10-24-2020, 09:54 AM
(10-23-2020, 09:51 PM)philsmd Wrote: Did you try the pre-computation of one side (the dict1_mod.txt or dict2_mod.txt approach) ? It's not always worse to use a strategy like this (mainly when the dicts aren't that huge and pre-computation of a new file is still manageable... also sometimes one dict is much smaller, e.g. domain names or something like this, so it's very doable and also effective).
Yeah we also had ideas in mind of using ?w in a new attack type or something similar to replace the placeholder ?w with the word from one dict... but it's not that fast and easy to implement efficiently (so it's still just an idea). The problem is also that with ?w the lengths of the words of course change a lot, so it's not something predictable and constant (and thus not that easy to optimize). With that idea something like ?w?d?d?w would probably be possible (but again, it's not supported yet, this was just an idea).
I am doing a little manipulation now, with dict files, and rules like -kc etc - But what I am seeing in many of the brute-forced earlier passwords is that 2 words separated by a number (not necesarily a digit) is pretty common.
Being able to do some ?w?d?d?d?d?w and then maybe a ruleset on it would be good. Often one of the words are capitalized to match company complexity policies.
I guess that optimizing the ?d?d part on openCL would we doable, and the words would then be cached ? I have no experience with vector processing, so no idea if words with pattern in middle could be optimized to run pure GPU.