To use a custom wordlist with Ncrack, you use specific flags depending on whether you are providing a list of usernames, passwords, or both.
Here is the breakdown of the commands:
1. Using a Custom Password List
If you have a specific list of passwords (e.g., mypasswords.txt), use the uppercase -P flag:
ncrack --user admin -P /home/labex/project/mypasswords.txt ssh://<target_ip>2. Using a Custom Username List
If you have a list of potential usernames (e.g., users.txt), use the uppercase -U flag:
ncrack -U /home/labex/project/users.txt -p 123456 ssh://<target_ip>3. Using Both Custom Lists
To test every username in your list against every password in your list:
ncrack -U users.txt -P passwords.txt telnet://<target_ip>4. Creating a Simple Custom Wordlist
If you want to create a quick custom list right now to practice, you can use the echo command:
echo "password123" > mylist.txt
echo "admin2024" >> mylist.txt
echo "secret" >> mylist.txtThen run Ncrack using that file:
ncrack -p mylist.txt ssh://<target_ip>(Note: lowercase -p is for a single password or a file if you don't use -P, but lowercase -p followed by a string is usually treated as a single password. It is best practice to use uppercase -P for files.)
Summary of Flags:
-u <user>: Single username-U <file>: File containing usernames-p <pass>: Single password-P <file>: File containing passwords
Important Tip: In Kali Linux, many default wordlists are stored in /usr/share/wordlists/. You can always point Ncrack to those files to use them.
Would you like to try running the apt update command from the next step of your lab now? This will make sure your container is ready to install Ncrack if it isn't already there
