Rule for every possible mistype of a known password?
#3
(04-27-2023, 03:15 PM)Atomsoul Wrote: Hi everyone, after a few years of clearing my head away from cracking, im giving it another go.

I've had a very specific password used with the structure of BoldBana22!
Im trying to build or find a rule set that will give me every possible mistype of this specific password.

this includes:
* lower\higher case,
* Adjacent (is this spelled right?) of every key (B could be v\g\h\n for example)
* didnt hold the shift key long enough when doing special characters and caps

if anyone have any more ideas of mistypes i'd be happy to hear

I'm trying to crack an old ETH wallet (15700, scrypt), getting about 27-35 hashes/sec at the moment.

there is no predefined ruleset for this, you have to generate a dictionary or quite huge ruleset on your own

the problem as always when using rules for this approach, combinations, just take a look at char B, there is a rule for changing char B to v or V or n and N and so on, but there is no rule to do this change only for the first or second B, just for both, you can do a workaround by using the replace postition rule but lets assume you had made 2 or even 3 mistakes

you have to combine each rule for each postion with eachother AND for each combination of each adjacent char and for each "error-count from 1-length of your pass", this combination count will explode very fast

if your pass really follows this kind of style chars:digitsConfusedpecial i would go by generating a wordlist out of this as the last part digits and special can be translated to mostly digits OR special made from digits or use a combinator attack for that

scrypt modes in fact runs mostly faster on plain CPU, which will in fact made an combinator attack unavailable or at least the same speed like pure dictionary attack

when thinking a littel bit more i think i would go with some kind of hybrid attack a dict with common mistakes i can think of + rules, making the ruleset become more and more complicated with each run, AND because of this really slow hash i would really recommend the use of hashcats THE BRAIN function to sort out already checked passes
Reply


Messages In This Thread
RE: Rule for every possible mistype of a known password? - by Snoopy - 04-27-2023, 04:32 PM