Crushing Passwords With Crunch

Disclaimer: Use it with caution!

Well, that’s not a nice way to start an article. I didn’t put the disclaimer because it’s bad but powerful. Crunch is a word list generator, it could generate word lists or call it a bunch of strings spanning from megabytes to crashing your computer!

Crunch in action

As you can see from the above image, Crunch is going to generate around 24.5 MB data, ready to break your system?

Now you see me!

General Usage

crunch <min-length> <max-length> [<charset string>] [options]

Manipulating The Crunch

  • Creating not so lame password

The highlighted one looks pretty interesting to me, you can choose whatever you want.

  • Creating your favourite pattern

Here ‘@‘ inserts lower case symbols, ‘,‘ inserts upper case symbols, ‘%’ inserts numbers and ‘^‘ inserts symbols. And an important thing to note while using ‘-t’ flag is that you have to provide same number of minimum and maximum length. You can form your own pattern of your choice along with the combination of letters and numbers.

  • Permutation

Here ‘-p‘ tells crunch to generate words that don’t have repeating characters. As a result you can get words aligned in various orders.

  • Reading data from a file

Let’s create a file called lol.txt and add the following content.

Now lets run crunch with ‘-q‘flag, it tells crunch to read lol.txt and permute what is read. You can see the result in the following.

You can use this to permutate passwords using the combination of words, numbers and special characters.

  • Storing the output

Using ‘-o‘ flag you can save your output to a file. You can also do that with ‘>‘ output redirection.

To learn more about crunch use the man page.

That’s it for today, play around crunch with different combinations and use it for your benefit while brute forcing. Comment below how many seconds did you take to crack your Wifi password.

Leave a Comment