.

Wordlist for partial Social Nums

<<

hoytj

Newbie
Newbie

Posts: 3

Joined: Wed Jun 03, 2009 8:13 am

Post Wed Jun 03, 2009 8:26 am

Wordlist for partial Social Nums

I'm looking for some advice on creating a wordlist of the last four or five of social num combinations. 

So I need to create a wordlist of possible permutations for the last five digits of a social numbs. 

Has anyone used such a list, or do you have any advice on generating a list like this?

Thanks,
John
<<

hayabusa

User avatar

Hero Member
Hero Member

Posts: 1662

Joined: Mon Jan 29, 2007 2:59 pm

Post Wed Jun 03, 2009 12:29 pm

Re: Wordlist for partial Social Nums

I'd think it wouldn't be that difficult.  Script to start at 0 and add 1, echoing to a file, until you hit 99,999.  Each time, check value, and if below 10, 100, 1000, 10000, prepend missing 0's.  I don't have time to write such, right now, but wouldn't think it too hard.

HTH
~ hayabusa ~ 

"All men can see these tactics whereby I conquer, but what none can see is the strategy out of which victory is evolved." - Sun Tzu, 'The Art of War'


OSCE, OSCP , GPEN, C|EH
<<

hoytj

Newbie
Newbie

Posts: 3

Joined: Wed Jun 03, 2009 8:13 am

Post Wed Jun 03, 2009 3:06 pm

Re: Wordlist for partial Social Nums

I think that I came up with a good solution.

I modified the PHP code from fakenamegenerator.com's SSN generator to output a large list of SSNs of only five characters.

The PHP class is here:
http://www.phpclasses.org/browse/packag ... l#download

John
<<

former33t

Full Member
Full Member

Posts: 226

Joined: Sat Feb 14, 2009 12:33 am

Post Wed Jun 03, 2009 3:56 pm

Re: Wordlist for partial Social Nums

I take it you are attacking an organization where you expect this type of password to be in use?

When pen testing an organization, I try to find the company's new employee security orientation and get the examples of what a strong password looks like.  Then I generate some permutations of those and go to town.  Amazing how many people use them even though it specifically says not to in the documentation.
Certifications: CREA, MCSE: Security, CCNA, Security+, other junk

Return to Network Pen Testing

Who is online

Users browsing this forum: No registered users and 1 guest

cron
.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software