Step 1 Fire Up Kali & CeWL Help
First, fire up Kali and open a terminal. Next, let's type the "cewl" command and get its help screen.
Note the depth (-d) and the min_word_length (-m) switches. The -d switch determines how deep (the default is 2) into the website CeWL will crawl grabbing words, and the -m switch determines the minimum length of words it will grab. Since most firms have a minimum password length, there's no need to grab short words. In this case, I will be setting the minimum to 7 letters.
Step 2 Build a Custom List with CeWL
Now, to build a custom wordlist, we set CeWL to scraping words from the website of our friends at SANS Institute. We can do this by typing:
Let's break that down.
This command will then crawl the sans.org website to a depth of 5 pages, grabbing words at least 7 letters long. After several hours of crawling through the website, CeWL places all of the words it found into the file customwordlist.txt. We can then open it with any text editor; in this case, we will use Leafpad.
This will open the file like that below.
Note that these words are a reflection of the industry that SANS Institute is ininformation security.
Step 3 Combine This List with a List Generated by Crunch
Now, combine this wordlist with another wordlist, or one generated by Crunch. Place these words first as they are specific to this user or company and are more likely to be correct.
Of course, we can use CeWL to create custom wordlists for password cracking targets other than employees at a particular company. For instance, if we know the individual who is our target is a soccer fan, we use CeWL to crawl a soccer site to grab soccer related words. That is, we can use CeWL to create specific password lists based upon just about any subject area by simply crawling a website to grab potential keywords.
First, fire up Kali and open a terminal. Next, let's type the "cewl" command and get its help screen.
Kod:
kali > cewl --help
Note the depth (-d) and the min_word_length (-m) switches. The -d switch determines how deep (the default is 2) into the website CeWL will crawl grabbing words, and the -m switch determines the minimum length of words it will grab. Since most firms have a minimum password length, there's no need to grab short words. In this case, I will be setting the minimum to 7 letters.
Step 2 Build a Custom List with CeWL
Now, to build a custom wordlist, we set CeWL to scraping words from the website of our friends at SANS Institute. We can do this by typing:
Kod:
kali > cewl -w customwordlist.txt -d 5 -m 7 www.sans.org
Let's break that down.
Kod:
-w customwordlist.ext: the -w means write to the file name that follows.
-d 5: the depth (in this case, 5) that CeWL will crawl to website.
-m 7: the minimum word length; in this case it will grab words of 7 characters minimum.
www.sans.org: the website we are crawling.
This command will then crawl the sans.org website to a depth of 5 pages, grabbing words at least 7 letters long. After several hours of crawling through the website, CeWL places all of the words it found into the file customwordlist.txt. We can then open it with any text editor; in this case, we will use Leafpad.
Kod:
kali > leafpad customwordlist.txt
This will open the file like that below.
Note that these words are a reflection of the industry that SANS Institute is ininformation security.
Step 3 Combine This List with a List Generated by Crunch
Now, combine this wordlist with another wordlist, or one generated by Crunch. Place these words first as they are specific to this user or company and are more likely to be correct.
Of course, we can use CeWL to create custom wordlists for password cracking targets other than employees at a particular company. For instance, if we know the individual who is our target is a soccer fan, we use CeWL to crawl a soccer site to grab soccer related words. That is, we can use CeWL to create specific password lists based upon just about any subject area by simply crawling a website to grab potential keywords.