
10000011
10000100
10000101
10000110
10000111
10001000
jano:~/Pentest/john/run$

- And this is an example, with "Custom Charset": (password max lenght 10)

Code:

jano:~/Pentest/john/run$ ./john -i=Digits-10 --stdout | sed '10q'
0000000000
0001000000
0001000001
0001000010
0001000011
0001000100
0001000101
0001000110
0001000111
0001001000
jano:~/Pentest/john/run$

- Remember, that to generate password higher than 8 characters, you must to recompile JTR  for creating new "Custom Charset".

Bye Jano

[Zermelo]

Ok don't laugh too hard - I know there are like dozens of scripts and apps which will do this, but I'm throwing some crappy C code that I wrote which will go through standard and arbitrary permutations of strings.  I wanted something simple and straight-forward that could pump permutations through aircrack-ng.  There is zero optimization in it, but here it is for anyone interested.

Usage:

Usage: permutate [options] -o [path]
Options:
   -m : minimum string output length [default is 8]
   -n : maximum string output length
   -l : permutate using Lower Case letters [default]
   -u : permutate using Upper Case letters
   -d : permutate using Digits [0 - 9]
   -p : permutate using special characters [!@#$%^&* ...]
   -s : permutate using space character
   -c [string]: permutate using custom string entry

Using multiple string options will concatenate those strings, e.g. if you type:

permutate -l -d

It will display the permutation of "abcdefghijklmnopqrstuvwxyz0123456789"

By default it sets the minimum permutation length is set to 8 and the default string set is lower case, hence if you simple type the command "./permutate" it will display permutations of a-z.

If you want to waste time:

permutate -m 8 -n 64 -l -u -d -p -s -o craziness.txt

would go through every permutation of all above mentioned characters starting with a minimum passphrase length of 8  and ending at a maximum passphrase length opf 65.

permuate -d -m 8 | aircrack-ng wpa.cap -w - -e [essid]

Would pipe all permutations of 0-9 with a passphrase length of 8 through aircrack-ng

permutate -c %$@*51fg

Would display all permutations of the characters of %$@*51fg (note it does not check for redundant characters)

etc, etc.

Here's the code:

Code:

// permutator.cpp beta 1.0: Defines the entry point for the console application //

#include <fstream>
#include <iostream>
#include <cmath>
#include <ctime>
#include <string.h>
#include <stdlib.h>

using namespace std;
int long s,l,minimum,maximum,flag;
int D[255];
char chr;
string cycle,passphrase;


int main(int argc, char *argv[])
{
cycle = "";
flag = 0;
minimum = maximum = 8;

ofstream fout;

for(int i=1; i<argc; i++)
{
if (strncmp(argv[i],"-m",2)==0)
{
minimum = atoi(argv[i+1]);
}
if (strncmp(argv[i],"-n",2)==0)
{
maximum = atoi(argv[i+1]);
}
if (strncmp(argv[i],"-l",2)==0)
{
cycle = cycle + "abcdefghijklmnopqrstuvwxyz";
}
if (strncmp(argv[i],"-u",2)==0)
{
cycle = cycle + "ABCDEFGHIJKLMNOPQRSTUVWXYZ";
}
if (strncmp(argv[i],"-d",2)==0)
{
cycle = cycle + "0123456789";
}
if (strncmp(argv[i],"-p",2)==0)
{
cycle = cycle + "_@#$&+-=%*^`~'!?.,:;()<>[]{}/|";
chr=92;
cycle = cycle + chr;
chr=34;
cycle = cycle + chr;
}
if (strncmp(argv[i],"-s",2)==0)
{
cycle = cycle + " ";
}
if (strncmp(argv[i],"-c",2)==0)
{
cycle = cycle + argv[i+1];
}
if (strncmp(argv[i],"-o",2)==0)
{
fout.open(argv[i+1]);
flag = 1;
}
if (strncmp(argv[i],"-h",2)==0)
{
cout << "Bruteforce Permutation Generator Beta v. 1.0 by Zermelo \n";
cout << "Usage: permutate [options] -o [path] \n";
cout << "Options: \n";
cout << "   -m : minimum string output length [default is 8] \n";
cout << "   -n : maximum string output length \n";
cout << "   -l : permutate using Lower Case letters [default] \n";
cout << "   -u : permutate using Upper Case letters \n";
cout << "   -d : permutate using Digits [0 - 9] \n";
cout << "   -p : permutate using Special characters [!@#$%^&* ...] \n";
cout << "   -s : permutate using Space character \n";
cout << "   -c [string]: permutate using custom string entry \n";
cout << "   -h : this screen \n";
exit(0);
}
}

        if (maximum<minimum)
{
maximum = minimum;
}

l = cycle.length();
if (l<1)
{
cycle="abcdefghijklmnopqrstuvwxyz";
l = 26;
}
l=l-1;

for(int i=0;i<=l;i++)
{
D[cycle[i]]=i;
}

minimum = minimum - 1;
maximum = maximum - 1;

for(int size=minimum;size<=maximum;size++)
{
passphrase = "";
for(int i=0;i<=size;i++)
{
passphrase = passphrase + cycle[0];
}

for(int j=1;j<=pow(double(l+1),size+1);j++)
{
for(int i=0;i<=size;i++)
{
if (passphrase[size-i]==(cycle[l+1]))
{
passphrase[size-i]=cycle[0];
passphrase[size-1-i] = cycle[D[passphrase[size-1-i]]+1];
}
}
cout << passphrase << endl;
if (flag==1)
{
fout << passphrase << endl;
}
passphrase[size] = cycle[D[passphrase[size]]+1];
}
}

if (flag==1)
{
fout.close();
}

return 0;
}

I'm no coder, I just felt the urge to throw this together, so I'm sure it could be done much, much better.

Steps, for those who aren't sure:

1. Copy the code, paste it in a text file, and save it as: "permutate.c" (or whatever you want).
2. Compile it using g++: "g++ permutate.c -o permutate
3. Run it ./permutate
4. Have fun.

[t_virus]

Ok don't laugh too hard - I know there are like dozens of scripts and apps which will do this, but I'm throwing some crappy C code that I wrote which will go through standard and arbitrary permutations of strings.  I wanted something simple and straight-forward that could pump permutations through aircrack-ng.  There is zero optimization in it, but here it is for anyone interested.

Usage:

Usage: permutate [options] -o [path]
Options:
   -m : minimum string output length [default is 8]
   -n : maximum string output length
   -l : permutate using Lower Case letters [default]
   -u : permutate using Upper Case letters
   -d : permutate using Digits [0 - 9]
   -p : permutate using special characters [!@#$%^&* ...]
   -s : permutate using space character
   -c [string]: permutate using custom string entry

Using multiple string options will concatenate those strings, e.g. if you type:

permutate -l -d

It will display the permutation of "abcdefghijklmnopqrstuvwxyz0123456789"

By default it sets the minimum permutation length is set to 8 and the default string set is lower case, hence if you simple type the command "./permutate" it will display permutations of a-z.

If you want to waste time:

permutate -m 8 -n 64 -l -u -d -p -s -o craziness.txt

would go through every permutation of all above mentioned characters starting with a minimum passphrase length of 8  and ending at a maximum passphrase length opf 65.

permuate -d -m 8 | aircrack-ng wpa.cap -w - -e [essid]

Would pipe all permutations of 0-9 with a passphrase length of 8 through aircrack-ng

permutate -c %$@*51fg

Would display all permutations of the characters of %$@*51fg (note it does not check for redundant characters)

etc, etc.

Here's the code:

Code:

// permutator.cpp beta 1.0: Defines the entry point for the console application //

#include <fstream>
#include <iostream>
#include <cmath>
#include <ctime>
#include <string.h>
#include <stdlib.h>

using namespace std;
int long s,l,minimum,maximum,flag;
int D[255];
char chr;
string cycle,passphrase;


int main(int argc, char *argv[])
{
cycle = "";
flag = 0;
minimum = maximum = 8;

ofstream fout;

for(int i=1; i<argc; i++)
{
if (strncmp(argv[i],"-m",2)==0)
{
minimum = atoi(argv[i+1]);
}
if (strncmp(argv[i],"-n",2)==0)
{
maximum = atoi(argv[i+1]);
}
if (strncmp(argv[i],"-l",2)==0)
{
cycle = cycle + "abcdefghijklmnopqrstuvwxyz";
}
if (strncmp(argv[i],"-u",2)==0)
{
cycle = cycle + "ABCDEFGHIJKLMNOPQRSTUVWXYZ";
}
if (strncmp(argv[i],"-d",2)==0)
{
cycle = cycle + "0123456789";
}
if (strncmp(argv[i],"-p",2)==0)
{
cycle = cycle + "_@#$&+-=%*^`~'!?.,:;()<>[]{}/|";
chr=92;
cycle = cycle + chr;
chr=34;
cycle = cycle + chr;
}
if (strncmp(argv[i],"-s",2)==0)
{
cycle = cycle + " ";
}
if (strncmp(argv[i],"-c",2)==0)
{
cycle = cycle + argv[i+1];
}
if (strncmp(argv[i],"-o",2)==0)
{
fout.open(argv[i+1]);
flag = 1;
}
if (strncmp(argv[i],"-h",2)==0)
{
cout << "Bruteforce Permutation Generator Beta v. 1.0 by Zermelo \n";
cout << "Usage: permutate [options] -o [path] \n";
cout << "Options: \n";
cout << "   -m : minimum string output length [default is 8] \n";
cout << "   -n : maximum string output length \n";
cout << "   -l : permutate using Lower Case letters [default] \n";
cout << "   -u : permutate using Upper Case letters \n";
cout << "   -d : permutate using Digits [0 - 9] \n";
cout << "   -p : permutate using Special characters [!@#$%^&* ...] \n";
cout << "   -s : permutate using Space character \n";
cout << "   -c [string]: permutate using custom string entry \n";
cout << "   -h : this screen \n";
exit(0);
}
}

        if (maximum<minimum)
{
maximum = minimum;
}

l = cycle.length();
if (l<1)
{
cycle="abcdefghijklmnopqrstuvwxyz";
l = 26;
}
l=l-1;

for(int i=0;i<=l;i++)
{
D[cycle[i]]=i;
}

minimum = minimum - 1;
maximum = maximum - 1;

for(int size=minimum;size<=maximum;size++)
{
passphrase = "";
for(int i=0;i<=size;i++)
{
passphrase = passphrase + cycle[0];
}

for(int j=1;j<=pow(double(l+1),size+1);j++)
{
for(int i=0;i<=size;i++)
{
if (passphrase[size-i]==(cycle[l+1]))
{
passphrase[size-i]=cycle[0];
passphrase[size-1-i] = cycle[D[passphrase[size-1-i]]+1];
}
}
cout << passphrase << endl;
if (flag==1)
{
fout << passphrase << endl;
}
passphrase[size] = cycle[D[passphrase[size]]+1];
}
}

if (flag==1)
{
fout.close();
}

return 0;
}

I'm no coder, I just felt the urge to throw this together, so I'm sure it could be done much, much better.

hello zermelo, nice code. i just cant get it working.... i saved the code has "permutate" and "permutate.cpp" but command line dont found, even aircrack-ng dont.
can someone help me about this?

about the code could u zermelo or someone upgrade it so resume after a quit?
thankx guys

[Jano]

hello zermelo, nice code. i just cant get it working.... i saved the code has "permutate" and "permutate.cpp" but command line dont found, even aircrack-ng dont.
can someone help me about this?
about the code could u zermelo or someone upgrade it so resume after a quit?
thankx guys

- Hi t_virus,
- Before using it, you have to compile the script. 

Code:

sudo apt-get install g++ gcc

Code:

g++ permutator.cpp -o permutate

Bye Jano

[t_virus]

hi jano thanks for the replay!
i have g++ and gcc installed and i run this code:

Code:

g++ permutator.cpp -o permutate -m 8 -n 16 -l -d -o craziness.txt

and this is what i got:

Code:

mauro@tvirus-laptop:~$ g++ permutator.cpp -o permutate -m 8 -n 16 -l -d -o craziness.txt
g++: 16: File ou directory inexistente
cc1plus: error: unrecognized command line option "-m"
mauro@tvirus-laptop:~$

any help about this?
thankx

[t_virus]

jeasus!!!

Code:

sudo ./permutate ...

stupid LOL

[Jano]

jeasus!!!

Code:

sudo ./permutate ...

stupid LOL

Ciao t_virus,
You do not need "root" permission:

Code:

./permutate -m 8 -n 16 -l -d -o craziness.txt

Bye Jano

[t_virus]

thank you Jano, parla italino hã??

is it to much work to put a resume key in the code or a start from"3456789" instead of starting allways from the begining?

[Zermelo]

t_virus,

This is incorrect:

g++ permutator.cpp -o permutate -m 8 -n 16 -l -d -o craziness.txt

to compile the code, your mixing up the compilation parameters with the parameters for using the code.  First compile the code:

Simply:

g++ permutator.cpp -o permutator

If it compiles successfully, there should be a separate file now called "permutator".  You can now execute the compiled binary with the command:

permutate -m 8 -n 16 -l -d -o craziness.txt

Good luck.

[t_virus]

sorry for the slow replay Zermelo
i have it rocking now!! ´
this is a cool script and i'm trying to add an option of resuming or ´start from´
let me know if you can help me

keep it goin

[Zermelo]

sorry for the slow replay Zermelo
i have it rocking now!! ´
this is a cool script and i'm trying to add an option of resuming or ´start from´
let me know if you can help me

keep it goin

The only way I could think of to have it resume after a break is to create a text file keeping a unique log of each run of its current place in the cycle, then adding to the parameters a continue option.  There might be an easier way of doing it, but as I said I'm no coder, so at the moment it's all I can think of.

If I can find an quick way to do it, I'll see if I can throw it in there, but as I said, there are many other scripts that do what mine does, perhaps they have a resume option, so you may be better off using those.