OSCP Notes

Generating a custom password list

  1. 1.
    cewl method
cewl -d 7 -m 8 --with-numbers -w cewl.out http://URL
  • -d (depth) - how deep you want it to crawl
  • --with-numbers - you need this flag if you want the cewl to generate password with numbers.
2. hashcat
hashcat --force password_list -r /usr/share/hashcat/rules/best64_rule --stdout > hashcat_words
  • generate the password_list using keywords you found on a web or somewhere else during enum.
  • there are many other rules under rules folder other than the best64 rule.
Adding other rules
  1. 1.
    create a document with the following content
:$ #do nothing rule in hashcat (so that it will leave out the original phrases alone)
$!$ #this adds an exclamation point at the end of every word
hashcat --force passowrdlist -r append_exclamation.rule -r /usr/share/hashcat/rules/best64.rule --stdout >
  • you can have more than 1 rules.