Part 4: HackMyPassword underspecified

[zormit]

It's not clear from the exercise, which password list to use. When using the both lists that have 10k password, I had no success.

Or should the passwords be fuzzed additionally? When using radamsa for fuzzing the passwords from the list, the data is "too dirty" to be used as password IMHO. I would not expect something like

foo\n󠁤\0‌$(xcalc)\x0a$!!\x0d$`%p`xcalc`\\x0d$`%p`xcalc`\\x0d$`%p`xcalc`\\x0d$`%p`xcalc`\\x0d$`%p`xcalc`\\x0d$`%p`xcalc`\\x0d$`%p`xcalc`\\x0d$`%p`xcalc`\\x0d$`%p`xcalc`\\x0d$`%p`xcalc`\x2147483651\r$&+inf%#x`xcalc`%

as password.