KthProg wrote:-_- how do they choose the words for these dictionaries i mean?
is it based on hueristics? common passwords?
Usually, depending on your victom you can try different dictionaries that have different words in them.
For example if you was to try and brutforce a password that belongs to someone from the UK, you would load up a dictionary that has UK slang in it. If you was to use a dictionary attack on someone from China, you would want chinese words in your dictionary. The dictionaries themselves usually contain thousands of commonly used passwords. The passwords for wordlists are usually dumped from large databases on websites via SQLi, this gives you a realistic approach on what passwords are being used.