+- hashcat Forum (https://hashcat.net/forum)
+-- Forum: Misc (https://hashcat.net/forum/forum-15.html)
+--- Forum: User Contributions (https://hashcat.net/forum/forum-25.html)
+--- Thread: Effective rules (/thread-4276.html)
Pages:
1
2
Effective rules - TonyS - 04-13-2015
I started off with two rules. One comes with oclHashcat - the other I wrote myself. I then compiled a
huge list of MD5 hashes from the InsidePro forums to use as my target/testing hash list.
For the base dictionary, I merged/sorted/removed dupes between the rockyou dictionary
and passwords from the recent 10 million combo leak. The final dictionary can be downloaded
here for the curious.
I ran my two rules against these hashes with this dictionary and these were the results.
Code:
passwordspro.rule (~3300 rules) - 42.52%
tony.rule (~5500 rules) - 49.44%I outputted all rules that had a match into a file called match.rule. I then sorted
this file based on occurence and made the following rules out of it. The different sizes could
be useful if time is of essence and/or the hashing algorithm is slow. You could also obviously
head the amount of rules that you want from the top_5000.rule instead.
I done some testing on the same list, and these were the results.
Code:
no rules - 14.67% found
best 64 - 17.71% found
top_250.rule - 36.14% found
top_500.rule - 39.64% found
top_750.rule - 41.91% found
top_1500.rule - 45.76% found
top_3000.rule - 48.77% foundI realize that the rule set will be kind of biased towards this specific list since it was created
using found passwords from this list. So for further testing, I compiled a list of 1 million hashes
using random passwords from a totally separate HQ cleartext (not cracked!) password leak. These
were the results.
Code:
$ shuf ***.dic | head -n1000000 > random.dic
$ ./md5gen random.dic > random.lstCode:
no rules - 8.23% found
best 64 - 31.42% found
top_250.rule - 42.97% found
top_500.rule - 48.16% found
top_750.rule - 50.97% found
top_1500.rule - 55.80% found
top_3000.rule - 60.59% foundThe rules can be downloaded here.
RE: Effective rules - atom - 04-14-2015
Nice work. If you want we can put it into hashcat / oclHashcat default rules/ folder.
RE: Effective rules - Hash-IT - 04-14-2015
Thank you very much TonyS and very kind of you to share your work
RE: Effective rules - TonyS - 04-14-2015
(04-14-2015, 12:48 PM)atom Wrote: Nice work. If you want we can put it into hashcat / oclHashcat default rules/ folder.
Thanks! And that would be great if you want to.
(04-14-2015, 02:05 PM)Hash-IT Wrote: Thank you very much TonyS and very kind of you to share your work
Thank you.
RE: Effective rules - atom - 04-14-2015
OK, please rename the files as you want to have them in the distribution. Then pack them all together and send them to me (email).
RE: Effective rules - dikiy - 08-25-2015
(04-13-2015, 06:05 PM)TonyS Wrote: The rules can be downloaded here.
Link is dead, could anyone reupload rules, can't wait to take a look
RE: Effective rules - ati6990 - 08-25-2015
offline ;=(
RE: Effective rules - cvsi - 08-25-2015
I uploaded the original zip file to my dropbox.
TonyS Top Rules
RE: Effective rules - ati6990 - 08-28-2015
btw great results come from combi top_3000 + best64 and top3000 + specific .... found many cool plains this waay... thank you for sharing.
RE: Effective rules - djhenry1981 - 07-14-2016
Anyone have the dictionary? link is dead