hashcat Forum

Full Version: rule bug in oclHashCat-plus?
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
Hi, I'm trying to understand the rules, and while reading some, I saw this in the file rules/best64.rule:

## high frequency overwrite at start
o0m o1a
o0t o0b

Surely the last entry here is wrong? There's no point replacing the first character first with a t, and then replacing that with a b again?
It's not a bug, it's a feature.
I think the description is wrong in rules/specific.rule too:
## rule: switch last two chars of word with each other
## limits: words greater or equal 10 chars length
## example: johnnoble ---> johnnobel
## extras: experienced effective cases

>A k l
>A k u
>A k c

but I think it switches the first two chars, not the last two. To switch the last two chars, the k in the rules should have been capitalized.

Also, I didn't see any documentation of the '>' in docs/rules.txt, but I assume this is a test meaning we should continue only if the length of the input string is equal to or greater than A (10). Does it in fact mean greater or equal, or strictly greater? The first sounds confusing, in my opinion it ought to be the latter.
You are absolutly right, but somebody already reported this on IRC, so i fixed it for the betas. In the next release it will be fixed.
Does that cover the issue from rules/specific.rule as well? And does the '>' mean >= or just >?
Easiest way to find out is to use hashcat in --stdout mode:

Quote:root@sf:~/hashcat-0.40# cat dict
root@sf:~/hashcat-0.40# cat rule
root@sf:~/hashcat-0.40# ./hashcat-cli64.bin --stdout dict -r rule