Typical tools for password cracking (John the Ripper, ophtcrack, hashcat, etc) can do several types of attacks including: • Standard brute force: all combinations are tried until something matches. You tpyically use a character set common on the keyboards of the language used to type the passwords, or you can used a reduced set like alphanumneric plus a few symbols. The size of the character set makes a big difference in how long it takes to brute force a password. Password length also makes a big difference.
This can take a very long time depending on many factors • Standard dictionary: straight dictionary words are used. It's mostly used to find really poor passwords, like password, password123, system, welcome, 123456, etc. • Dictionary attack with rules: in this type dictionary words are used as the basis for cracks, rules are used to modify these, for instance capitalizing the first letter, adding a number to the end, or replacing letters with numbers or symbols Rules attacks are likely the best bang for the buck if all you have are standard computing resources, although if you have GPUs available brute-force attacks can be made viable as long as the passwords aren't too long.
It depends on the password length, hashing/salting used, and how much computing power you have at your disposal. In addition to what's already mentioned here, the wordlists are used in conjunction with some of the web app tools and things such as sqlmap. If you're looking for places to use them, download some of the 'boot to root' VMs like Kioptrix and De-ICE and have a go at brute-ing some passwords.
As for specific lists for specific types of hacks - not really. Unless you're doing something targeted against a person you know some facts about (in which case you'll use something like CUPP - Common User Passwords Profiler - to generate a custom wordlist for that particular target).
Random Theory Thoughts: If it is an AP with a default ESSID odds are the password is still default and pretty much impossible to crack with a word list. If the AP has been named something then odds are that it has a dictionary attack capable password. The password could contain entropy. Meaning it could be PASSWORD but with padding like P.A.S.S.W.O.R.D. The weakest Password just became strong and off your list.
Something to think about. Some AP's have a secret (the same) PIN that is issued to every AP of that vendor. Hi I am trying this to open a protected.rar file with cRARK in Kali Linux. My password length is 10 to 13. I am executing the command./crark -c -l10 -g13 /root/desktop.rar file. And I partially remember the password.
So I modified password.def file as ## abilnopr * ABINLNOPR * 1257 * 1257 abilnopr * 1257 ABILNOPR * abilnopr 1257 * ABILNOPR 1257 * ABILNOPR abilnopr 1257 $! * It taking more than a day to execute, But the password contains roop together, Is possible to mention somewhere and continue the search? Hi I am trying this to open a protected.rar file with cRARK in Kali Linux. My password length is 10 to 13.