dictionary / rules ethereum
#1
Hi - read a bit about rules and dictionaries and want to start trying out some combinations.
What I remember from my password is a combination dictionary word with some characters in between I hope I still remember correctly.
I want to start with something like this (apple is just a word from the dictionary)
apple#$^apple
With duplication (d) I can duplicate apple and append the in between bit (#!^) with $#$!$^ and then Trucate right with ] ] ]

So rules.txt would be:

d $#$!$^ ] ] ]

What should result in apple => apple#!^apple 
./hashcat.bin  -m15700 -D1 hash.txt dictionary.txt -r rules.txt
Is this the right approach?
After that I want to try more complex combinations like
capitalize, changing some letters in numbers etc..

Apple#!^apple
and
App1e#$^app1e

etc.
Reply
#2
you can use the option --stdout to see "how your rule would work)

hashcat -a 0 --stdout -r rules.txt pw.txt

your examples results in output
appleapple

rules are applied from left to right to the provided word (apple)
d $#$!$^ ] ] ]
so you double apple, after that add # add ! add ^ and then you remove ^, remove ! remove # resulting in
appleapple

for your single approach you could  use the combinator attack with -j -k rules
hashcat -a 1 --stdout -j "$#$!$^" pw.txt pw.txt
apple#!^apple

-j is applied to the left pw.txt containing your apple after that apple from right pw.txt is appendend / combined
for better understanding i changed pw.txt to contain apple and beer, pw1.txt pear and wine

hashcat -a 1 --stdout -j "$#$!$^" pw.txt pw1.txt
apple#!^pear
apple#!^wine
beer#!^pear
beer#!^wine
Reply
#3
(05-22-2021, 10:43 PM)Snoopy Wrote: you can use the option --stdout to see "how your rule would work)

hashcat -a 0 --stdout -r rules.txt pw.txt

your examples results in output
appleapple

rules are applied from left to right to the provided word (apple)
d $#$!$^ ] ] ]
so you double apple, after that add # add ! add ^ and then you remove ^, remove ! remove # resulting in
appleapple

for your single approach you could  use the combinator attack with -j -k rules
hashcat -a 1 --stdout -j "$#$!$^" pw.txt pw.txt
apple#!^apple

-j is applied to the left pw.txt containing your apple after that apple from right pw.txt is appendend / combined
for better understanding i changed pw.txt to contain apple and beer, pw1.txt pear and wine

hashcat -a 1 --stdout -j "$#$!$^" pw.txt pw1.txt
apple#!^pear
apple#!^wine
beer#!^pear
beer#!^wine

In my case the first word should be exactly the same as the 2nd. So no apple pear combination. Always apple apple so if two dictionaries are used they should be exactly the same and dynamically follow the sequence of both. I am just not sure about use of additional numbers in text and capitals.
Anyway, will try it out and see how far I will go. Certainly some pointers I can explore. Thanks!
Reply
#4
well this is not how combinator works, for this you will probably generate a first dictionary with your words like this

apple123
apple234
apple345

and so on, you can use the maskprocessor for this and combine this list with a second wordlist with just the word apple in it

then you could use this combined list with another handcraftet ruleset for things like upper first,second, third char ...
Reply
#5
(05-23-2021, 12:40 PM)Snoopy Wrote: well this is not how combinator works, for this you will probably generate a first dictionary with your words like this



apple123

apple234

apple345



and so on, you can use the maskprocessor for this and combine this list with a second wordlist with just the word apple in it



then you could use this combined list with another handcraftet ruleset for things like upper first,second, third char ...


I thought that was the case that why I though about a trick to duplicate apple123 and after that remove the last 3 characters with ]]]
Apparently that doesn't work as well.

Not that hard to create a new dictionary and just add the characters to every word in there. Should be able to do that in emacs.
Will have some time later today to give all the options a try. I also like to see how the Memorize function works.
Reply
#6
Hashcat will probably not have something that works out of the box. I was hoping Memorize could be used but that option only seemed to be available in legacy versions. Not sure it would have worked anyway.

So I will focus on creating one smaller dictionary to start with. Eliminating words with characters I am (pretty) sure I've not used. Then limit the word length with  grep -x '.\{8,63\}' megawordlist > megawordlist2 
Current list contains 400000 words and a lot of them I am positive I haven't used.

That should become the masterfile that will be used to append and combine.
append:
awk '$NF=$NF "123"' OFS="123 " list > new_file
combine:
cat wordlist1.txt wordlist2.txt > combined-wordlist.txt should do the trick. 

https://adaywithtape.blogspot.com/2011/0...sited.html


Maybe maskprocessor can do the something similar, but I didn't find examples that were similar to mine so will try above first. 

Hashcat itself seems to be working fine, did some tests and running through one wordlist of 400000 words would take less than two days. Not bad.
Reply
#7
mp64 apple?d?d

would result in output
apple00
..
apple99

you can use custom charsets or buildin ones, like?d (digits), see --help

cat wordlist1 wordlist 2 will just append list 2 to list1, not combine, so for that see combinator in hahscat utils or use hahstcat in combinator mode with --sttdout
Reply
#8
(05-23-2021, 07:56 PM)Snoopy Wrote: cat wordlist1 wordlist 2 will just append list 2 to list1, not combine, so for that see combinator in hahscat utils or use hahstcat in combinator mode with --sttdout


You're right cat didn't combine the lists. Combinator does combine but seems to work through all possible combinations in a list so doesn't seem to provide what I need.

wordlist1

apple123
beer123
citrus123

wordlist2

apple
beer
citrus

should result in:

wordlistcombined

apple123apple
beer123beer
citrus123citrus

(so I don't need apple123beer... etc)

I found a solution. paste command did the trick.

paste -d "" wordlist1.txt wordlist2.txt > wordlistcombined.txt
Reply
#9
(05-22-2021, 04:34 PM)B_Kchurc Wrote:
Hi - read a bit about rules and dictionaries and want to start trying out some combinations.
What I remember from my password is a combination dictionary word with some characters in between I hope I still remember correctly.
I want to start with something like this (apple is just a word from the dictionary)
apple#$^apple
With duplication (d) I can duplicate apple and append the in between bit (#!^) with $#$!$^ and then Trucate right with ] ] ]

So rules.txt would be:

d $#$!$^ ] ] ]

What should result in apple => apple#!^apple 
./hashcat.bin  -m15700 -D1 hash.txt dictionary.txt -r rules.txt
Is this the right approach?
After that I want to try more complex combinations like
capitalize, changing some letters in numbers etc..

Apple#!^apple
and
App1e#$^app1e

etc.

If you are interested in combining pieces of text, numbers and punctuation (in any order) have a look at comboleetor.pl.  https://www.jimby.name/techbits/recent/comboleetor/

Code here:   https://www.jimby.name/techbits/recent/c...or_2.1.tgz

Presentation here: https://www.jimby.name/techbits/recent/c...tation.pdf

Enjoy :-)
Reply