Creating a high-quality FTP password wordlist requires balancing breadth (covering common defaults) with depth (target-specific patterns). A high-quality list focuses on the most probable credentials to maximize success while minimizing the time spent on brute-force attacks. 1. High-Quality Foundation Wordlists
Industry-standard lists are the best starting point. They are curated from actual data breaches and default vendor configurations.
SecLists (The Industry Standard): This is the most comprehensive collection of lists for security professionals.
Default FTP Credentials: The ftp-betterdefaultpasslist.txt is essential for catching common vendor defaults like admin:admin or root:password.
Generic Defaults: For broader coverage, use the general default-passwords.txt which covers a wide range of services.
Probable Wordlists: For lists sorted by popularity rather than alphabetically, Probable-Wordlists provides massive, deduplicated collections (over 80 GB) derived from hundreds of real-world breach files.
RockYou.txt: Commonly discussed on forums like Reddit's OSCP community, this list remains a staple for testing common human-generated passwords.
Openwall Collections: Openwall hosts historical and processed wordlists that are highly effective for password recovery. 2. Specialized Wordlist Collections ftp password wordlist high quality
Sometimes a general list is too large. Specialized repositories offer targeted "lite" versions:
kkrypt0nn Wordlists: This GitHub repository offers a categorized collection of most-used passwords, ranging from 100 to nearly 1 million lines, including specialized Unix and medical device default lists.
Targeted Common Lists: Researchers often compile the "top" offenders. For example, lists like the "Top 20 Admin Passwords" often include entries like 123456, admin123, and demo. 3. Techniques for Creating Custom Lists
For high-security environments, generic lists may fail. You must generate target-specific words.
Web Scraping (CeWL): Use CeWL to spider a target company's website. It extracts unique words that employees might use as a basis for their passwords (e.g., product names, department names).
Permutations (Crunch): Once you have a base list, tools like Crunch can generate combinations. For example, if a company is named "TechCorp," you can use Crunch to create variations like TechCorp2024!, T3chC0rp#, etc. 4. Characteristics of Quality Lists
A "high-quality" list isn't just large; it's smart. High-success lists typically prioritize: Maintaining Your Wordlist: The "Quality Fade" Problem A
Length Patterns: Statistics show 6 and 8-character passwords are the most common in FTP attacks.
Character Diversity: While 12+ characters are recommended by Microsoft, many FTP accounts still use simple lower-case and number combinations.
Frequency Sorting: Always use a list that places the most common passwords at the top to save time. 5. Implementation Tools
To use these wordlists effectively, you need a high-speed engine:
THC Hydra: The most popular tool for online FTP brute-forcing.
Hashcat: If you have captured an FTP hash (rare but possible in some legacy configurations), Hashcat's GPU acceleration can test billions of passwords per second.
John the Ripper: A versatile, methodical cracker that uses rule-based variations to mimic human password-creation habits. The company name (e.g.
This list combines:
ftp, anonymous, upload, backup)A high-quality wordlist today is mediocre in six months. Passwords decay. You must implement a Maintenance Cycle:
Fall2024, remove Winter2020).cewl on the target’s new website content.Many servers allow anonymous but check variation:
anonymous:anonymous
anonymous:password
anonymous:guest
ftp:ftp@example.com
Ncrack is specifically optimized for FTP credential cycling. It handles login delays better than Hydra.
ncrack --user admin -P ftp_highvalue.txt -p 21:target.com --rate=2
Even the best wordlist is useless without the right delivery mechanism. These tools optimize your high-quality wordlist for FTP:
Generic lists fail. A custom wordlist based on the target company succeeds. This includes:
AcmeCorp, acme123).Lakers2024, PackersGo).