Date: Fri, 3 Oct 2008 21:37:58 +0400 From: Solar Designer <solar@...nwall.com> To: john-users@...ts.openwall.com Subject: wordlist rules for leet speak (was: how to do that) On Thu, Oct 02, 2008 at 06:09:59PM +0200, websiteaccess wrote: > I would like apply a rule in JTR able to change a vowel with digit. > > Example: adoption -> ad0ption > or carnage -> carn4ge > > How to do that with jtr's rules ? The default john.conf includes some rules like that, enabled for "single crack" mode only by default. You may copy the lines between these two comments: # The following 3l33t rules are based on original Crack's dicts.rules l/asa4[:c] l/ese3[:c] l/lsl1[:c] l/oso0[:c] l/sss$[:c] ... l/asa4/ese3/lsl1/oso0/sss$[:c] # Now to the prefix stuff... into the [List.Rules:Wordlist] section to have them enabled for wordlist mode as well. (I have replaced some of the rules with "..." above.) As to your specific examples, replacing o's with 0's is done with the "so0" command, and a's with 4's with the "sa4" command. To discard duplicate candidate passwords that would be produced on input words that lack the characters to be replaced, either the approach seen above can be used (e.g., the command "/a" rejects the word unless it contains "a") or the "M" and "Q" commands can be used as follows: [List.Rules:Wordlist] so0Q sa4Q so0QMsa4Q This may produce the following candidate passwords: $ cat w adoption carnage $ john -w=w --rules --stdout ad0pti0n 4doption c4rn4ge 4d0pti0n words: 4 time: 0:00:00:00 100% w/s: 400 current: 4d0pti0n Notice that all of the rules mentioned above will replace _all_ instances of the characters to be replaced. This is different from your examples where only some instances of o's and a's were replaced. Unfortunately, there's no good way to achieve the latter with wordlist rules, although it can be achieved if you really want to. For example, these rules: [List.Rules:Wordlist] =0oo00 =1oo10 =2oo20 =3oo30 =4oo40 =5oo50 =6oo60 =7oo70 =0ao04 =1ao14 =2ao24 =3ao34 =4ao44 =5ao54 =6ao64 =7ao74 will produce: $ john -w=w --rules --stdout ad0ption adopti0n 4doption c4rnage carn4ge words: 5 time: 0:00:00:00 100% w/s: 500 current: carn4ge Alexander P.S. Please use short yet descriptive message Subjects. Yours was not descriptive at all; I had to change it. -- To unsubscribe, e-mail john-users-unsubscribe@...ts.openwall.com and reply to the automated confirmation request that will be sent to you.
Powered by blists - more mailing lists
Powered by Openwall GNU/*/Linux - Powered by OpenVZ