Gen2k – Automated Wordlist Generator

So, I’ve decided to brush up on my python skills and make something useful.

Enter: Gen2k

gen2k

What is it?

It’s an automated word list generator.

What is a word list?

Word list is like a list of possible passwords that you can use to crack hashes with, perform brute force attacks on various protocols & may be used for just about any cracking in general.

Why would I need an automated word list generator?

Well, actually you don’t need to generate your own as there are already some pretty good word lists floating around on the web. But there are times when you would want a personalized word list to fine tune your attacks; especially if you know the target well. In such cases automated word list generators may come in handy as it allows you to make educated guesses regarding what the password might be rather than just brute forcing with totally random, irrelevant word list.

How is it different?

Gen2k is still in beta, but works flawlessly as of now. It’s not your typical word list generator, and doesn’t intend to be one. There are already good ones out there like Crunch, etc.

Gen2k aims to be a smart word list generator, it takes sample words as input. Sample words can be anything that you know about the target, from area, date of birth to names & special events, etc. Once a list of all those known words have been supplied to Gen2k, it automatically, based on the options set..determines the best possible way to make a word list out of those. As many of you know, people tend to use birth year, specific dates, random numbers, custom words attached to simple words in order to make their passwords more complex. Gen2k aims to exploit those types of weaknesses along with conversion of words to upper & lower cases to make your word list completely personalized & appropriate for the situation.

It has most of the features that I thought of implementing when I started working on it and obviously it can be improved further. It’s written completely in Python. It’s fast, light weight & doesn’t have any external dependencies.

What are it’s features?

* Generates password combinations by combining supplied words.
* Mixes frequently used number patterns with words.
* Generates password combinations using year/date combo.
* Mixes custom user defined value(s) combination with words.
* Option to auto convert words to upper/lowercase & capitalisation.
* WPA/WPA2 password validation check.
* No external dependencies.

So what does it look like?

gen2k

The list can get very large indeed, so make sure you choose the options wisely.

Where can I get it?

Gen2k-git

Want more features? Found a serious bug that needs fixed? Need more updates?

Feel free to comment below & let me know! 🙂

Linux security guide Part-1

Hi guys, I’ve decided to write up a brief series of article on how you can monitor your Linux box and check whether it has been compromised. This guide will be brief, straight to the point and geared towards beginner Linux users. It will also state some of the best practices and some good prevention methods that can be used to reduce the security risk of your Linux box.

Note:  This guide will be generic and applicable to all Linux distros. I will not bother going into the details on how you can install a particular utility for your distro since there are probably a thousand distros out there. Also the commands that are meant to be executed in terminal are written in bold letters and enclosed in quotes.

First of all security is a pretty broad term, and there’s many aspects of it…so it’s not practical enough for me to cover everything in a single guide. Thus I’ll just focus on the important parts and assume that you are at-least comfortable with the command-line and know the basics of Linux. So, let’s get started.

Network:

So first of all we need to monitor our network since from a security perspective, it’s the first thing that comes to mind when we think about a computer connected to the Internet. We have several command-line utilities that can be used, I’ll just stick to some of my favorites for now.

1) Closing unused services/ports and scanning with Nmap

Nmap is an excellent tool to scan our own computer. We can see what ports and services are open, and whether there are any back-doors listening for remote connections. Install nmap from your package manager, and keep reading.

We can do a basic scan on our own computer by typing the following commands below.

To scan for open ports type: “sudo nmap -sS -p 1-65535 -v localhost

To scan for services running on open ports, type: “sudo  nmap -A -p 1-65535 -v localhost

The commands above scans for open ports and services, you should see something like this:

Note that in my case there are two open ports: 631 and 10,000.

The service ipp is “Internet Printing Protocol” which is used for printing related tasks; I can leave that open since occasionally I do use a printer, etc.

As for port 10,000 it’s a firewall (Shorewall Firewall) running with a front-end called “Web-min”. Webmin and shorewall firewall are great combination that may be you should check out, but for now we’ll just skip that part.

Once you’re done with the scan, you may find a lot of services like cups, avahi-daemon, etc. running on your system. There’s no need to start panicking right now, since some of them are usually installed by default on distros like Ubuntu. If you’re not using a particular service, I would definitely recommend that you remove it since it may pose a security risk in the future.

Consult your distro’s documentation or do a quick search on Google to find out how you can add/remove services specific to your distro. Again for knowing what a particular service is related to and whether you should consider removing it, Google is your best friend.

Let me give an example related to  Sabayon Linux (Gentoo based distro):

To remove a service: “rc-update del <service name> default

To add a new service: “rc-update add <service name> default

For example if you want to remove avahi-daemon, you can type: “rc-update del avahi-daemon default

Also in case you want to directly add/remove a particular service you can do something like this:

# Command below lists the scripts/services that are available, not necessarily active

ls /etc/init.d/

# The command below stops a particular service – cupsd

/etc/init.d/cupsd stop

Note that the “stop” keyword stops the service you can also use other keywords like “status” or “start” to check the status and start the service respectively.

Obviously I expect you to have root level priviledges to successfully carry out the commands.

Closing unused services and open-ports can dramatically reduce the security risk of your Linux box. The more services and open ports you have running, the greater the risk of a security breach.

This concludes the tutorial for today, and I have decided to write the entire guide in parts since I don’t have the time to write everything in a day. If this guide interests you then consider subscribing to my blog through rss or email, which ever is convenient. The next part will focus on network (we still have a lot to talk about) and I’ll discuss other network monitoring tools, so see you soon!