tools for analyzing strings from password lists
quickstart / setup
git clone https://github.com/nyxgeek/dumpsniffer.git cd dumpsniffer;chmod +x *.sh ./getcleanwordlist.sh
this will download cracked passwords from Troy Hunt's public dump, via hashes.org (The wordlist source file can be changed in ./dumpsniff.conf)
once a wordlist is in place:
./popcon.sh baseball basketball football
- this project is meant to look at one password dump (or any text file) at a time.
- If you want to start again, just rename the ./db folder to something else.
- There is a dumpsniff.conf file that contains the path to the password dump to be searched.
The search results are stored in their raw form under the following directory structures:
./db/ ./db/a/ ./db/a/aardvark.out.txt ./db/a/awesome.out.txt ./db/b/bitcoin.out.txt ./db/c/computer.out.txt ...
Using the filesystem to hold data was chosen over a traditional db because this allows the easy viewing and editing of the results. This allows you to manually parse and remove false-positive results using tools like 'grep'.
derbycon 7.0 talk info
The DerbyCon 7.0 (2017) slide deck can be found here:
(youtube here: https://www.youtube.com/watch?v=DHpbEl27sdQ )
Resources listed in slide deck can be found here:
where to find passwords in plaintext:
Check out the 'found' column.
You can automagically download and clean the Troy Hunt dump using the included script 'getcleanwordlist.sh'
Please consider donating to hashes.org
I'm not affiliated with them in any way, don't know them, but they're an awesome resource. You can find the donation link at the bottom of this page:
file list & usage
Popularity Contest: compare popularity of keywords or phrases
note: if a word is already in the db, it won't be searched again
usage: ./popcon.sh hacking hacker hacked Search complete: 19993, hacker 2805, hacked 1799, hacking
show top 50 most-popular variations on a keyword
note: if word has not been searched for yet, will prompt to search
usage: ./viewresults.sh hacking 1066 hacking 61 hackingme 16 hackings 12 hackingyou 12 hackingisfun 10 hackingmaster 10 hackingm 8 hackinghaters 8 hackingaccount 7 hackingis ...
usage: ./createregex.sh file.txt > file.regex Read line "testing": [tT+7][eE3][sS$5][tT+7][iI1!|][nN][gG69]
give this script a file with one word/phrase per line and it will convert output it as leetspeak regex
This can then be used with grep in the following manner:
grep -E -f file.regex file_to_search.txt
That's it. It downloads and cleans the wordlist a little (trims lines longer than 24 char and removes non-ASCII).
PDF of slide deck
script to turn a wordlist into two wordlists to be used in CLEVERBRUTE attack method
usage: ./cleverbrute_create.sh wordlist.txt Making HEAD file... file written to /current/path/HEAD.out - Total lines: 21 Making TAIL file... file written to /current/path/TAIL.out - Total lines: 24 Example (first 5 lines): HEAD.out TAIL.out -------- -------- 1234 !!!! 12345 !!!!n 123456 !!!!ni Spri !710 Sprin !7102
This is a list of the URLs/resources listed in the slide deck
thanks for all the feedback! also special thanks to whoever it was at DerbyCon that recommended the dog icon after my talk.