☑️Custom Wordlist

Custom Usernames - Username Anarchy

Even when dealing with a seemingly simple name like "Jane Smith," manual username generation can quickly become a convoluted endeavor. While the obvious combinations like jane, smith, janesmith, j.smith, or jane.s may seem adequate, they barely scratch the surface of the potential username landscape.

Human creativity knows no bounds, and usernames often become a canvas for personal expression. Jane could seamlessly weave in her middle name, birth year, or a cherished hobby, leading to variations like janemarie, smithj87, or jane_the_gardener. The allure of leetspeak, where letters are replaced with numbers or symbols, could manifest in usernames like j4n3, 5m1th, or j@n3_5m1th. Her passion for a particular book, movie, or band might inspire usernames like winteriscoming, potterheadjane, or smith_beatles_fan.

This is where Username Anarchy shines. It accounts for initials, common substitutions, and more, casting a wider net in your quest to uncover the target's username.

Installation:

sudo apt install ruby -y
git clone https://github.com/urbanadventurer/username-anarchy.git
cd username-anarchy

Next, execute it with the target's first and last names. This will generate possible username combinations.

./username-anarchy Jane Smith > jane_smith_usernames.txt

Custom Passwords - CUPP

With the username aspect addressed, the next formidable hurdle in a brute-force attack is the password. This is where CUPP (Common User Passwords Profiler) steps in, a tool designed to create highly personalized password wordlists that leverage the gathered intelligence about your target.

Let's continue our exploration with Jane Smith. We've already employed Username Anarchy to generate a list of potential usernames. Now, let's use CUPP to complement this with a targeted password list.

The efficacy of CUPP hinges on the quality and depth of the information you feed it. It's akin to a detective piecing together a suspect's profile - the more clues you have, the clearer the picture becomes. So, where can one gather this valuable intelligence for a target like Jane Smith?

Social Media: A goldmine of personal details: birthdays, pet names, favorite quotes, travel destinations, significant others, and more. Platforms like Facebook, Twitter, Instagram, and LinkedIn can reveal much information.
Company Websites: Jane's current or past employers' websites might list her name, position, and even her professional bio, offering insights into her work life.
Public Records: Depending on jurisdiction and privacy laws, public records might divulge details about Jane's address, family members, property ownership, or even past legal entanglements.
News Articles and Blogs: Has Jane been featured in any news articles or blog posts? These could shed light on her interests, achievements, or affiliations.

OSINT will be a goldmine of information for CUPP. Provide as much information as possible; CUPP's effectiveness hinges on the depth of your intelligence. For example, let's say you have put together this profile based on Jane Smith's Facebook postings.

Field

Details

Name

Jane Smith

Nickname

Janey

Birthdate

December 11, 1990

Relationship Status

In a relationship with Jim

Partner's Name

Jim (Nickname: Jimbo)

Partner's Birthdate

December 12, 1990

Pet

Spot

Company

AHI

Interests

Hackers, Pizza, Golf, Horses

Favorite Colors

Blue

CUPP will then take your inputs and create a comprehensive list of potential passwords:

Original and Capitalized: jane, Jane
Reversed Strings: enaj, enaJ
Birthdate Variations: jane1994, smith2708
Concatenations: janesmith, smithjane
Appending Special Characters: jane!, smith@
Appending Numbers: jane123, smith2024
Leetspeak Substitutions: j4n3, 5m1th
Combined Mutations: Jane1994!, smith2708@

Invoke CUPP in interactive mode, CUPP will guide you through a series of questions about your target, enter the following as prompted:

anonmak9@htb[/htb]$ cupp -i

___________
   cupp.py!                 # Common
      \                     # User
       \   ,__,             # Passwords
        \  (oo)____         # Profiler
           (__)    )\
              ||--|| *      [ Muris Kurgas | [email protected] ]
                            [ Mebus | https://github.com/Mebus/]


[+] Insert the information about the victim to make a dictionary
[+] If you don't know all the info, just hit enter when asked! ;)

> First Name: Jane
> Surname: Smith
> Nickname: Janey
> Birthdate (DDMMYYYY): 11121990


> Partners) name: Jim
> Partners) nickname: Jimbo
> Partners) birthdate (DDMMYYYY): 12121990


> Child's name:
> Child's nickname:
> Child's birthdate (DDMMYYYY):


> Pet's name: Spot
> Company name: AHI


> Do you want to add some key words about the victim? Y/[N]: y
> Please enter the words, separated by comma. [i.e. hacker,juice,black], spaces will be removed: hacker,blue
> Do you want to add special chars at the end of words? Y/[N]: y
> Do you want to add some random numbers at the end of words? Y/[N]:y
> Leet mode? (i.e. leet = 1337) Y/[N]: y

[+] Now making a dictionary...
[+] Sorting list and removing duplicates...
[+] Saving dictionary to jane.txt, counting 46790 words.
[+] Now load your pistolero with jane.txt and shoot! Good luck!

Once we have this dictionary now we can apply the password policy.

Minimum Length: 6 characters
Must Include:
- At least one uppercase letter
- At least one lowercase letter
- At least one number
- At least two special characters (from the set !@#$%^&*)

grep -E '^.{6,}$' jane.txt | grep -E '[A-Z]' | grep -E '[a-z]' | grep -E '[0-9]' | grep -E '([!@#$%^&*].*){2,}' > jane-filtered.txt

This command efficiently filters jane.txt to match the provided policy, from ~46000 passwords to a possible ~7900.

PreviousMedusa NextIntroduction

Last updated 1 year ago