20th July 2024

Creation of Wordlist with Crunch in Infiltration Tests

In this article, I will refer to how wordlists can be created in online and offline password cracking attacks. Crunch, a predetermined character or the cluster formed by you is a tool for creating a word list with specified length and character. Crunch, speed, and ease of use come to the fore.

Crunch Default Installation Path

The Crunch tool comes with Kali Linux. If you use it on different distributions, you can download it from the link below.


You can access the crunch on Kali Linux as follows.

$ cd /usr/share/crunch/
List Crunch Default Files
List Crunch Default Files

List Available Charsets

Here you can use charset.lst with the named file crunch Is a file defining the character group. For example; only numbers If used, numerics charseti given in this file should be used in this file. The contents of the Charset.lst file are as follows.

$ cat charset.lst
List Available Charsets
List Available Charsets

In this way, there are many defined character groups. This file is sufficient for you to define any character group you want and add it as a line. Let’s try to explain with an example.

Let’s create a wordlist named number.txt with a minimum of 2 digits and a maximum of 9 characters:

root@kali:/usr/share/crunch# crunch 2 9 -f charset.lst numeric -o rakam.txt


Our related world catalog has been created in our current directory. Here to give the value of the -f parameter charset, The -o parameter is used to specify the output file. You can create the same example as below.

$crunch 2 9 1234567890 -o rakam.txt


Below are some characters and tasks that can be used with the -t parameter to create a custom password in the crunch application.

`@` To print lowercase characters

LEARN MORE  What is MSF Incognito and How is it used?

,   To print upper case characters

% mark for use figures

^ is used to print special characters.

In the example to be given now, the wordlist will be created according to the following scenario:

  • The first four characters of the password 1881
  • Password is 10 characters
  • The last two characters of the password ka
  • The remaining part is composed of uppercase letters
  • The output will be printed to the experiment.txt file

The corresponding crunch command will look like this:

$ crunch 10 10 -t 1881,,,,ka -o deneme.txt
The corresponding crunch command will look like this
The corresponding crunch command will look like this

A portion of the output file we created is as follows:

root@kali:/usr/share/crunch# cat deneme.txt
A portion of the output file we created is as follows:
A portion of the output file we created is as follows:


Leave a Reply

Your email address will not be published. Required fields are marked *