├── .idea
    ├── .gitignore
    ├── modules.xml
    ├── super-password-dict.iml
    └── vcs.xml
├── README.md
├── go.mod
├── go.sum
├── img1.png
└── main.go


/.idea/.gitignore:
--------------------------------------------------------------------------------
1 | # Default ignored files
2 | /shelf/
3 | /workspace.xml
4 | # Editor-based HTTP Client requests
5 | /httpRequests/
6 | # Datasource local storage ignored files
7 | /dataSources/
8 | /dataSources.local.xml
9 | 


--------------------------------------------------------------------------------
/.idea/modules.xml:
--------------------------------------------------------------------------------
1 | <?xml version="1.0" encoding="UTF-8"?>
2 | <project version="4">
3 |   <component name="ProjectModuleManager">
4 |     <modules>
5 |       <module fileurl="file://$PROJECT_DIR$/.idea/super-password-dict.iml" filepath="$PROJECT_DIR$/.idea/super-password-dict.iml" />
6 |     </modules>
7 |   </component>
8 | </project>


--------------------------------------------------------------------------------
/.idea/super-password-dict.iml:
--------------------------------------------------------------------------------
1 | <?xml version="1.0" encoding="UTF-8"?>
2 | <module type="WEB_MODULE" version="4">
3 |   <component name="Go" enabled="true" />
4 |   <component name="NewModuleRootManager">
5 |     <content url="file://$MODULE_DIR$" />
6 |     <orderEntry type="inheritedJdk" />
7 |     <orderEntry type="sourceFolder" forTests="false" />
8 |   </component>
9 | </module>


--------------------------------------------------------------------------------
/.idea/vcs.xml:
--------------------------------------------------------------------------------
1 | <?xml version="1.0" encoding="UTF-8"?>
2 | <project version="4">
3 |   <component name="VcsDirectoryMappings">
4 |     <mapping directory="" vcs="Git" />
5 |   </component>
6 | </project>


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
  1 | # Super-Password-Dict 毒液超级密码字典
  2 | **郑重声明：文中所涉及的技术、思路和工具仅供以安全为目的的学习交流使用，<u>任何人不得将其用于非法用途以及盈利等目的，否则后果自行承担</u>** 。
  3 | <p align="center"><a href="https://opensource.org/licenses/MIT"><img src="https://img.shields.io/badge/license-MIT-_red.svg"></a><a href="https://github.com/z-bool/super-password-dict"><img  src="https://goreportcard.com/badge/github.com/projectdiscovery/httpx"></a></p>
  4 | 
  5 | <p align="center"><a href="#install">模块打包</a> · <a href="#tall">使用说明</a> · <a href="#notice">字典规则</a> · <a href="#communicate">技术交流</a></p>
  6 | 
  7 | <div id="install"></div>
  8 | <h3>模块打包</h3>
  9 | ```bash
 10 | go mod tidy # 安装依赖库
 11 | go build .
 12 | ```
 13 | 如果没有二开或自行打包需要的，可以直接从release下载打包好的文件即可
 14 | <div id= "tall"></div>
 15 | <h3>使用说明</h3>
 16 | 此项目的开发初衷是在渗透测试过程中没有突破点时，可以根据信息收集下的密码生成字典来进行登录爆破，寻找新的突破口。这里是通过命令行输入生成所需要的参数来生成一个全面的字典。
 17 | <p>这里我们来看一下参数，这里我们看看图：</p>
 18 | <div><img src="img1.png"></div>
 19 | <ul>
 20 | <li>职员姓名中文全称,如:王小明(比较少见) 【陈小海】     (中文名字+弱口令爆破)</li>
 21 | <li>公司花名,如:adai 【adai】     (小大写随便因为处理时候只有小写)</li>
 22 | <li>职员姓(首字母大写),如:Wang 【Chen】     (要求姓首字母是大写，后续小写处理代码处理)</li>
 23 | <li>驼峰命名法的名,如:XiaoMing 【XiaoHai】    (要求驼峰格式，下面名后面的小写因为代码不能区分断词断在何处)</li>
 24 | <li>名首字母大写,如:Xiaoming 【Xiaohai】     (要求名首字母大写，其余小写即可)</li>
 25 | <li>名首字母,如:xm 【xh】          (要求名的缩写，大小写不限制)</li>
 26 | <li>公司名拼音,如qiangshengkeji/qiangshen(强盛科技) 【tianrongxin】    (大小写不限制，如果公司名的拼音与根域名去掉.com这样的后缀一样的话，这个留空免得生成重复)</li>
 27 | <li>公司名简拼,如qs(强盛科技) 【trx】       (公司名简拼, 大小写随意，此处代码没做处理，自己视情况而定)</li>
 28 | <li>公司主域名,如baidu.com 【tsrc.com】     (输入一级域名即根域即可)</li>
 29 | </ul>
 30 | <div id="notice"></div>
 31 | <h3>字典规则</h3>
 32 | <ul>
 33 | <li>姓名全拼(小写) + 弱口令</li>
 34 | <li>姓名全拼(小写) + "@/#" + 弱口令</li>
 35 | <li>姓名全拼(小写) + 域名 ( + "!#." )</li>
 36 | <li>姓名全拼(小写) + "@/#" + 域名 ( + 弱口令 +"!#." )</li>
 37 | <li>姓名全拼(小写) + 域名前缀 ( + 弱口令 + "!#." )</li>
 38 | <li>姓名全拼(小写) + "@/#" + 域名前缀 ( + 弱口令 + "!#." )</li>
 39 | <li>姓名全拼(小写) + 公司全拼(小写) +  ( + 弱口令+ "!#." )</li>
 40 | <li>姓名全拼(小写) + "@/#" + 公司全拼(小写) ( + 弱口令+ "!#." )</li>
 41 | <li>姓名全拼(小写) + 公司简拼(用户决定) ( + 弱口令+ "!#." )</li>
 42 | <li>姓名全拼(小写) + "@/#"+ 公司简拼(用户决定) ( + 弱口令 + "!#." )</li>
 43 | <li>姓全称(首字母大写) + 名缩写(大小写各一次) + 弱口令</li>
 44 | <li>姓全称(首字母大写) + "@/#" + 名缩写(大小写各一次)  + 弱口令</li>
 45 | <li>姓全称(首字母大写) + 名缩写(大小写各一次) + 域名 ( + "!#." )</li>
 46 | <li>姓全称(首字母大写) + 名缩写(大小写各一次) + "@/#" + 域名 ( + 弱口令 +"!#." )</li>
 47 | <li>姓全称(首字母大写) + 名缩写(大小写各一次) + 域名前缀 ( + 弱口令 + "!#." )</li>
 48 | <li>姓全称(首字母大写) + 名缩写(大小写各一次) + "@/#" + 域名前缀 ( + 弱口令 + "!#." )</li>
 49 | <li>姓全称(首字母大写) + 名缩写(大小写各一次) + 公司全拼(小写) +  ( + 弱口令+ "!#." )</li>
 50 | <li>姓全称(首字母大写) + 名缩写(大小写各一次) + "@/#" + 公司全拼(小写) ( + 弱口令+ "!#." )</li>
 51 | <li>姓全称(首字母大写) + 名缩写(大小写各一次) + 公司简拼(用户决定) ( + 弱口令+ "!#." )</li>
 52 | <li>姓全称(首字母大写) + 名缩写(大小写各一次) + "@/#"+ 公司简拼(用户决定) ( + 弱口令 + "!#." )</li>
 53 | <li>姓全称(小写) + 名缩写(大小写各一次) + 弱口令 </li>
 54 | <li>姓全称(小写) + 名缩写(大小写各一次) + "@/#" + 弱口令</li>
 55 | <li>姓全称(小写) + 名缩写(大小写各一次) + 域名 ( + 弱口令 + "!#." )</li>
 56 | <li>姓全称(小写) + 名缩写(大小写各一次) + "@/#" + 域名 ( + 弱口令 +"!#." )</li>
 57 | <li>姓全称(小写) + 名缩写(大小写各一次) + 域名前缀 ( + 弱口令 + "!#." )</li>
 58 | <li>姓全称(小写) + 名缩写(大小写各一次) + "@/#" + 域名前缀 ( + 弱口令 + "!#." )</li>
 59 | <li>姓全称(小写) + 名缩写(大小写各一次) +  ( + 弱口令+ "!#." )</li>
 60 | <li>姓全称(小写) + 名缩写(大小写各一次) + "@/#" + 公司全拼(小写) ( + 弱口令+ "!#." )</li>
 61 | <li>姓全称(小写) + 名缩写(大小写各一次) ( + 弱口令+ "!#." )</li>
 62 | <li>姓全称(小写) + 名缩写(大小写各一次) + "@/#"+ 公司简拼(用户决定) ( + 弱口令 + "!#." )</li>
 63 | <li>姓简称(大写) + 名全称(小写) + 弱口令</li>
 64 | <li>姓简称(大写) + 名全称(小写) + "@/#" + 弱口令</li>
 65 | <li>姓简称(大写) + 名全称(小写) + 域名 ( + "!#." )</li>
 66 | <li>姓简称(大写) + 名全称(小写) + "@/#" + 域名 ( + 弱口令 +"!#." )</li>
 67 | <li>姓简称(大写) + 名全称(小写) + 域名前缀 ( + 弱口令 + "!#." )</li>
 68 | <li>姓简称(大写) + 名全称(小写) + "@/#" + 域名前缀 ( + 弱口令 + "!#." )</li>
 69 | <li>姓简称(大写) + 名全称(小写) + 公司全拼(小写) +  ( + 弱口令+ "!#." )</li>
 70 | <li>姓简称(大写) + 名全称(小写) + "@/#" + 公司全拼(小写) ( + 弱口令+ "!#." )</li>
 71 | <li>姓简称(大写) + 名全称(小写) + 公司简拼(用户决定) ( + 弱口令+ "!#." )</li>
 72 | <li>姓简称(大写) + 名全称(小写) + "@/#"+ 公司简拼(用户决定) ( + 弱口令 + "!#." )</li>
 73 | <li>姓简称(小写) + 名全称(小写) + 弱口令</li>
 74 | <li>姓简称(小写) + 名全称(小写) + "@/#" + 弱口令</li>
 75 | <li>姓简称(小写) + 名全称(小写) + 域名 ( + "!#." )</li>
 76 | <li>姓简称(小写) + 名全称(小写) + "@/#" + 域名 ( + 弱口令 +"!#." )</li>
 77 | <li>姓简称(小写) + 名全称(小写) + 域名前缀 ( + 弱口令 + "!#." )</li>
 78 | <li>姓简称(小写) + 名全称(小写) + "@/#" + 域名前缀 ( + 弱口令 + "!#." )</li>
 79 | <li>姓简称(小写) + 名全称(小写) + 公司全拼(小写) +  ( + 弱口令+ "!#." )</li>
 80 | <li>姓简称(小写) + 名全称(小写) + "@/#" + 公司全拼(小写) ( + 弱口令+ "!#." )</li>
 81 | <li>姓简称(小写) + 名全称(小写) + 公司简拼(用户决定) ( + 弱口令+ "!#." )</li>
 82 | <li>姓简称(小写) + 名全称(小写) + "@/#"+ 公司简拼(用户决定) ( + 弱口令 + "!#." )</li>
 83 | <li>域名 + "@/#" + 姓名全拼(小写) ( + 弱口令 +"!#." )</li>
 84 | <li>域名 + "@/#" + 姓全称(首字母大写) ( + 弱口令 +"!#." )</li>
 85 | <li>域名 + "@/#" + 姓全称(小写) ( + 弱口令 +"!#." )</li>
 86 | <li>域名 + "@/#" + 姓简称(小写) + 名全称(小写) ( + 弱口令 +"!#." )</li>
 87 | <li>域名 + "@/#" + 姓简称(大写) + 名全称(小写) ( + 弱口令 +"!#." )</li>
 88 | <li>域名前缀 + "@/#" + 姓名全拼(小写) ( + 弱口令 +"!#." )</li>
 89 | <li>域名前缀 + "@/#" + 姓全称(首字母大写) ( + 弱口令 +"!#." )</li>
 90 | <li>域名前缀 + "@/#" + 姓全称(小写) ( + 弱口令 +"!#." )</li>
 91 | <li>域名前缀 + "@/#" + 姓简称(小写) + 名全称(小写) ( + 弱口令 +"!#." )</li>
 92 | <li>域名前缀 + "@/#" + 姓简称(大写) + 名全称(小写) ( + 弱口令 +"!#." )</li>
 93 | <li>公司全拼(小写) + "@/#" + 姓名全拼(小写) ( + 弱口令 +"!#." )</li>
 94 | <li>公司全拼(小写) + "@/#" + 姓全称(首字母大写) ( + 弱口令 +"!#." )</li>
 95 | <li>公司全拼(小写) + "@/#" + 姓全称(小写) ( + 弱口令 +"!#." )</li>
 96 | <li>公司全拼(小写) + "@/#" + 姓简称(小写) + 名全称(小写) ( + 弱口令 +"!#." )</li>
 97 | <li>公司全拼(小写) + "@/#" + 姓简称(大写) + 名全称(小写) ( + 弱口令 +"!#." )</li>
 98 | <li>公司简拼(用户决定)  + "@/#" + 姓名全拼(小写) ( + 弱口令 +"!#." )</li>
 99 | <li>公司简拼(用户决定)  + "@/#" + 姓全称(首字母大写) ( + 弱口令 +"!#." )</li>
100 | <li>公司简拼(用户决定)  + "@/#" + 姓全称(小写) ( + 弱口令 +"!#." )</li>
101 | <li>公司简拼(用户决定)  + "@/#" + 姓简称(小写) + 名全称(小写) ( + 弱口令 +"!#." )</li>
102 | <li>公司简拼(用户决定)  + "@/#" + 姓简称(大写) + 名全称(小写) ( + 弱口令 +"!#." )</li>
103 | <li>域名 + 弱口令 ( + "!#." )</li>
104 | <li>域名前缀 + 弱口令 ( + "!#." )</li>
105 | <li>公司全拼(小写) + 弱口令 ( + "!#." )</li>
106 | <li>公司简拼(用户决定) + 弱口令 (+ "!#." )</li>
107 | </ul>
108 | <div id="communicate"></div>
109 | 
110 | <h3>技术交流</h3>
111 | 
112 | <img src="https://cdn.jsdelivr.net/gh/z-bool/images@master/img/qrcode_for_gh_c90beef1e2e7_258.jpg" alt="阿呆攻防公众号" style="zoom:100%;" />![image-20230116173105809](https://cdn.jsdelivr.net/gh/z-bool/images@master/img/image-20230116173105809.png)
113 | 
114 | 
115 | 
116 | 微信群有过期时间限制，如果有技术交流、BUG解决、环境安装问题都可以于公众号/QQ群获取微信群信息(本来上新机器人管理推送解密这些功能的，但是用的Golang的SDK被微信监控了要封号就没上，加群公众号询问看到我就回复)。
117 | 
118 |  
119 | 


--------------------------------------------------------------------------------
/go.mod:
--------------------------------------------------------------------------------
 1 | module super-password-dict
 2 | 
 3 | go 1.19
 4 | 
 5 | require github.com/AlecAivazis/survey/v2 v2.3.6
 6 | 
 7 | require (
 8 | 	github.com/kballard/go-shellquote v0.0.0-20180428030007-95032a82bc51 // indirect
 9 | 	github.com/mattn/go-colorable v0.1.2 // indirect
10 | 	github.com/mattn/go-isatty v0.0.8 // indirect
11 | 	github.com/mgutz/ansi v0.0.0-20170206155736-9520e82c474b // indirect
12 | 	golang.org/x/sys v0.0.0-20220422013727-9388b58f7150 // indirect
13 | 	golang.org/x/term v0.0.0-20210503060354-a79de5458b56 // indirect
14 | 	golang.org/x/text v0.3.3 // indirect
15 | )
16 | 


--------------------------------------------------------------------------------
/go.sum:
--------------------------------------------------------------------------------
 1 | github.com/AlecAivazis/survey/v2 v2.3.6 h1:NvTuVHISgTHEHeBFqt6BHOe4Ny/NwGZr7w+F8S9ziyw=
 2 | github.com/AlecAivazis/survey/v2 v2.3.6/go.mod h1:4AuI9b7RjAR+G7v9+C4YSlX/YL3K3cWNXgWXOhllqvI=
 3 | github.com/Netflix/go-expect v0.0.0-20220104043353-73e0943537d2 h1:+vx7roKuyA63nhn5WAunQHLTznkw5W8b1Xc0dNjp83s=
 4 | github.com/Netflix/go-expect v0.0.0-20220104043353-73e0943537d2/go.mod h1:HBCaDeC1lPdgDeDbhX8XFpy1jqjK0IBG8W5K+xYqA0w=
 5 | github.com/creack/pty v1.1.17 h1:QeVUsEDNrLBW4tMgZHvxy18sKtr6VI492kBhUfhDJNI=
 6 | github.com/creack/pty v1.1.17/go.mod h1:MOBLtS5ELjhRRrroQr9kyvTxUAFNvYEK993ew/Vr4O4=
 7 | github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 8 | github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 9 | github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
10 | github.com/hinshun/vt10x v0.0.0-20220119200601-820417d04eec h1:qv2VnGeEQHchGaZ/u7lxST/RaJw+cv273q79D81Xbog=
11 | github.com/hinshun/vt10x v0.0.0-20220119200601-820417d04eec/go.mod h1:Q48J4R4DvxnHolD5P8pOtXigYlRuPLGl6moFx3ulM68=
12 | github.com/kballard/go-shellquote v0.0.0-20180428030007-95032a82bc51 h1:Z9n2FFNUXsshfwJMBgNA0RU6/i7WVaAegv3PtuIHPMs=
13 | github.com/kballard/go-shellquote v0.0.0-20180428030007-95032a82bc51/go.mod h1:CzGEWj7cYgsdH8dAjBGEr58BoE7ScuLd+fwFZ44+/x8=
14 | github.com/mattn/go-colorable v0.1.2 h1:/bC9yWikZXAL9uJdulbSfyVNIR3n3trXl+v8+1sx8mU=
15 | github.com/mattn/go-colorable v0.1.2/go.mod h1:U0ppj6V5qS13XJ6of8GYAs25YV2eR4EVcfRqFIhoBtE=
16 | github.com/mattn/go-isatty v0.0.8 h1:HLtExJ+uU2HOZ+wI0Tt5DtUDrx8yhUqDcp7fYERX4CE=
17 | github.com/mattn/go-isatty v0.0.8/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hdxcsrc5s=
18 | github.com/mgutz/ansi v0.0.0-20170206155736-9520e82c474b h1:j7+1HpAFS1zy5+Q4qx1fWh90gTKwiN4QCGoY9TWyyO4=
19 | github.com/mgutz/ansi v0.0.0-20170206155736-9520e82c474b/go.mod h1:01TrycV0kFyexm33Z7vhZRXopbI8J3TDReVlkTgMUxE=
20 | github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
21 | github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
22 | github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
23 | github.com/stretchr/testify v1.6.1 h1:hDPOHmpOpP40lSULcqw7IrRb/u7w6RpDC9399XyoNd0=
24 | github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
25 | golang.org/x/sys v0.0.0-20190222072716-a9d3bda3a223/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
26 | golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
27 | golang.org/x/sys v0.0.0-20220422013727-9388b58f7150 h1:xHms4gcpe1YE7A3yIllJXP16CMAGuqwO2lX1mTyyRRc=
28 | golang.org/x/sys v0.0.0-20220422013727-9388b58f7150/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
29 | golang.org/x/term v0.0.0-20210503060354-a79de5458b56 h1:b8jxX3zqjpqb2LklXPzKSGJhzyxCOZSz8ncv8Nv+y7w=
30 | golang.org/x/term v0.0.0-20210503060354-a79de5458b56/go.mod h1:tfny5GFUkzUvx4ps4ajbZsCe5lw1metzhBm9T3x7oIY=
31 | golang.org/x/text v0.3.3 h1:cokOdA+Jmi5PJGXLlLllQSgYigAEfHXJAERHVMaCc2k=
32 | golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
33 | golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
34 | gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
35 | gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c h1:dUUwHk2QECo/6vqA44rthZ8ie2QXMNeKRTHCNY2nXvo=
36 | gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
37 | 


--------------------------------------------------------------------------------
/img1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/z-bool/super-password-dict/1d23594e125b6940c162f0ddcf619a621a9aff03/img1.png


--------------------------------------------------------------------------------
/main.go:
--------------------------------------------------------------------------------
  1 | package main
  2 | 
  3 | import (
  4 | 	"fmt"
  5 | 	"github.com/AlecAivazis/survey/v2"
  6 | 	"os"
  7 | 	"strings"
  8 | )
  9 | 
 10 | var WeakNum = []string{
 11 | 	"1",
 12 | 	"2",
 13 | 	"12",
 14 | 	"11",
 15 | 	"22",
 16 | 	"000",
 17 | 	"0000",
 18 | 	"000000",
 19 | 	"123",
 20 | 	"1234",
 21 | 	"123456",
 22 | 	"123123",
 23 | 	"111",
 24 | 	"1111",
 25 | 	"111111",
 26 | 	"888",
 27 | 	"8888",
 28 | 	"888888",
 29 | 	"520",
 30 | 	"1314",
 31 | 	"1999",
 32 | 	"2000",
 33 | 	"2016",
 34 | 	"2018",
 35 | 	"2019",
 36 | 	"2020",
 37 | 	"2021",
 38 | 	"2022",
 39 | 	"2023",
 40 | }
 41 | 
 42 | var WeakString = []string{
 43 | 	"abc",
 44 | 	"Abc",
 45 | 	"ABC",
 46 | 	"Aa",
 47 | 	"abcd",
 48 | 	"Abcd",
 49 | 	"admin",
 50 | 	"Admin",
 51 | 	"pass",
 52 | 	"Pass",
 53 | 	"passwd",
 54 | 	"Passwd",
 55 | 	"password",
 56 | 	"Password",
 57 | 	"admin",
 58 | 	"Admin",
 59 | 	"user",
 60 | 	"test",
 61 | 	"guest",
 62 | 	"love",
 63 | 	"super",
 64 | }
 65 | 
 66 | var weakPasswordWithoutChar = []string{}
 67 | var weakPassword = []string{}
 68 | 
 69 | type Answers struct {
 70 | 	ChineseName    string // 中文名
 71 | 	HuaMing        string // 花名小写
 72 | 	Xing           string // 姓全拼(首字母大写)
 73 | 	TuoFenTailMing string // 名全拼(末尾字小写)
 74 | 	TuoFenMing     string // 名(驼峰)
 75 | 	XingShouZiMu   string // 姓首字母(代码获取)
 76 | 	MingShouZiMu   string //名首字母
 77 | 	GongSiQuanChen string // 公司小写全称
 78 | 	GongSiJianChen string // 公司中文简称
 79 | 	GongSiDomain   string // 公司域名
 80 | }
 81 | 
 82 | // the questions to ask
 83 | var qs = []*survey.Question{
 84 | 	{
 85 | 		Name:   "ChineseName",
 86 | 		Prompt: &survey.Input{Message: "职员姓名中文全称,如:王小明(比较少见)"},
 87 | 	},
 88 | 	{
 89 | 		Name:   "HuaMing",
 90 | 		Prompt: &survey.Input{Message: "公司花名,如:adai"},
 91 | 	},
 92 | 	{
 93 | 		Name:   "Xing",
 94 | 		Prompt: &survey.Input{Message: "职员姓(首字母大写),如:Wang"},
 95 | 	},
 96 | 	{
 97 | 		Name:   "TuoFenMing",
 98 | 		Prompt: &survey.Input{Message: "驼峰命名法的名,如:XiaoMing"},
 99 | 	},
100 | 	{
101 | 		Name:   "TuoFenTailMing",
102 | 		Prompt: &survey.Input{Message: "名首字母大写,如:Xiaoming"},
103 | 	},
104 | 	{
105 | 		Name:   "MingShouZiMu",
106 | 		Prompt: &survey.Input{Message: "名首字母,如:xm"},
107 | 	},
108 | 	{
109 | 		Name:   "GongSiQuanChen",
110 | 		Prompt: &survey.Input{Message: "公司名拼音,如qiangshengkeji/qiangshen(强盛科技)"},
111 | 	},
112 | 	{
113 | 		Name:   "GongSiJianChen",
114 | 		Prompt: &survey.Input{Message: "公司名简拼,如qs(强盛科技)"},
115 | 	},
116 | 	{
117 | 		Name:   "GongSiDomain",
118 | 		Prompt: &survey.Input{Message: "公司主域名,如baidu.com"},
119 | 	},
120 | }
121 | 
122 | var result = []string{
123 | 	"user",
124 | 	"admin",
125 | 	"test",
126 | 	"guest",
127 | 	"AaBbCc",
128 | 	"Abc123!@#",
129 | 	"@bcd1234",
130 | 	"abc123!@#",
131 | 	"Abc123!@#",
132 | 	"#EDC4rfv",
133 | 	"abcABC123",
134 | 	"ABCabc123",
135 | 	"1qaz!@#$",
136 | 	"QAZwsx123",
137 | 	"Pa$$w0rd",
138 | 	"P@ssw0rd",
139 | 	"P@$$word",
140 | 	"P@$$word123",
141 | 	"!QAZ2wsx",
142 | 	"!QAZ3edc",
143 | 	"2wsx#EDC",
144 | 	"1!qaz2@wsx",
145 | 	"1q2w3e4r",
146 | 	"1234abcd",
147 | 	"1234qwer",
148 | 	"1qaz!QAZ",
149 | 	"1qaz2wsx",
150 | 	"1qaz@WSX",
151 | 	"1qaz@WSX#EDC",
152 | 	"!q2w3e4r",
153 | 	"1234QWER",
154 | 	"QWER!@#$",
155 | 	"P@ssw0rd",
156 | 	"1qaz@WSX#EDC",
157 | 	"p@ssw0rd",
158 | }
159 | 
160 | // 写入文件
161 | func WriteWeakPassword(weakPassword string) {
162 | 	f, err := os.OpenFile("weakPassword.txt", os.O_WRONLY|os.O_APPEND|os.O_CREATE, 0644)
163 | 	if err != nil {
164 | 		panic(err)
165 | 	}
166 | 	defer f.Close()
167 | 	data := []byte(weakPassword)
168 | 	_, err = f.Write(data)
169 | 	if err != nil {
170 | 		panic(err)
171 | 	}
172 | }
173 | 
174 | // 拼接原始弱口令拼接
175 | func CompareWeakPassword() {
176 | 	// 1. 第1步把原数据传进去
177 | 	for _, num := range WeakNum {
178 | 		weakPasswordWithoutChar = append(weakPasswordWithoutChar, num)
179 | 		if len(num) >= 6 {
180 | 			result = append(result, num)
181 | 		}
182 | 	}
183 | 	for _, str := range WeakString {
184 | 		weakPasswordWithoutChar = append(weakPasswordWithoutChar, str)
185 | 		if len(str) >= 6 {
186 | 			result = append(result, str)
187 | 		}
188 | 	}
189 | 	// 2. 第2步拼接str+num
190 | 	for _, num := range WeakNum {
191 | 		for _, str := range WeakString {
192 | 			sumStr := str + num
193 | 			weakPasswordWithoutChar = append(weakPasswordWithoutChar, sumStr)
194 | 			result = append(result, str+"@"+num)
195 | 			result = append(result, str+"#"+num)
196 | 		}
197 | 	}
198 | 	// 3. 第3步将拼接完的不带字符的带上字符作为一个总的弱口令
199 | 	for _, str := range weakPasswordWithoutChar {
200 | 		weakPassword = append(weakPassword, str)
201 | 	}
202 | 	for _, str := range weakPasswordWithoutChar {
203 | 		weakPassword = append(weakPassword, str+"!")
204 | 		weakPassword = append(weakPassword, str+".")
205 | 		weakPassword = append(weakPassword, str+"#")
206 | 	}
207 | 	// 4. 第4步将弱口令结果导入到result
208 | 	for _, str := range weakPassword {
209 | 		if len(str) >= 6 {
210 | 			result = append(result, str)
211 | 		}
212 | 	}
213 | }
214 | 
215 | // 姓名与域名/公司名/公司简拼的处理
216 | func usernameCompare(username string, domain string, gongSiMing string, gongSiJianPin string) {
217 | 	if username != "" {
218 | 		if domain != "" {
219 | 			if len(domain) >= 6 {
220 | 				result = append(result, domain)
221 | 			}
222 | 			// 1. 先加入用户名与域名的拼接
223 | 			result = append(result, domain+"@"+username)
224 | 			result = append(result, domain+"#"+username)
225 | 			result = append(result, domain+"#"+username+"!")
226 | 			result = append(result, domain+"@"+username+"!")
227 | 			result = append(result, domain+"@"+username+"#")
228 | 			result = append(result, username+"@"+domain)
229 | 			result = append(result, username+"#"+domain)
230 | 			result = append(result, username+"@"+domain+"!")
231 | 			result = append(result, username+"@"+domain+"#")
232 | 			result = append(result, username+"#"+domain+"!")
233 | 			// 2. 域名去掉后缀.com诸如此类的拼接结果
234 | 			domainStr := strings.Split(domain, ".")[0]
235 | 			result = append(result, domainStr+"@"+username)
236 | 			result = append(result, domainStr+"@"+username+"!")
237 | 			result = append(result, domainStr+"@"+username+".")
238 | 			result = append(result, domainStr+"@"+username+"#")
239 | 			result = append(result, domainStr+"#"+username)
240 | 			result = append(result, domainStr+"#"+username+"!")
241 | 			result = append(result, domainStr+"#"+username+".")
242 | 			result = append(result, username+"#"+domainStr)
243 | 			result = append(result, username+"#"+domainStr+"!")
244 | 			result = append(result, username+"#"+domainStr+".")
245 | 			result = append(result, username+"@"+domainStr)
246 | 			result = append(result, username+"@"+domainStr+"!")
247 | 			result = append(result, username+"@"+domainStr+".")
248 | 			result = append(result, username+"@"+domainStr+"#")
249 | 			for _, str := range WeakNum {
250 | 				result = append(result, domainStr+"@"+username+str)
251 | 				result = append(result, domainStr+"@"+username+str+"!")
252 | 				result = append(result, domainStr+"@"+username+str+".")
253 | 				result = append(result, domainStr+"@"+username+str+"#")
254 | 				result = append(result, domainStr+"#"+username+str)
255 | 				result = append(result, domainStr+"#"+username+str+"!")
256 | 				result = append(result, domainStr+"#"+username+str+".")
257 | 				result = append(result, username+"@"+domainStr+str)
258 | 				result = append(result, username+"@"+domainStr+str+"!")
259 | 				result = append(result, username+"@"+domainStr+str+".")
260 | 				result = append(result, username+"@"+domainStr+str+"#")
261 | 				result = append(result, username+"#"+domainStr+str)
262 | 				result = append(result, username+"#"+domainStr+str+"!")
263 | 				result = append(result, username+"#"+domainStr+str+".")
264 | 			}
265 | 		}
266 | 		// 公司名拼音
267 | 		if gongSiMing != "" {
268 | 			if len(gongSiMing) >= 6 {
269 | 				result = append(result, gongSiMing)
270 | 			}
271 | 			// 名字和公司名的拼接
272 | 			result = append(result, gongSiMing+"@"+username)
273 | 			result = append(result, gongSiMing+"#"+username)
274 | 			result = append(result, gongSiMing+"#"+username+"!")
275 | 			result = append(result, gongSiMing+"@"+username+"!")
276 | 			result = append(result, gongSiMing+"@"+username+"#")
277 | 			result = append(result, username+"@"+gongSiMing)
278 | 			result = append(result, username+"#"+gongSiMing)
279 | 			result = append(result, username+"@"+gongSiMing+"!")
280 | 			result = append(result, username+"@"+gongSiMing+"#")
281 | 			result = append(result, username+"#"+gongSiMing+"!")
282 | 			for _, str := range WeakNum {
283 | 				result = append(result, gongSiMing+"@"+username+str)
284 | 				result = append(result, gongSiMing+"@"+username+str+"!")
285 | 				result = append(result, gongSiMing+"@"+username+str+".")
286 | 				result = append(result, gongSiMing+"@"+username+str+"#")
287 | 				result = append(result, gongSiMing+"#"+username+str)
288 | 				result = append(result, gongSiMing+"#"+username+str+"!")
289 | 				result = append(result, gongSiMing+"#"+username+str+".")
290 | 				result = append(result, username+"@"+gongSiMing+str)
291 | 				result = append(result, username+"@"+gongSiMing+str+"!")
292 | 				result = append(result, username+"@"+gongSiMing+str+".")
293 | 				result = append(result, username+"@"+gongSiMing+str+"#")
294 | 				result = append(result, username+"#"+gongSiMing+str)
295 | 				result = append(result, username+"#"+gongSiMing+str+"!")
296 | 				result = append(result, username+"#"+gongSiMing+str+".")
297 | 			}
298 | 		}
299 | 		// 公司简称
300 | 		if gongSiJianPin != "" {
301 | 			if len(gongSiJianPin) >= 6 {
302 | 				result = append(result, gongSiJianPin)
303 | 			}
304 | 			// 名字和公司简拼的拼接
305 | 			result = append(result, gongSiJianPin+"@"+username)
306 | 			result = append(result, gongSiJianPin+"#"+username)
307 | 			result = append(result, gongSiJianPin+"#"+username+"!")
308 | 			result = append(result, gongSiJianPin+"@"+username+"!")
309 | 			result = append(result, gongSiJianPin+"@"+username+"#")
310 | 			result = append(result, gongSiJianPin+"@"+gongSiMing)
311 | 			result = append(result, gongSiJianPin+"#"+gongSiMing)
312 | 			result = append(result, gongSiJianPin+"@"+gongSiMing+"!")
313 | 			result = append(result, gongSiJianPin+"@"+gongSiMing+"#")
314 | 			result = append(result, gongSiJianPin+"#"+gongSiMing+"!")
315 | 			for _, str := range WeakNum {
316 | 				result = append(result, gongSiJianPin+"@"+username+str)
317 | 				result = append(result, gongSiJianPin+"@"+username+str+"!")
318 | 				result = append(result, gongSiJianPin+"@"+username+str+".")
319 | 				result = append(result, gongSiJianPin+"@"+username+str+"#")
320 | 				result = append(result, gongSiJianPin+"#"+username+str)
321 | 				result = append(result, gongSiJianPin+"#"+username+str+"!")
322 | 				result = append(result, gongSiJianPin+"#"+username+str+".")
323 | 				result = append(result, username+"@"+gongSiJianPin+str)
324 | 				result = append(result, username+"@"+gongSiJianPin+str+"!")
325 | 				result = append(result, username+"@"+gongSiJianPin+str+".")
326 | 				result = append(result, username+"@"+gongSiJianPin+str+"#")
327 | 				result = append(result, username+"#"+gongSiJianPin+str)
328 | 				result = append(result, username+"#"+gongSiJianPin+str+"!")
329 | 				result = append(result, username+"#"+gongSiJianPin+str+".")
330 | 			}
331 | 		}
332 | 		// 名字+数字
333 | 		for _, str := range WeakNum {
334 | 			result = append(result, username+str)
335 | 			result = append(result, username+str+".")
336 | 			result = append(result, username+str+"!")
337 | 			result = append(result, username+str+"#")
338 | 		}
339 | 		// 名字+@/#+弱口令
340 | 		for _, str := range weakPassword {
341 | 			if len(username) >= 6 {
342 | 				result = append(result, username)
343 | 			}
344 | 			result = append(result, username+"@"+str)
345 | 			result = append(result, username+"#"+str)
346 | 		}
347 | 	}
348 | 
349 | }
350 | 
351 | // 中文名字弱口令组合
352 | func ChineseCompare(username string) {
353 | 	for _, str := range weakPassword {
354 | 		result = append(result, username+str)
355 | 		result = append(result, username+"@"+str)
356 | 		result = append(result, username+"#"+str)
357 | 	}
358 | }
359 | 
360 | //	func main() {
361 | //		CompareWeakPassword()
362 | //		usernameCompare("zhangsan", "baidu.com", "baidu", "bd")
363 | //		for _, str := range result {
364 | //			WriteWeakPassword(str + "\r\n")
365 | //		}
366 | //	}
367 | func init() {
368 | 	fmt.Println(`
369 | 
370 |  ________  ___  ___  ________  _______   ________          ________  ___  ________ _________   
371 | |\   ____\|\  \|\  \|\   __  \|\  ___ \ |\   __  \        |\   ___ \|\  \|\   ____\\___   ___\ 
372 | \ \  \___|\ \  \\\  \ \  \|\  \ \   __/|\ \  \|\  \       \ \  \_|\ \ \  \ \  \___\|___ \  \_| 
373 |  \ \_____  \ \  \\\  \ \   ____\ \  \_|/_\ \   _  _\       \ \  \ \\ \ \  \ \  \       \ \  \  
374 |   \|____|\  \ \  \\\  \ \  \___|\ \  \_|\ \ \  \\  \|       \ \  \_\\ \ \  \ \  \____   \ \  \ 
375 |     ____\_\  \ \_______\ \__\    \ \_______\ \__\\ _\        \ \_______\ \__\ \_______\  \ \__\
376 |    |\_________\|_______|\|__|     \|_______|\|__|\|__|        \|_______|\|__|\|_______|   \|__|
377 |    \|_________|                                                                                
378 |                                                                                                
379 |                                    欢迎使用阿呆超级字典生成器，关注公众号:阿呆攻防了解更多                
380 | `)
381 | }
382 | 
383 | func main() {
384 | 	// 结果写入到结构体
385 | 	answer := &Answers{}
386 | 	var usernameQuanPinXiaoXie string
387 | 	var usernameTuoFeng string
388 | 	var usernameTuoFengTailMing string
389 | 	var usernameXingQuanChenDaXieMingJianChenXiaoXie string
390 | 	var usernameXingQuanChenXiaoXieMingJianChenXiaoXie string
391 | 	var usernameXingJianPinDaXieMingQuanPinXiaoXie string
392 | 	var usernameXingJianPinXiaoXieMingQuanPinXiaoXie string
393 | 	var usernameJianPin string
394 | 
395 | 	// 执行提问
396 | 	err := survey.Ask(qs, answer)
397 | 	if err != nil {
398 | 		fmt.Println(err.Error())
399 | 		return
400 | 	}
401 | 
402 | 	// 中文弱口令
403 | 	if answer.ChineseName != "" {
404 | 		ChineseCompare(answer.ChineseName)
405 | 	}
406 | 	// 姓名全拼
407 | 	if answer.Xing != "" {
408 | 		answer.XingShouZiMu = answer.Xing[0:1] //姓缩写
409 | 		if answer.MingShouZiMu != "" {
410 | 			// 姓全拼+名首字母
411 | 			usernameXingQuanChenDaXieMingJianChenXiaoXie = answer.Xing + answer.MingShouZiMu
412 | 			usernameXingQuanChenXiaoXieMingJianChenXiaoXie = strings.ToLower(answer.Xing + answer.MingShouZiMu)
413 | 			// 姓名简拼
414 | 			usernameJianPin = strings.ToLower(answer.XingShouZiMu) + strings.ToLower(answer.MingShouZiMu)
415 | 		}
416 | 
417 | 		if answer.TuoFenMing != "" {
418 | 			usernameQuanPinXiaoXie = strings.ToLower(answer.Xing) + strings.ToLower(answer.TuoFenMing)
419 | 			usernameTuoFeng = answer.Xing + answer.TuoFenMing
420 | 			// 姓简拼名全拼
421 | 			usernameXingJianPinDaXieMingQuanPinXiaoXie = strings.ToUpper(answer.XingShouZiMu) + strings.ToLower(answer.TuoFenMing)
422 | 			usernameXingJianPinXiaoXieMingQuanPinXiaoXie = strings.ToLower(answer.XingShouZiMu) + strings.ToLower(answer.TuoFenMing)
423 | 		}
424 | 		if answer.TuoFenTailMing != "" {
425 | 			usernameQuanPinXiaoXie = strings.ToLower(answer.Xing) + strings.ToLower(answer.TuoFenTailMing)
426 | 			usernameTuoFengTailMing = answer.Xing + answer.TuoFenTailMing
427 | 			// 姓简拼名全拼
428 | 			usernameXingJianPinDaXieMingQuanPinXiaoXie = strings.ToUpper(answer.XingShouZiMu) + strings.ToLower(answer.TuoFenTailMing)
429 | 			usernameXingJianPinXiaoXieMingQuanPinXiaoXie = strings.ToLower(answer.XingShouZiMu) + strings.ToLower(answer.TuoFenTailMing)
430 | 		}
431 | 	}
432 | 	CompareWeakPassword()
433 | 	if usernameQuanPinXiaoXie != "" {
434 | 		usernameCompare(usernameQuanPinXiaoXie, answer.GongSiDomain, answer.GongSiQuanChen, answer.GongSiJianChen)
435 | 	}
436 | 	if usernameTuoFeng != "" {
437 | 		usernameCompare(usernameTuoFeng, answer.GongSiDomain, answer.GongSiQuanChen, answer.GongSiJianChen)
438 | 	}
439 | 	if usernameTuoFengTailMing != "" {
440 | 		usernameCompare(usernameTuoFengTailMing, answer.GongSiDomain, answer.GongSiQuanChen, answer.GongSiJianChen)
441 | 	}
442 | 	if usernameXingQuanChenDaXieMingJianChenXiaoXie != "" {
443 | 		usernameCompare(usernameXingQuanChenDaXieMingJianChenXiaoXie, answer.GongSiDomain, answer.GongSiQuanChen, answer.GongSiJianChen)
444 | 	}
445 | 	if usernameXingQuanChenXiaoXieMingJianChenXiaoXie != "" {
446 | 		usernameCompare(usernameXingQuanChenXiaoXieMingJianChenXiaoXie, answer.GongSiDomain, answer.GongSiQuanChen, answer.GongSiJianChen)
447 | 	}
448 | 	if usernameXingJianPinDaXieMingQuanPinXiaoXie != "" {
449 | 		usernameCompare(usernameXingJianPinDaXieMingQuanPinXiaoXie, answer.GongSiDomain, answer.GongSiQuanChen, answer.GongSiJianChen)
450 | 	}
451 | 	if usernameXingJianPinXiaoXieMingQuanPinXiaoXie != "" {
452 | 		usernameCompare(usernameXingJianPinXiaoXieMingQuanPinXiaoXie, answer.GongSiDomain, answer.GongSiQuanChen, answer.GongSiJianChen)
453 | 	}
454 | 	if usernameJianPin != "" {
455 | 		usernameCompare(strings.ToLower(usernameJianPin), answer.GongSiDomain, answer.GongSiQuanChen, answer.GongSiJianChen)
456 | 		usernameCompare(strings.ToUpper(usernameJianPin), answer.GongSiDomain, answer.GongSiQuanChen, answer.GongSiJianChen)
457 | 	}
458 | 	if answer.HuaMing != "" {
459 | 		usernameCompare(strings.ToLower(answer.HuaMing), answer.GongSiDomain, answer.GongSiQuanChen, answer.GongSiJianChen)
460 | 	}
461 | 	if answer.GongSiDomain != "" {
462 | 		for _, str := range weakPassword {
463 | 			result = append(result, answer.GongSiDomain+str)
464 | 			result = append(result, answer.GongSiDomain+"@"+str)
465 | 			result = append(result, answer.GongSiDomain+"#"+str)
466 | 		}
467 | 	}
468 | 	if answer.GongSiQuanChen != "" {
469 | 		for _, str := range weakPassword {
470 | 			result = append(result, strings.ToLower(answer.GongSiQuanChen)+str)
471 | 			result = append(result, strings.ToLower(answer.GongSiQuanChen)+"@"+str)
472 | 			result = append(result, strings.ToLower(answer.GongSiQuanChen)+"#"+str)
473 | 		}
474 | 	}
475 | 	if answer.GongSiJianChen != "" {
476 | 		for _, str := range weakPassword {
477 | 			result = append(result, strings.ToLower(answer.GongSiJianChen)+str)
478 | 			result = append(result, strings.ToLower(answer.GongSiJianChen)+"@"+str)
479 | 			result = append(result, strings.ToLower(answer.GongSiJianChen)+"#"+str)
480 | 			result = append(result, strings.ToUpper(answer.GongSiJianChen)+str)
481 | 			result = append(result, strings.ToUpper(answer.GongSiJianChen)+"@"+str)
482 | 			result = append(result, strings.ToUpper(answer.GongSiJianChen)+"#"+str)
483 | 		}
484 | 	}
485 | 	for _, str := range result {
486 | 		WriteWeakPassword(str + "\r\n")
487 | 	}
488 | 	fmt.Println("字典生成完毕!!!")
489 | 
490 | }
491 | 


--------------------------------------------------------------------------------