Last active
June 24, 2024 18:04
-
-
Save n3rada/b5c8c3303cb831b3a0c670e96a05e3db to your computer and use it in GitHub Desktop.
A shell script for generating a password wordlist with a predetermined password inserted at a random position
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# Usage explanation if insufficient parameters are provided | |
if [[ -z "$1" ]]; then | |
echo "[x] Usage: $0 <password> [wordlist length]" | |
exit 1 | |
fi | |
# The correct password is taken from the first argument | |
PASSWORD="$1" | |
# The wordlist length is taken from the second argument or defaults to 100 | |
WORDLIST_LENGTH="${2:-100}" | |
# Check if wordlist length is a number and greater than 0 | |
if ! [[ "$WORDLIST_LENGTH" =~ ^[0-9]+$ ]] || [[ "$WORDLIST_LENGTH" -lt 1 ]]; then | |
echo "[x] The wordlist length must be a positive integer greater than zero." | |
exit 1 | |
fi | |
# Get the length of the correct password | |
PASSWORD_LENGTH="${#PASSWORD}" | |
echo "[*] Analyzing password..." | |
# Determine the composition of the correct password | |
CONTAINS_SPECIAL=$(echo "$PASSWORD" | grep -qE '[^a-zA-Z0-9]' && echo "Yes" || echo "No") | |
CONTAINS_DIGITS=$(echo "$PASSWORD" | grep -qE '[0-9]' && echo "Yes" || echo "No") | |
CONTAINS_UPPER=$(echo "$PASSWORD" | grep -qE '[A-Z]' && echo "Yes" || echo "No") | |
CONTAINS_LOWER=$(echo "$PASSWORD" | grep -qE '[a-z]' && echo "Yes" || echo "No") | |
# Output composition | |
echo "[+] Password Length: $PASSWORD_LENGTH" | |
echo "[+] Contains Special Characters: $CONTAINS_SPECIAL" | |
echo "[+] Contains Digits: $CONTAINS_DIGITS" | |
echo "[+] Contains Upper Case: $CONTAINS_UPPER" | |
echo "[+] Contains Lower Case: $CONTAINS_LOWER" | |
generate_password() { | |
local generated_password="" | |
local char_pool="" | |
[[ "$CONTAINS_UPPER" == "Yes" ]] && char_pool+="A-Z" | |
[[ "$CONTAINS_LOWER" == "Yes" ]] && char_pool+="a-z" | |
[[ "$CONTAINS_DIGITS" == "Yes" ]] && char_pool+="0-9" | |
[[ "$CONTAINS_SPECIAL" == "Yes" ]] && char_pool+="!@#$%^&*()_+-=[]{}|;:,.<>?" | |
# If no specific characters were found, default to a broad range | |
[[ -z "$char_pool" ]] && char_pool="A-Za-z0-9" | |
while [[ "${#generated_password}" -lt "$PASSWORD_LENGTH" ]] | |
do | |
generated_password+=$(tr -dc "$char_pool" </dev/urandom | head -c 1) | |
done | |
echo "$generated_password" | |
} | |
# Generate random position within the last 50% of the wordlist using /dev/urandom | |
START_POS=$(( WORDLIST_LENGTH / 2 + 1 )) | |
POSITION=$(od -An -N2 -tu2 /dev/urandom | awk -v start="$START_POS" -v len="$WORDLIST_LENGTH" '{print int($1 % (len - start + 1) + start)}') | |
echo "[+] True password will be placed at position $POSITION" | |
# Output file | |
OUTPUT_FILE="input.txt" | |
# Ensure the output file is empty | |
> "$OUTPUT_FILE" | |
# Generate random passwords and insert the correct password at a random position | |
echo "[*] Generating wordlist of length $WORDLIST_LENGTH..." | |
for i in $(seq 1 $WORDLIST_LENGTH); do | |
if [[ "$i" -eq "$POSITION" ]]; then | |
# Insert the correct password at the designated position | |
echo "$PASSWORD" >> "$OUTPUT_FILE" | |
else | |
# Generate a random string mimicking the password composition and write to the output file | |
generate_password >> "$OUTPUT_FILE" | |
fi | |
done | |
echo "[+] Wordlist created with the correct password at position $POSITION." |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
curl -s https://gist.githubusercontent.com/n3rada/b5c8c3303cb831b3a0c670e96a05e3db/raw/33c14439486ec6d2a5b71f05341a57e3b2777359/bruteforce.sh | bash -s -- B669TgHcmL7w8j 100