Comprehensive Guide on Pydictor – A wordlist Generating Tool

at 8:48 AM Tuesday, November 27, 2018

In this article we will explore another dictionary building tool “Pydictor”. These tools are always fun to work with, this is another robust tool perfect for generating custom dictionaries. The thing that stands out most about this tool is the customization options it offers, from the most common to the advance.
Table of Content
§  What is Pydictor
§  Installation
§  Numeric Dictionary
§  Lower Case Alphabet Dictionary
§  Upper Case Alphabet Dictionary
§  Numeral Coupled With Upper Case Alphabet
§  Upper Case Coupled With Lower Case Alphabet               
§  Numeral Coupled With Lower Case Alphabet
§  Combining Upper Case, Lower Case and Numeral
§  Adding Static Head
§  Adding Static Tail
§  Encoding
§  Character Permutation
§  Multiple Character Group Permutation
§  Social Engineering Dictionary
§  Customizing the Social Engineering Dictionary
§  Manipulating Dictionary Complexity Filter
§  Using Plugin
§  Leet Function

What is Pydictor
Pydictor is one of those tools that both novices and pro can appreciate. It is a dictionary building tool that is great to have in your arsenal when dealing with password strength tests. The tool offers a plethora of features which can be used to create that perfect dictionary for pretty much any kind of testing situation.
Installation
Let’s get cracking, the first thing we do is download Pydictor from GitHub and run it using Python. The moment the tool is executed, the running commands are visible to see other optional arguments.
git clone https://github.com/LandGrey/pydictor.git
cd pydictor
python pydictor.py
-base                     [type]
-base Type            Choose from  (d, L, c, dL, dc, Lc, dLc)
                            d     digital                [0 - 9]
                            L     lowercase letters          [a - z]
                            c     capital letters                  [A - Z]
                            dL    Mix d and L                    [0-9 a-z]
                            dc    Mix d and c                    [0-9 A-Z]
                            Lc    Mix L and c                      [a-z A-Z]
                            dLc   Mix d, L and dL            [0-9 a-z A-Z]
-char                      [custom_char]
-chunk                  [chunk1] [chunk2] ...
-extend                [string_or_file]
-plug                     [pid6,ftp,pid8,birthday,pid4,scratch]
-plug arg [arg ...]   birthday  [begin_date] [end_date], date format: [YYYYMMDD]
ftp                                          [keyword1] [keyword2] ...
pid4                                       chinese id card last 4 digit
pid6                                       chinese id card last 6 digit
pid8                                       chinese id card last 8 digit
scratch                                  [url_or_file]
--conf                    [expression_or_file]
-o,--output         [directory]
-tool                      [handler,hybrider,uniqifer,uniqbiner,shredder,comparer,counter,combiner]
--len                      [minlen] [maxlen]
--head                  [prefix_string]
--tail                      [suffix_string]
--encode             [none,sha1,sha512,b64,url,md516,des,rsa,b32,b16,test,sha256,execjs,hmac,md5]
--occur                  [letter] [digital] [special]
--types                 [letter] [digital] [special]
--regex                 [regex]
--level                   [code]
--leet                    [code]




Numeric Dictionary
We are beginning by exploring the option to create a numeric or as described by the tool, digital, dictionary. Let’s start by keeping it simple, only 5 characters long and limited to 0 – 5. We will be using the “—base” option to accomplish this.
The output is saved by default but in this case we will be saving it to “dict.txt”. The storage location will always appear after each execution. The “cat” command is used to view the output in the terminal.
python pydictor.py --len 5 5 -base d -o dict.txt



Alphabet Dictionary
We will be making a dictionary which only holds lower case alphabets, the length of the words will remain to 5 characters.
python pydictor.py --len 5 5 -base L



Upper Case Alphabet Dictionary
We will now generate a dictionary with all the same metrics as earlier with the exception of changing the base option to upper case alphabets.
The result is visible to see.
python pydictor.py --len 5 5 -base c



Numeric Coupled With Upper Case Alphabet
The base options in Pydictor can be used in conjunction with each other, in this instance we will be coupling numeric (d) and upper case alphabets (c). Let’s see what kind of output we get.
python pydictor.py --len 5 5 -base dc



Upper Case Coupled With Lower Case Alphabet
This time it’s going to be both upper and lower case alphabets together.
python pydictor.py --len 5 5 -base Lc


Numeral Coupled With Lower Case Alphabet
Let’s see what we get when we couple numerals with lower case alphabets.
python pydictor.py --len 5 5 -base dL
 


Combining Upper Case, lower Case and Numeral
Now let’s combine all the 3 options that we’ve been playing. We will now combine upper case, lower case and numeral. To keep the output moving quicker we will limit the word length to 3 characters.
python pydictor.py --len 3 3 -base dLc


Adding Static Head
We will now be adding a static head to all the words, note that the head is in addition to the 5 character length that is set. In this instance we will be adding “raj” as a static head in front of all the numerals.
python pydictor.py --len 5 5 --head raj -base d


Adding Static Tail
We will now be adding a static tail to all the words, note that as mentioned in the instance above, the tail is in addition to the 5 character length that is set. In this instance we will be adding “raj” as a static tail at the end of all the numerals.
python pydictor.py --len 5 5 --tail raj -base d


Encoding
Pydictor has an encode function that we can use to encode the words in the dictionary.
It gives us the option to choose from popular encoding algorithms such as Base64, DES, AES, MD5, SHA256, etc. In this instance we will be using Base64 as our algorithm of choice to encode numerals.
In the interest of thoroughness, we will first generate the numerals without encoding and then with encoding.
python pydictor.py --len 5 5 –base d


Now we see what the Base64 encoded output looks like
python pydictor.py --len 5 5 -base d --encode b64



Character Permutation
We can use a permutation of a single word, Pydictor lets us choose a word and churn out as many permutations of it as possible.
python pydictor.py -char raj



Multiple Character Group Permutation
We’ll take Pydictor’s permutation prowess one step further by using the “-chunk” option.
This time we will be giving it multiple group of characters which it will take and churn out as many permutations as possible. It begins in a subtle way by just manipulating one word and then gradually moves on to the others. Notice the progression in the screenshot below.
python pydictor.py -chunk abc ABC 666 . _ @ "'



Social Engineering Dictionary
Pydictor comes with an inbuilt social engineering dictionary builder that lets testers input information from profiling an individual to get a custom tailored dictionary. We run the “help desc” within the social engineering dictionary builder option to see the various defaults it has to offer.
python pydictor.py --sedb



Customizing the Social Engineering Dictionary
show option” is used within the social engineering dictionary builder to set the various vectors from profiling a target to generate a target specific dictionary. In this instance we will only be inputting the name, birth date, and email and phone number. The vectors are set using the “set” command.



Let’s see what our social engineering dictionary output looks like.



Manipulating Dictionary Complexity Filter
We will be doing two things in this instance, we will be extending a dictionary based on a rule and separating words filtered according to complexity level. The complexity level is set to 3 by default, we will take it up a notch by setting it to 4. The character length is set to a minimum of 1 and a maximum of 6.
We view the latter part of the output.
python pydictor.py -extend raj --level 4 --len 1 6



Using Plugin
Pydictor has plugins built into it by default, we will be suing a plugin that bases its generation on the last 6 digits of a Chinese resident ID card number. We will filter it using the “-occur” function. The occur option lets us defines with the following; letter, numeral and special character, in that order. We will only be looking for results that have numerals occurring 4 times or more in a single string.
python pydictor.py -plug pid6 --types ">=0" ">=4" ">=0"



Leet Function
The leet function can selectively substitute numerals or special characters in the place of alphabets to illustrate; leet turns to L331. We will be using the leet function in conjunction with the occur option and extend function.
This is a more complex ask that we have made from Pydictor than our earlier instances, let’s see what our output looks like.
python pydictor.py -extend /names.txt --leet 0 1 2 11 21 --len 4 16 --occur "<=10" ">0" "<=2"



We hope you enjoyed our little walkthrough of Pydictor. As mentioned earlier, dictionary generators are always a handy thing to have in your arsenal of pentesting tools. This tool is gives the user a lot of advance options which can a bit overwhelming unless the user has a very clear picture of what they want out of this tool.
Don’t be afraid of taking Pydictor for a spin and see what more you can derive out of it.
Stay tuned for more articles on the latest and greatest in hacking.

Labels:

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)