02-15-2019, 12:01 PM
(02-15-2019, 09:39 AM)philsmd Wrote: as you might already know, if you use any amplifier (like rules) the total number of password candidates will increase. This implies also that the "Progress" number in the status screen will get larger and larger the more rules you use.
The "crackpos" value will take this offset into account too. i.e. it won't only reflect the word position but also the word_pos * rule_pos etc... I think you get the idea (to get the full technical details I would recommend looking into the source code file e.g. src/outfile.c etc).
There is one caveat, crackpos must be considered as an indicator that helps for statistical/forensic/analysis purposes and should be treated as an indicator which passwords are cracked first (or which are easier to crack etc).
Of course it could in theory give slightly different results if you test with different systems and/or different GPUs on a system whenever for instance multiple rule+word combinations would crack the same hash etc.
Statistically viewing it it's a quite robust/good indicator, but of course since the password cracking is highly parallelized there could be different "crackpos" reported during different launches (especially if you have multiple GPUs or are comparing it with different machines etc).
At the end it's a negligible offset of course (if any), but that's how "crackpos" was intended to be used i.e. only to see which passwords are easier to crack compared to others etc.
I did some tests, yes, dividing the amount given by the amount of rules results in the right number (approx)
So rockyou could give:
21232f297a57a5a743894a0e4a801fc3:admin:19817
Rockyou with 10 rules could give:
21232f297a57a5a743894a0e4a801fc3:admin:198174
and Rockyou with 1254 rules could give
21232f297a57a5a743894a0e4a801fc3:admin:24850518
and as you can see 24850518/1254 = 19817.
example with:
21232f297a57a5a743894a0e4a801fc3:admin:79270
900e6fe77391e517e72d191fa20dc980:admin47646274:79271
with this ruleset:
u
d
:
$4$7$6$4$6$2$7$4
So you can see that it goes through each single word line by line, and for each word it applies each rule.
So the full formula for the ID would be:
word_pos-1 * total_rules + rule_pos
I also noticed that the first attempt / crack is at 0, which is technically incorrect as attempt 1 should be 1 instead of 0. Same goes for the 'rule' counter, which starts at 0.
I'm no sure how much implication it would have for other functions to change this but these small numbers are of course negligible