Rule-based Attack: Substitution of single chars with strings
#1
Hey guys,

I stumbled upon this problem looking at a MySQL db record of a forum software which had a faulty implementation of passing passwords on register-process.

Turned out, every password containing one or more of different special characters (like !, &, < and >) was encoded into its html-entity pendant.

! turned to #&33;
& turned to #&amp;

Weird stuff but I finally realized this happened when passing the passwords into the db.

Now my question:
Regarding the different attack modes I had to use workarounds to deal with this encoding, like appending $#$&$3$3$; to a wordlist. But I need this a little more simple for like character injection into passwords of a wordlist. Thought of using the char-substitution-rule like

s!#&33;

but this is not a valid rule. Solved this by preparing my wordlists with 'sed' before using it, but this is still not very flexible.

Is there a way to tell hashcat to substitute the single characters with the whole 5-or-more-char-strings?


Messages In This Thread
Rule-based Attack: Substitution of single chars with strings - by hydra - 05-12-2017, 08:14 AM