How to Generate Word-Lists with Python for Dictionary Attacks
As per Alex's request, I am posting about generating word-lists in Python.
However, this is my FIRST attempt with Python, so please provide me with critiques and any and all comments. I really want to know what you think as there was a little bump here and there seeing as I am transitioning from C#.
Well, let's just run through a simple scenario: you're about to hack a vulnerable login page, but you think that brute-force is going to take ages (in fact, there's a decent chance it will), so why not try out a dictionary attack first? Because it's faster.
[Please check my math here. I have not slept in the last 30 hours. I am not responsible for nonsense hereafter!]
The English alphabet is 26 characters in length, and a 5 character password utilising brute force is 26^5, assuming it is not uppercase and has no special characters. 26^5 = 11881376 combinations! And that's the easy tier. Try a full dictionary—916132832 combinations (includes just upper, lower case and numbers).
In these instances, you might want to try a dictionary attack. Now assuming a user has a password such as "thistle", a normal dictionary will suffice, but what if a password is "xZya6"?
Well this is the program for you!
Step 1 Beginning of Your Code
import string, random
The above two lines are the beginning of our code.
Since I am working on windowzer, my first line points to where I installed my Python. For linux users, change it to #!/usr/bin/python
The import declaration just tells the program to import the string handling library and a library to handle random chars.
Step 2 The Meat & Bones
Now, if we think about it, we want to be able to do the following:
- Tell the program how short each word should be.
- Tell the program how long each word should be.
- Tell the program how many words to generate.
So enter these lines:
minimum=input('Please enter the minimum length of any give word to be generated: ')
maximum=input('Please enter the maximum length of any give word to be generated: ')
wmaximum=input('Please enter the max number of words to be generate in the dictionary: ')
Now decide on what kind of alphabet you will use—I chose the below:
alphabet = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYX0123456789'
Replace above with - alphabet = string.letters[0:52] + string.digits + string.punctuation
..for runtime-generated alphabet in full ascii (no special symbols such as ¶)
Next, declare the placeholder for our words.
Now, we tell Python to open a empty text file in write mode ("w"). (Linux users, point it your respective directory, or just write the file name if the file is next to your PY script)
FILE = open("wl.txt","w")
Now we write a loop which will range from 0 to the maximum number of words you defined, and generate words that hold random characters from the alphabet we defined earlier, in random order at variable length (assuming your min/max values were not identical on imput).
for count in xrange(0,wmaximum):
for x in random.sample(alphabet,random.randint(minimum,maximum)):
Now we tell Python to write the strings (words) to the file we pointed the program to, by using '\n' to tell Python to separate each word in a new line.
And the last functions are just: (1) Clear the string, (2) Close the file after editing—very important as changes might not register if it is not closed—and (3) prints the word "Done!" after finishing.
And that's it! Give it a go!