In this recipe, we will examine dictionary or wordlist attacks. A dictionary attack uses a predetermined set of passwords and attempts to brute-force a password match for a given user against the wordlist. There are three types of dictionary lists that are generally generated:
Username Only: Lists that contain generated usernames only
Password Only: Lists that contain generated passwords only
Username and Password Lists: Lists that contain both generated usernames and passwords
For our demonstration purposes, we will utilize Crunch to generate our very own password dictionary.
The good thing about Kali Linux, unlike BackTrack, is that Kali already includes Crunch.