11-12-2018, 04:11 AM
(11-11-2018, 03:01 PM)atom Wrote: I don't see a reason why not to stick to prioritized probability. That's what we want actually. Again I understood that you can not have a index function, but by calling the next function N times, that is a way to seek. It's slow, but it will work.
Understood. Just trying to give you options
My current plan is to finish up the non-hashcat version 4.0 of the PCFG code. There's a couple of features that I really want to see how they work in practice, most notably OMEN integration, multi-words, and L33tspeek letter replacement. There's also support for other cracking techniques like optimized wordlists for PRINCE and advanced Masks that I think might be interesting. I'd like to see how they work/don't work before I start writing the Hashcat code. My gut feeling is we might want to leave out OMEN integration at least for the first version of the hashcat pcfg cracker since that adds a lot of complexity. Perhaps OMEN could be added as a unique slow attack mode, and then afterwards I could add it back in using that code to the PCFG cracking sessions too?
For Hashcat, I'm probably going to revisit the version 2.0 code which was in C++. That code is currently in the pcfg github repo under: https://github.com/lakiw/pcfg_cracker/tr...fg_cracker
There's been a lot of improvements made in the grammar since the 2.0 code, and the 2.0 code got a bit brittle/broken when I tried to add passphrase cracking into it which is part of what prompted me to rewrite everything in Python. That's another way of saying I will take pieces of that but plan on rewriting most of it, but it at least can provide some general info if anyone else is interested in this.
Referring back to the five functions to support, sc_pcfg_keyspace. I can calculate a keyspace for a PCFG. The question is for non-trivial grammars trained on standard sized password sets, the keyspace that is covered by the PCFG is not something that will ever be finished even if it was a fast guess generator. Would that still be useful to have?