Package Details: rockyou 1.2.1-1

Git Clone URL: https://aur.archlinux.org/rockyou.git (read-only, click to copy)
Package Base: rockyou
Description: The popular "rockyou" password list from OWASP SecLists project
Upstream URL: https://owasp.org/www-project-seclists/
Licenses: CCPL:by-sa
Submitter: trichards
Maintainer: trichards
Last Packager: trichards
Votes: 13
Popularity: 0.189192
First Submitted: 2016-08-29 21:09 (UTC)
Last Updated: 2021-01-30 09:03 (UTC)

Latest Comments

Misaka13514 commented on 2024-01-28 06:27 (UTC)

Please follow Arch Linux RFC16: use SPDX license identifier in PKGBUILD.

https://gitlab.archlinux.org/archlinux/rfcs/-/blob/master/rfcs/0016-spdx-license-identifiers.rst

trichards commented on 2021-01-30 09:05 (UTC)

Hi there TypoMustakes -

I didn't realize this dictionary has the properties you described. Thanks for the useful info!

I want to say that I initially added the sort/character conversion mangling due to an incompatibility with a particular password recovery application, but now it's been so long I don't recall what the original issue was.

The package has been updated to 1.2.1: mangle-free!

I appreciate your feedback.

TypoMustakes commented on 2021-01-30 08:25 (UTC) (edited on 2021-01-30 08:27 (UTC) by TypoMustakes)

Hi!

I recently installed this package onto my system and noticed a staggering difference between this wordlist and the "original" one. In the PKGBUILD file, you wrote the line iconv -f latin1 -t utf-8 "$srcdir"/rockyou.txt | sort -u > "$pkgdir"/usr/share/dict/rockyou.txt, and I noticed a problem. The sort command, while with the -u flag might seem useful, it's actually very counterproductive. The original rockyou.txt contains password mostly ordered from most common passwords to the least common ones. This is extremely useful when used for pentesting purposes, it can save lots of time. However, the sort command ruins this purpose, as this particular, 'post-sort' version of the wordlist starts with very uncommon entries.