Feature request: list of complex passwords

[akudiurov]

Lots of apps have requirements for passwords to be "complex" and contain upper-, lowercase, special character and to be at least 8-10 chars long. So brute forcing any of them with passwords that won't satisfy those requirements is pointless (until we are targeting old account with unchanged passwords in apps that didn't require users to change them)
So I thought it would be a good idea to create a list of complex passwords for that purpose.

• at least, that could be done by searching those passwords inside present common lists
• the best option will be to search leaked DBs for complex passwords since they won't appear in most "top" list because they probably are less common than 1-10 million others.

[g0tmi1k]

A VERY dirty way of doing it:

cat infile | grep '[a-z]' | grep '[A-Z]' | grep '[0-9]' | grep '.\{8\}' | grep "[][\§\±\!\@\£\$\%\^\&\*\(\)\_\+\=\#\€\{\}\;\:\'\"\\\|\/\?\.\,\<\>\`\~\-]"

[g0tmi1k]

$ tar -zxvf Passwords/Leaked-Databases/rockyou.txt.tar.gz -C Passwords/Leaked-Databases/
$ rm Passwords/Leaked-Databases/*-with*.txt
$ cat Passwords/Leaked-Databases/*.txt | grep '[a-z]' | grep '[A-Z]' | grep '[0-9]' | grep '.\{8\}' | grep "[][\§\±\!\@\£\$\%\^\&\*\(\)\_\+\=\#\€\{\}\;\:\'\"\\\|\/\?\.\,\<\>\`\~\-]" | sort | uniq > output
$
$ wc -l output; ls -lah output
68456 output
-rw-r--r-- 1 <REMOVE> <REMOVE> 855K May  8 12:13 output
$

[g0tmi1k]

Any feedback @akudiurov?

[GTP95]

If you wish to generate such a list you should have a look at crunch: https://sourceforge.net/projects/crunch-wordlist

[ItsIgnacioPortal]

Such a wordlist seems highly specialized. Anyone who needs something like this should generate it themselves.

[deeznuts393]

could someone help me with a couple bugs email me [email protected]