CeWL Wordlists

CeWL is a custom wordlist generator written in ruby that spiders a given URL and returns a unique wordlist based on the content found.

Installation

Requirements

  • rubygems
  • mime-types
  • mini_exiftool
  • rubyzip
  • spider

These can be installed with the following command:

[root@kadi]# gem install rubygems mime-types mini_exiftool rubyzip spider

Once all of the prerequisites are installed, grab the repository from github:

[root@kadi]# git clone https://github.com/digininja/CeWL

Change into the directory to run the script

[root@kadi]# cd CeWL
[root@kadi CeWL]# ./cewl.rb

Usage

For basic usage, the script is pretty simple. If for example, we want to spider securewebsite.com and create a list of unique words we could do:

[root@kadi CeWL]# ./cewl.rb securewebsite.com

Creating Mutated Lists With John The Ripper

Requirements

  • john the ripper

We can create a list and mutate it to better suit password rules by utilizing the regex built into john by default.

If we saved the output of cewl using:

[root@kadi CeWL]# ./cewl.rb securewebsite.com > pass.txt

Then using john’s default configuration file, we can generate a mutated list with the following:

[root@kadi CeWL]# john --wordlist=pass.txt --rules --stdout > pass-mutated.txt

Example List Mutation

We will create a list with a single password in it. Then we will mutate it and look at the results.

[root@kadi CeWL]# echo "password" > password-list.txt
[root@kadi CeWL]# cat password-list.txt password
[root@kadi CeWL]# john --wordlist=password-list.txt --rules --stdout > password-mutated-list.txt
Using default input encoding: UTF-8
Press 'q' or Ctrl-C to abort, almost any other key for status
49p 0:00:00:00 100.00% (2020-06-19 16:30) 980.0p/s Passwording
[root@kadi CeWL]# cat password-mutated-list.txt
password
Password
passwords
password1
Password1
drowssap
1password
PASSWORD
password2
password!
password3
password7
password9
password5
password4
password8
password6
password0
password.
password?
psswrd
drowssaP
Drowssap
passworD
2password
4password
Password2
Password!
Password3
Password9
Password5
Password7
Password4
Password6
Password8
Password.
Password?
Password0
3password
7password
9password
5password
6password
8password
Passwords
passworded
passwording
Passworded
Passwording

References