01-23-2024, 10:29 AM
(This post was last modified: 01-23-2024, 10:38 AM by monyanus.
Edit Reason: Just improving readability
)
Thanks! You call it theory and indeed you are correct. However, in my experience it is often that you are forced to learn the theory by necessity and experience in practice based on the kind of passwords you encounter. For me these two go hand in hands. Just like normal software development, you need to encounter a problem first, and then dive in theory and examples by others to overcome the problem. Just learning theory in the beginning without applying it or needing it in practice does not work as well both for programming and hash cracking (at least it does not work for me).
Perhaps I can give two example to illustrate how theory and practice go hand in hand for me.
I have my own rules for inserting typos, changes in case as well as insertions, replacements, deletions etc. However, in practice I found that the password I encounter often have the "typo's" or unique elements next to each other. This led me to make new rule sets where Toggling cases is not anymore any combination, but the targets are adjacent and often at the beginning or end of a (pass-)word. After checking the wiki I found you can duplicate first and last N characters. This was another frequently occurring case, e.g. Password, had become PPPassword, or Pppasword.
|Duplicate block front |yN |Duplicate first N characters |y2 |p@ssW0rd |p@p@ssW0rd |*
|Duplicate block back |YN |Duplicate last N characters |Y2 |p@ssW0rd |p@ssW0rdrd |*
These very cool rules allowed me to more efficiently check those kind of purposeful typos.
A more advanced problem I encountered was artificial words created by a client.
I solved this by implementing my own code to break all words of one language into syllables, counting their occurrence and making list of them. e.g. lists of 90% most occurring, 80% most occurring syllables. By applying statistics, the number of combinations in syllables drop greatly while only slightly reducing the chance of finding a hit. Again theory combined with pragmatic need based on what I encounter/observe in my cases. The most important thing here is not to get lazy and assume you know all. Every case I learn new things about both passwords, how humans think, and how awesome hashcat truly is. Hascat has so many great features build based on the experience of many great hash crackers and the number of tricks you combine is near infinite, especially when you also combine it with your own code and hashcat utils.
Perhaps I can give two example to illustrate how theory and practice go hand in hand for me.
I have my own rules for inserting typos, changes in case as well as insertions, replacements, deletions etc. However, in practice I found that the password I encounter often have the "typo's" or unique elements next to each other. This led me to make new rule sets where Toggling cases is not anymore any combination, but the targets are adjacent and often at the beginning or end of a (pass-)word. After checking the wiki I found you can duplicate first and last N characters. This was another frequently occurring case, e.g. Password, had become PPPassword, or Pppasword.
|Duplicate block front |yN |Duplicate first N characters |y2 |p@ssW0rd |p@p@ssW0rd |*
|Duplicate block back |YN |Duplicate last N characters |Y2 |p@ssW0rd |p@ssW0rdrd |*
These very cool rules allowed me to more efficiently check those kind of purposeful typos.
A more advanced problem I encountered was artificial words created by a client.
I solved this by implementing my own code to break all words of one language into syllables, counting their occurrence and making list of them. e.g. lists of 90% most occurring, 80% most occurring syllables. By applying statistics, the number of combinations in syllables drop greatly while only slightly reducing the chance of finding a hit. Again theory combined with pragmatic need based on what I encounter/observe in my cases. The most important thing here is not to get lazy and assume you know all. Every case I learn new things about both passwords, how humans think, and how awesome hashcat truly is. Hascat has so many great features build based on the experience of many great hash crackers and the number of tricks you combine is near infinite, especially when you also combine it with your own code and hashcat utils.