New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

New rule: replace Nth character #1035

Closed
julioauto opened this Issue Feb 8, 2017 · 18 comments

Comments

Projects
None yet
7 participants
@julioauto

julioauto commented Feb 8, 2017

I would like to propose a new feature, which would be this rule to replace the Nth instance of a character with a different character. The classic 's' rule replaces all instances of the given character; this new rule could perhaps be 'S'. The idea is to be able to generate candidates such as 'pa$swords', based solely on premises e.g. that some users like to use leetspeak for the first 'a' in the word but not the rest - or things of that nature.

New rule could be of the form SNXY: replace Nth instance of character X with Y

So, to illustrate:

Rule Input Output
ss$ passwords pa$$word$
S1s$ passwords pa$swords
S2s$ passwords pas$words
S1s$S1s$ passwords pa$$words

EDIT:
After about a month since opening this issue, I just wanted to reiterate how useful I think it will be when it is implemented.

The idea came to me when I couldn't crack the password 'Odes$a77'. I spent some decent time with fairly good hardware, my favorite wordlists and rule files, some good masks and combinations... nothing worked, even though I knew (due to the nature of the challenge) that it had to be a somewhat simple password ('Odessa' is in every wordlist, obviously). Luckily I had the opportunity to ask the challenge owner for the correct answer and that's when I realized that none of the existing rules would have matched it, except maybe some very random rule by chance - delete s @ N then insert $ @ N, etc.

When this gets implemented, a think a new, more selective/fine-grained leetspeak rule file will be due, and I can't wait to see what it will catch when run against large bases :)

@magnumripper

This comment has been minimized.

Show comment
Hide comment
@magnumripper

magnumripper Feb 9, 2017

Contributor

I have wanted something similar. For what it's worth, 'S' is already taken in JtR. Ideally we should find some mnemonic compatible with both HC, JtR and possibly others.

Heads-up @solardiz.

Contributor

magnumripper commented Feb 9, 2017

I have wanted something similar. For what it's worth, 'S' is already taken in JtR. Ideally we should find some mnemonic compatible with both HC, JtR and possibly others.

Heads-up @solardiz.

@jsteube jsteube added the new feature label Feb 9, 2017

@jsteube

This comment has been minimized.

Show comment
Hide comment
@jsteube

jsteube Feb 9, 2017

Member

@magnumripper Please do a suggestion on the character to use

Member

jsteube commented Feb 9, 2017

@magnumripper Please do a suggestion on the character to use

@magnumripper

This comment has been minimized.

Show comment
Hide comment
@magnumripper

magnumripper Feb 10, 2017

Contributor

I'll try to create a wiki page listing all free or taken HC and JtR-jumbo mnemonics ASAP. That will come handy in the future too.

Contributor

magnumripper commented Feb 10, 2017

I'll try to create a wiki page listing all free or taken HC and JtR-jumbo mnemonics ASAP. That will come handy in the future too.

@d2-d2

This comment has been minimized.

Show comment
Hide comment
@d2-d2

d2-d2 Mar 8, 2017

@jsteube

Please do a suggestion on the character to use

Since 's' is taken, how about 'a' (for alter)?

d2-d2 commented Mar 8, 2017

@jsteube

Please do a suggestion on the character to use

Since 's' is taken, how about 'a' (for alter)?

@magnumripper

This comment has been minimized.

Show comment
Hide comment
@magnumripper

magnumripper Mar 8, 2017

Contributor

In JtR, 'a' is free but not 'A'.

https://github.com/magnumripper/JohnTheRipper/blob/bleeding-jumbo/doc/RULES

I really should create that wiki page.

Contributor

magnumripper commented Mar 8, 2017

In JtR, 'a' is free but not 'A'.

https://github.com/magnumripper/JohnTheRipper/blob/bleeding-jumbo/doc/RULES

I really should create that wiki page.

@julioauto

This comment has been minimized.

Show comment
Hide comment
@julioauto

julioauto Mar 8, 2017

For what is worth, I just updated my original post with some (motivating?) background.

julioauto commented Mar 8, 2017

For what is worth, I just updated my original post with some (motivating?) background.

@solardiz

This comment has been minimized.

Show comment
Hide comment
@solardiz

solardiz Mar 8, 2017

solardiz commented Mar 8, 2017

@julioauto

This comment has been minimized.

Show comment
Hide comment
@julioauto

julioauto Mar 8, 2017

You're right, @solardiz. That does seem to do the trick.
I think all of the commands you mentioned are implemented in hashcat, in john-compatible syntax, except for the 'p' position. I haven't tried it, but src/rp_cpu.c:12 tells me it expects a digit for position (conv_ctoi()).

julioauto commented Mar 8, 2017

You're right, @solardiz. That does seem to do the trick.
I think all of the commands you mentioned are implemented in hashcat, in john-compatible syntax, except for the 'p' position. I haven't tried it, but src/rp_cpu.c:12 tells me it expects a digit for position (conv_ctoi()).

@jsteube

This comment has been minimized.

Show comment
Hide comment
@jsteube

jsteube Mar 11, 2017

Member

@julioauto While I find your syntax more intuitive I also like the idea of using / and %. We should use the same approach to stay compatible with JtR ruleset.

Member

jsteube commented Mar 11, 2017

@julioauto While I find your syntax more intuitive I also like the idea of using / and %. We should use the same approach to stay compatible with JtR ruleset.

@0xbsec

This comment has been minimized.

Show comment
Hide comment
@0xbsec

0xbsec May 9, 2017

Contributor

@jsteube p rule is already taken in hashcat as: pN -> Append duplicated word N times.

Contributor

0xbsec commented May 9, 2017

@jsteube p rule is already taken in hashcat as: pN -> Append duplicated word N times.

@solardiz

This comment has been minimized.

Show comment
Hide comment
@solardiz

solardiz May 9, 2017

solardiz commented May 9, 2017

@0xbsec

This comment has been minimized.

Show comment
Hide comment
@0xbsec

0xbsec May 12, 2017

Contributor

@solardiz Got it, thanks.

Though, seems like / & % rules are only supported when using -j or -k with hashcat.
So while the combination of /, %, o & p will apply this functionality, it’ll be limited to the usage with -j or -k (will not work as regular rules in a file loaded with -r).

Contributor

0xbsec commented May 12, 2017

@solardiz Got it, thanks.

Though, seems like / & % rules are only supported when using -j or -k with hashcat.
So while the combination of /, %, o & p will apply this functionality, it’ll be limited to the usage with -j or -k (will not work as regular rules in a file loaded with -r).

@jsteube

This comment has been minimized.

Show comment
Hide comment
@jsteube

jsteube May 14, 2017

Member
Member

jsteube commented May 14, 2017

@solardiz

This comment has been minimized.

Show comment
Hide comment
@solardiz

solardiz May 14, 2017

solardiz commented May 14, 2017

@jsteube jsteube closed this in #1245 May 17, 2017

@roycewilliams

This comment has been minimized.

Show comment
Hide comment
@solardiz

This comment has been minimized.

Show comment
Hide comment
@solardiz

solardiz May 17, 2017

solardiz commented May 17, 2017

@0xbsec

This comment has been minimized.

Show comment
Hide comment
@0xbsec

0xbsec May 17, 2017

Contributor

@roycewilliams

'p' becomes available automatically when using '%' (reject plains unless they have at least X characters) and '=' (reject plains that do not have a character in a specific position).

I think you meant % and / rules?

Contributor

0xbsec commented May 17, 2017

@roycewilliams

'p' becomes available automatically when using '%' (reject plains unless they have at least X characters) and '=' (reject plains that do not have a character in a specific position).

I think you meant % and / rules?

@roycewilliams

This comment has been minimized.

Show comment
Hide comment
@roycewilliams

roycewilliams May 17, 2017

Contributor

@solardiz, @0xbsec - good points, both. The distinction is indeed important. I lacked the vocabulary to make it - thanks. Fixed.

Contributor

roycewilliams commented May 17, 2017

@solardiz, @0xbsec - good points, both. The distinction is indeed important. I lacked the vocabulary to make it - thanks. Fixed.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment