Blog
May 21, 2023

Building wordlists with LastBit and Psudohash

Featured image for “Building wordlists with LastBit and Psudohash”

Sometimes, using wordlists from the internet, such as rockyou.txt, produces no more results when cracking or recovering passwords. Today, these wordlists are not as effective as they used to be. How humans still choose easy-to-remember passwords and reuse them hasn’t changed. Depending on the complexity of a password, brute forcing would take ages unless you made yourself a cracking rig. This is where making your own wordlist would come in handy.

Custom-made wordlists come in pretty handy for outdated wordlists like rockyou.txt. Although rockyou provides the most common passwords found on the internet, it does not offer the different variations of a single password. Tools such as ‘crunch‘ seem viable, but it does not mutate characters in the middle of a given password other than mix and match or append. So, I resorted to building a password variation generator in Python. You can look at the project here. It could be better, and it could use some more work, I’ll admit that. As plainly as the name sounds for that project of mine, the primary purpose was to automatically generate a wordlist full of mutations of a given password or password list. Writing all possibilities will take ages if a password is 25 characters long and requires a lot of brainpower.

After publishing my project, I searched the web to see if any other tools existed in the same way as my project. Fortunately, there were, and I came across two unique tools similar to my project. These tools are LastBit’s Password Variator and Psudohash. I chose these two because they provide password mutations, or in this case, “freak mutation,” instead of basic paddings before or after a password.

LastBit Password Variator

Created for Windows in 2004, this tool can generate as many possibilities of a given password(s). It is fast as lightning, and providing “password” in the textfield generated at least 48,947 variations in a fraction of a second. The file size was sitting at 528 kilobytes!

Providing a 50-character password produced 11,400,657 possible variations, with the file size at 575 megabytes within 8 seconds. Again, that is fast! Around 8% percent of my CPU was used during this process.

The drawback of this software, it does not let us import a wordlist. However, we can copy and paste passwords in the provided text field. The longer the password, the longer it will take to generate the variations and the larger the file size. This will also depend on the options selected for both the “Case mode” and “Variation level.”

PSUDOHASH

Psudohash, written in Python, is an advanced version of my project. In fact, it is precisely what I had envisioned at first, and it takes uniqueness into account, something I failed to do. Psudohash provides many options, such as before, after, and custom common padding, years, and appending numbers.

The usage is pretty simple: $> python psudohash.py -w password

Be careful using this tool if you have a 50-character-long password, as it will generate terabytes, or possibly petabytes, on the output file.

The before (-cpb) and after (-cpa) common padding are neat features that psudohash provides. Unfortunately, the help menu and the GitHub page do not explicitly say that you can combine both simultaneously. However, it lets you create your own padding by adding -cpo, but it must either use before or after parameters.

Combining the two

If you have enough storage at your disposal, you could combine the two to create a strong and ‘smart’ wordlist for your password-cracking needs. There is no guarantee that Hashcat will crack your hashed password immediately, and it will depend on how you use the tools.

Conclusion

While many tools are available to generate a wordlist, these two were within my taste regarding password cracking. When appending alphanumeric and special characters fail before or after, or even switching around words of a given password, you might want to try and mutate the characters from the inside. I cannot recommend what tool is best when it comes to building your own wordlist. Each tool is different, and it will depend on your needs. If you feel like Crunch is suitable for you to create a basic wordlist, then by all means, go for it. If you want a strong wordlist with as many variations as possible, then either of the two mentioned in this article will work fine.

Update 09/26/2024: My tool has since been updated to generate a more robust mutation list, using efficient methods to reduce duplicate entries without over-complicating the process. The previous statement about the tool needing more work is not outdated.

Post Views: 203