Feature request - create base word list & de-1337 #40
Comments
|
Sounds possible. What about in instances where a number can be multiple
letters, for example 1 could be i or l? Would you want both words?
…On Tue, 19 Sep 2017 at 12:54 Lexus89 ***@***.***> wrote:
It would be nice to have a feature for creating wordlists based on the
base words. A 'de-1337'-function could help creating these wordlists. The
password '1945un1c0rn01' could result in the base word 'unicorn' by
stripping the begin/end non-alpha's and replacing the inner 1 and 0 with
the alpha character (i/o).
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub
<#40>, or mute the thread
<https://github.com/notifications/unsubscribe-auth/AAHJWfVJhVshrh17H8LLzScrEQldVBGrks5sj6tpgaJpZM4PcRoy>
.
|
|
I pretty much only encounter the substitution 'i' with 1 than 'l' so based on that just keeping one word seems to be enough (using only the most common substitution). However if there are more examples like that with multiple letters and/or you experienced the 'l' being used a lot as well, it might be a good thing to keep it configurable maybe..? Can't think of a good solution for that now though :( |
|
The obvious one for 1 to l is 1337 going to leet.
Should be fairly easy to write, will see what I can do.
…On Tue, 19 Sep 2017 at 13:31 Lexus89 ***@***.***> wrote:
I pretty much only encounter the substitution 'i' with 1 than 'l' so based
on that just keeping one word seems to be enough (using only the most
common substitution). However if there are more examples like that with
multiple letters and/or you experienced the 'l' being used a lot as well,
it might be a good thing to keep it configurable maybe..? Can't think of a
good solution for that now though :(
—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub
<#40 (comment)>, or mute
the thread
<https://github.com/notifications/unsubscribe-auth/AAHJWSr30uIc3G57Zr7QxzoEUg6IcyJ5ks5sj7QQgaJpZM4PcRoy>
.
|
|
How about this? |
|
This looks good, thnx! Going to be so handy for creating word lists with base words. Tried on some passwords and noticed a couple of possible improvements (brain dump):
|
|
Character encoding is always a pain, I'll see what I can do with it.
For the extra characters, working out what is the word and what is the
prefix/suffix is tricky if you want symbols including. I'm taking the first
non-alpha as the end of the word and stripping everything after that.
Doing a uniq on it should be easy to add.
If you can write language rules that can be implemented, feel free to send
them over, that is too much for me to think about.
…On Wed, 20 Sep 2017 at 10:46 Lexus89 ***@***.***> wrote:
This looks good, thnx!
Going to be so handy for creating word lists with base words. Tried on
some passwords and noticed a couple of possible improvements (brain dump):
- When having a strange character in the wordlist it shows the
following error and quits. Can prevent this ofcourse by cleaning up the
list in advance but just want to let you know
./deleet.rb:112:in `match': invalid byte sequence in UTF-8 (ArgumentError)
from ./deleet.rb:112:in `block in <main>'
from ./deleet.rb:110:in `each'
from ./deleet.rb:110:in `<main>'
- Convert string to lowercase, rules will handle uppercasing the first
character etc.
- Additional substitutions: (@ > a, ! > i, ! > l)
- Perhaps an option to only output unique base words so you dont have
to sort -u after
- Was thinking about possible language-based tweaks, for example if a
word contains the string '1oord', the '1' is most likely an 'L" instead of
a 'i' because of the double 'o'-vowels.
—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub
<#40 (comment)>, or mute
the thread
<https://github.com/notifications/unsubscribe-auth/AAHJWTMV4D0FgpngjIyrh3FPkuI-WEeNks5skN7rgaJpZM4PcRoy>
.
|
|
Yes it is indeed tricky, perhaps something like this: !WiFi@irb4s3Rul3Z! <- Now no baseword printed by deleet
For a password like @irb4se! this will ofcourse still result in 'irbase' but a rule placing all special chars in front of base word fixes this issue. |
|
Should be easy enough to do, I'll put it in a new branch so we can play
with it and get it tuned
…On Wed, 20 Sep 2017 at 15:03 Lexus89 ***@***.***> wrote:
Yes it is indeed tricky, perhaps something like this:
***@***.***! <- Now no baseword printed by deleet
1. First strip off non-alpha chars from left to right (until first
alpha char): ***@***.***!
2. Strip off non-alpha chars from right to left (until first alpha
char): ***@***.***
3. Substitute chars: WiFiairbaseRuleZ
4. Convert to lowercase: wifiairbaserulez
For a password like @irb4se! this will ofcourse still result in 'irbase'
but a rule placing all special chars in front of base word fixes this issue.
—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub
<#40 (comment)>, or mute
the thread
<https://github.com/notifications/unsubscribe-auth/AAHJWQRuCxaNySUDJw4lWAVKd_0jwKc6ks5skRsfgaJpZM4PcRoy>
.
|
Closed
|
Moving this discussion over to the deleet project, I'm going to do some updates and will comment over here digininja/deleet#1 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
It would be nice to have a feature for creating wordlists based on the base words. A 'de-1337'-function could help creating these wordlists. The password '1945un1c0rn01' could result in the base word 'unicorn' by stripping the begin/end non-alpha's and replacing the inner 1 and 0 with the alpha character (i/o).
The text was updated successfully, but these errors were encountered: