Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Sun, 3 Jan 2010 22:12:18 +0300
From: Solar Designer <solar@...nwall.com>
To: john-users@...ts.openwall.com
Subject: Re: append severals simple digits in a complex rule

On Sun, Jan 03, 2010 at 06:36:12PM +0100, websiteaccess@...il.com wrote:
>  I try to append severals digits after a word
> 
>  test0000
>  test1111
>  test2222
>  test3333
>  etc...
>  test9999
> 
>  I try 
> 
>  /a sa[eiouy]$[0123456789]$[0123456789]$[0123456789]$[0123456789]
> 
> but this rule do test0000 -> test0001 -> test0002 ... test9999

Not exactly: this line rejects words not containing an "a", so it
outputs nothing for "test".  It does generate candidate passwords like
those you mentioned above for words containing the letter "a".

>  It's not what I want.
> 
>  As you can see I change swap letters also in this rule.
> 
>  what is the right syntax ? 

With 1.7.4+, you can use:

/a sa[eiouy] Az"[0-9]\0\0\0"

With the word "ward" in the input wordlist, it produces 50 candidate
passwords like those you wanted:

$ ./john -w=w --rules --stdout | head -3
words: 50  time: 0:00:00:00 100%  w/s: 5000  current: wyrd9999
werd0000
werd1111
werd2222
$ ./john -w=w --rules --stdout | tail -3
words: 50  time: 0:00:00:00 100%  w/s: 5000  current: wyrd9999
wyrd7777
wyrd8888
wyrd9999

If you also have similar rules that append just one digit, you could
want to add a length check to this line such that it does not produce
effectively duplicate candidate passwords for length-limited hash types
(e.g., LM hashes):

/a <- sa[eiouy] Az"[0-9]\0\0\0"

This ensures that there's room for at least two characters to add to the
input word.  If not, it is assumed that adding the digits would produce
an effective duplicate with a rule adding just one digit.

>  I read the john'rules without success.

You could want to read the default john.conf as well (the updated one in
1.7.4).  It includes the following lines:

# Some three-digit numbers...
-[:c] (?a \p1[lc] Az"007" <+
-[:c] (?a \p1[lc] Az"123" <+
-[:c] (?a \p1[lc] Az"[1-9]\0\0" <+

The last one of these three lines has replaced 9 separate lines (found
in older revisions of the file), for appending "111" through "999".

Alexander

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.