NAME

genpw-wordlist - Generate password with words from WordList::*

VERSION

This document describes version 0.007 of main (from Perl distribution App-genpw-wordlist), released on 2020-05-21.

SYNOPSIS

Usage:

% genpw-wordlist [-L] [-U] [--action=s] [--case=s] [--config-path=path+]
    [--config-profile=profile] [--format=name] [--json] [--list-patterns]
    [--(no)naked-res] [--no-config] [--no-env] [-p=s+]
    [--page-result[=program]] [--pattern=s+] [--patterns-json=s] [-w=s+]
    [--wordlist=s+] [--wordlists-json=s] [num]

DESCRIPTION

Using password from dictionary words (in this case, from WordList::*) can be useful for humans when remembering the password. Note that using a string of random characters is generally better because of the larger space (combination). Using a password of two random words from a 5000-word wordlist has a space of only ~25 million while an 8-character of random uppercase letters/lowercase letters/numbers has a space of 62^8 = ~218 trillion. To increase the space you'll need to use more words (e.g. 3 to 5 instead of just 2). This is important if you are using the password for something that can be bruteforced quickly e.g. for protecting on-disk ZIP/GnuPG file and the attacker has access to your file. It is then recommended to use a high number of rounds for hashing to slow down password cracking (e.g. --s2k-count 65011712 in GnuPG).

OPTIONS

* marks required options.

Main options

--action=s

Default value:

"gen"

Valid values:

["gen","list-patterns"]
--case=s

Force casing.

Default value:

"default"

Valid values:

["default","random","lower","upper","title"]

`default` means to not change case. `random` changes casing some letters randomly to lower-/uppercase. `lower` forces lower case. `upper` forces UPPER CASE. `title` forces Title case.

--list-patterns

Shortcut for --action=list-patterns.

See --action.

--num=s, -n

Default value:

1
--pattern=s@, -p

Pattern(s) to use.

A pattern is string that is similar to a printf pattern. %P (where P is certain letter signifying a format) will be replaced with some other string. %Nw (where N is a number) will be replaced by a word of length N, %N$MP (where N and M is a number) will be replaced by a word of length between N and M. Anything else will be used as-is. Available conversions:

%l   Random Latin letter (A-Z, a-z)
%d   Random digit (0-9)
%h   Random hexdigit (0-9a-f)
%a   Random letter/digit (Alphanum) (A-Z, a-z, 0-9; combination of %l and %d)
%s   Random ASCII symbol, e.g. "-" (dash), "_" (underscore), etc.
%x   Random letter/digit/ASCII symbol (combination of %a and %s)
%m   Base64 character (A-Z, a-z, 0-9, +, /)
%b   Base58 character (A-Z, a-z, 0-9 minus IOl0)
%B   Base56 character (A-Z, a-z, 0-9 minus IOol01)
%%   A literal percent sign
%w   Random word

Can be specified multiple times.

--patterns-json=s

Pattern(s) to use (JSON-encoded).

See --pattern.

--wordlist=s@, -w

Select one or more wordlist modules.

Can be specified multiple times.

--wordlists-json=s

Select one or more wordlist modules (JSON-encoded).

See --wordlist.

-L

Shortcut for --case=lower.

See --case.

-U

Shortcut for --case=upper.

See --case.

Configuration options

--config-path=s

Set path to configuration file.

Can be specified multiple times.

--config-profile=s

Set configuration profile to use.

--no-config

Do not use any configuration file.

Environment options

--no-env

Do not read environment for default options.

Output options

--format=s

Choose output format, e.g. json, text.

Default value:

undef
--json

Set output format to json.

--naked-res

When outputing as JSON, strip result envelope.

Default value:

0

By default, when outputing as JSON, the full enveloped result is returned, e.g.:

[200,"OK",[1,2,3],{"func.extra"=>4}]

The reason is so you can get the status (1st element), status message (2nd element) as well as result metadata/extra result (4th element) instead of just the result (3rd element). However, sometimes you want just the result, e.g. when you want to pipe the result for more post-processing. In this case you can use `--naked-res` so you just get:

[1,2,3]
--page-result

Filter output through a pager.

Other options

--help, -h, -?

Display help message and exit.

--version, -v

Display program's version and exit.

COMPLETION

The script comes with a companion shell completer script (_genpw-wordlist) for this script.

bash

To activate bash completion for this script, put:

complete -C _genpw-wordlist genpw-wordlist

in your bash startup (e.g. ~/.bashrc). Your next shell session will then recognize tab completion for the command. Or, you can also directly execute the line above in your shell to activate immediately.

It is recommended, however, that you install modules using cpanm-shcompgen which can activate shell completion for scripts immediately.

tcsh

To activate tcsh completion for this script, put:

complete genpw-wordlist 'p/*/`genpw-wordlist`/'

in your tcsh startup (e.g. ~/.tcshrc). Your next shell session will then recognize tab completion for the command. Or, you can also directly execute the line above in your shell to activate immediately.

It is also recommended to install shcompgen (see above).

other shells

For fish and zsh, install shcompgen as described above.

CONFIGURATION FILE

This script can read configuration files. Configuration files are in the format of IOD, which is basically INI with some extra features.

By default, these names are searched for configuration filenames (can be changed using --config-path): ~/.config/genpw-wordlist.conf, ~/genpw-wordlist.conf, or /etc/genpw-wordlist.conf.

All found files will be read and merged.

To disable searching for configuration files, pass --no-config.

You can put multiple profiles in a single file by using section names like [profile=SOMENAME] or [SOMESECTION profile=SOMENAME]. Those sections will only be read if you specify the matching --config-profile SOMENAME.

You can also put configuration for multiple programs inside a single file, and use filter program=NAME in section names, e.g. [program=NAME ...] or [SOMESECTION program=NAME]. The section will then only be used when the reading program matches.

Finally, you can filter a section by environment variable using the filter env=CONDITION in section names. For example if you only want a section to be read if a certain environment variable is true: [env=SOMEVAR ...] or [SOMESECTION env=SOMEVAR ...]. If you only want a section to be read when the value of an environment variable has value equals something: [env=HOSTNAME=blink ...] or [SOMESECTION env=HOSTNAME=blink ...]. If you only want a section to be read when the value of an environment variable does not equal something: [env=HOSTNAME!=blink ...] or [SOMESECTION env=HOSTNAME!=blink ...]. If you only want a section to be read when an environment variable contains something: [env=HOSTNAME*=server ...] or [SOMESECTION env=HOSTNAME*=server ...]. Note that currently due to simplistic parsing, there must not be any whitespace in the value being compared because it marks the beginning of a new section filter or section name.

List of available configuration parameters:

action (see --action)
case (see --case)
format (see --format)
naked_res (see --naked-res)
num (see --num)
patterns (see --pattern)
wordlists (see --wordlist)

ENVIRONMENT

GENPW_WORDLIST_OPT => str

Specify additional command-line options.

FILES

~/.config/genpw-wordlist.conf

~/genpw-wordlist.conf

/etc/genpw-wordlist.conf

HOMEPAGE

Please visit the project's homepage at https://metacpan.org/release/App-genpw-wordlist.

SOURCE

Source repository is at https://github.com/perlancar/perl-App-genpw-wordlist.

BUGS

Please report any bugs or feature requests on the bugtracker website https://rt.cpan.org/Public/Dist/Display.html?Name=App-genpw-wordlist

When submitting a bug or request, please include a test-file or a patch to an existing test-file that illustrates the bug or desired feature.

AUTHOR

perlancar <perlancar@cpan.org>

COPYRIGHT AND LICENSE

This software is copyright (c) 2020, 2018 by perlancar@cpan.org.

This is free software; you can redistribute it and/or modify it under the same terms as the Perl 5 programming language system itself.