Posts: 8
Threads: 1
Joined: May 2024
(05-25-2024, 10:49 PM)CmdFlaz Wrote: (05-25-2024, 07:25 PM)Nico33 Wrote: (05-25-2024, 01:51 PM)CmdFlaz Wrote: use of a custom char set might be more what your thinking of:
Code: hashcat -m -a 3 hash.txt ?1?1?1?1?1?1?1?1?1?1?1 -1 a7sol3tely -w 4 -O --hwmon-disable --force
Hope this helps!
Hello CmdFlaz,
The thing is: I want to simulate a situation that I lost my password and that I remember that it's a word from a dictionary and that I remember it only contains 2 digits, but just don't know which word is used and which digits are used + don't remember the positions of the 2 digits.
So like: I want hashcat to try out every word in the wordlist, but do the steps as I explained in my first post.
To make it more clear of what I mean:
Lets say only 1 digit was used. I would like hashcat to do this:
0pple
a0ple
ap0le
app0e
appl0
Then move on to the numbers 1, 2, 3, 4, 5, 6, 7, 8, 9 and then move on to the next word in the wordlist and start again with number 0
But yea I want to do this with 2 digits instead of 1 digit.
I understand a bit better, perhaps you could make a ruleset using
Insert @ N iNX Insert character X at position N i4! p@ssW0rd p@ss!W0rd
* Indicates that N starts at 0. For character positions other than 0-9 use A-Z (A=10)
and have two of these rules on each line in your rule file, with all possible permutations?
just a thought theres probably a easier way lol
Insert @ N
iNX
Insert character X at position N
i4!
p@ssW0rd
p@ss!W0rd
Hello CmdFlaz,
I will look it up and try it out when I can. I can't do the rule writing now or tomorrow, because I got other stuff to do. If I fail, I will just start off with writing basic rules and experiment with it to get a hang of it. It's best to start with the basics anyway.
I also did read that maskprocessor can generate rule files.
Let's say I start with a basic rule, like adding 1 digit at the end of each word and let maskprocessor generate that rule file and let's say that I run maskprocessor again and let it generate another rule file (adding 1 digit before every word in the wordlist), is it then possible to stack the 2 rule files with each other in hashcat, so that it tries both password1 and 1password or is it different when done with maskprocessor?
I got experience with using the rule based attack with rule files that are created by others and I know it's possible to stack rule files with each other, but maybe stacking rule files is only possible when the rule files are generated by hand and not by maskprocessor.
Thank you btw!
Posts: 14
Threads: 1
Joined: Apr 2024
(05-26-2024, 09:28 PM)Nico33 Wrote: (05-25-2024, 10:49 PM)CmdFlaz Wrote: (05-25-2024, 07:25 PM)Nico33 Wrote: (05-25-2024, 01:51 PM)CmdFlaz Wrote: use of a custom char set might be more what your thinking of:
Code: hashcat -m -a 3 hash.txt ?1?1?1?1?1?1?1?1?1?1?1 -1 a7sol3tely -w 4 -O --hwmon-disable --force
Hope this helps!
Hello CmdFlaz,
The thing is: I want to simulate a situation that I lost my password and that I remember that it's a word from a dictionary and that I remember it only contains 2 digits, but just don't know which word is used and which digits are used + don't remember the positions of the 2 digits.
So like: I want hashcat to try out every word in the wordlist, but do the steps as I explained in my first post.
To make it more clear of what I mean:
Lets say only 1 digit was used. I would like hashcat to do this:
0pple
a0ple
ap0le
app0e
appl0
Then move on to the numbers 1, 2, 3, 4, 5, 6, 7, 8, 9 and then move on to the next word in the wordlist and start again with number 0
But yea I want to do this with 2 digits instead of 1 digit.
I understand a bit better, perhaps you could make a ruleset using
Insert @ N iNX Insert character X at position N i4! p@ssW0rd p@ss!W0rd
* Indicates that N starts at 0. For character positions other than 0-9 use A-Z (A=10)
and have two of these rules on each line in your rule file, with all possible permutations?
just a thought theres probably a easier way lol
Insert @ N
iNX
Insert character X at position N
i4!
p@ssW0rd
p@ss!W0rd
Hello CmdFlaz,
I will look it up and try it out when I can. I can't do the rule writing now or tomorrow, because I got other stuff to do. If I fail, I will just start off with writing basic rules and experiment with it to get a hang of it. It's best to start with the basics anyway.
I also did read that maskprocessor can generate rule files.
Let's say I start with a basic rule, like adding 1 digit at the end of each word and let maskprocessor generate that rule file and let's say that I run maskprocessor again and let it generate another rule file (adding 1 digit before every word in the wordlist), is it then possible to stack the 2 rule files with each other in hashcat, so that it tries both password1 and 1password or is it different when done with maskprocessor?
I got experience with using the rule based attack with rule files that are created by others and I know it's possible to stack rule files with each other, but maybe stacking rule files is only possible when the rule files are generated by hand and not by maskprocessor.
Thank you btw!
hey again,
You can stack two rules within a hashcat command so hashcat -m 0 -a 0 hashes.txt passwords.txt -r firstrule.rule -r secondrule.rule -w 4 -O
I have used maskprocessor and its great tool, Maybe you could go with this idea as a starting block, its a sample taken from some rules on github, it does a high frequency overwrite, so if you were after digits only into your wordlist, generate all permutations of digits to be inserted twice in all positions of like 5-18 length words?
Quote:## high frequency overwrite at end
] $a
] ] $s
] ] $a
] ] $e $r
] ] $i $e
] ] ] $o
] ] ] $y
] ] ] $1 $2 $3
] ] ] $m $a $n
] ] ] $d $o $g
## high frequency overwrite at start
o0d
o0m o1a
I have found this site very useful for similar projects, look at the permutation section on there see if any can help
https://jpm22.github.io/txt/
ChatGPT can help simplify/translate when making your rules and is in general useful for learning, I asked it to make you a Python script with what I think your after (Havent tested it tho);
Quote:I got a dictionary containing different English words.
I want to generate a rule file for hashcat inserting 2 numbers in all possible places of the words, I only want 2 numbers inserting. Not just 1 and they must overwrite the letter
I want all possible permutations following the requirement 2 digits must be present and they must have replaced a letter in the wordlist
heres an example if the word 'absolutely' was in the wordlist,
heres a example of what some results would be:
00solutely
ab00lutely
abso00tely
absolu00ly
absolute00
0b0olutely
a0s0lutely
And so on.
Make me a python script to do this for a wordlist
The reply:
Code: import itertools
def generate_rules(word):
length = len(word)
rules = []
numbers = '0123456789'
for i in range(length):
for j in range(i + 1, length):
for num1 in numbers:
for num2 in numbers:
new_word = list(word)
new_word[i] = num1
new_word[j] = num2
rules.append(''.join(new_word))
return rules
def generate_all_rules(wordlist):
all_rules = []
for word in wordlist:
all_rules.extend(generate_rules(word.strip()))
return all_rules
def main():
with open("wordlist.txt", "r") as file:
wordlist = file.readlines()
all_rules = generate_all_rules(wordlist)
with open("rules.txt", "w") as f:
for rule in all_rules:
f.write(rule + "\n")
if __name__ == "__main__":
main()
Quote:Explanation
Reading from wordlist.txt: The main function reads the wordlist from wordlist.txt using file.readlines(), which returns a list of lines (words).
Stripping Whitespace: word.strip() is used to remove any leading/trailing whitespace or newline characters.
Generating Rules: The script generates all permutations of the words with two digits replacing letters.
Writing to rules.txt: The script writes all the generated rules to rules.txt.
To use the script, ensure you have a wordlist.txt file in the same directory, with each word on a new line. When you run the script, it will generate a rules.txt file with all the permutations.
Posts: 25
Threads: 3
Joined: Dec 2022
you can also write your own replacement rules. As in this case.
Replaces all occurrences of X with Y
sXY
ss$ p@ssW0rd p@$$W0rd
sb7 su3 absolutely a7sol3tely
specify in the rules which characters you want to replace with which ones.
You can change the source text beyond recognition at will.
Posts: 8
Threads: 1
Joined: May 2024
Hello CmdFlaz and 174region174,
Thank you both for the replies!
I am atm not feeling well, because I'm being sick, so I have to rest a lot.
@ CmdFlaz,
How do you quote multiple texts? I know how to quote, but I don't know how to do more than 1 quote.
Anyway: I'm aware it's possible to stack rules.
The high frequency override looks good. I will definitely give it a try with maskprocessor when I feel 100% better again, which can take a while.
About the Python script: I will definitely test it out as well when I feel 100% better again. I have to say that I got 0 programming knowledge/skills, but I think I just have to copy the code, make it a .py file and then run it by clicking on the .py file or running it from the commandprompt.
Thanks for the explanation as well about the script!
@ 174region174,
I will play around with that as well when I feel 100% better again and if the method of CmdFlaz doesn't work. Thanks!
Posts: 14
Threads: 1
Joined: Apr 2024
(05-30-2024, 03:34 PM)Nico33 Wrote: Hello CmdFlaz and 174region174,
Thank you both for the replies!
I am atm not feeling well, because I'm being sick, so I have to rest a lot.
@ CmdFlaz,
How do you quote multiple texts? I know how to quote, but I don't know how to do more than 1 quote.
Anyway: I'm aware it's possible to stack rules.
The high frequency override looks good. I will definitely give it a try with maskprocessor when I feel 100% better again, which can take a while.
About the Python script: I will definitely test it out as well when I feel 100% better again. I have to say that I got 0 programming knowledge/skills, but I think I just have to copy the code, make it a .py file and then run it by clicking on the .py file or running it from the commandprompt.
Thanks for the explanation as well about the script!
@ 174region174,
I will play around with that as well when I feel 100% better again and if the method of CmdFlaz doesn't work. Thanks!
Good luck mate, just put [qu0te]text here[/qu0te] - turn the 0 to a o for quotes on multiple
Posts: 8
Threads: 1
Joined: May 2024
(05-31-2024, 11:30 AM)CmdFlaz Wrote: (05-30-2024, 03:34 PM)Nico33 Wrote: Hello CmdFlaz and 174region174,
Thank you both for the replies!
I am atm not feeling well, because I'm being sick, so I have to rest a lot.
@ CmdFlaz,
How do you quote multiple texts? I know how to quote, but I don't know how to do more than 1 quote.
Anyway: I'm aware it's possible to stack rules.
The high frequency override looks good. I will definitely give it a try with maskprocessor when I feel 100% better again, which can take a while.
About the Python script: I will definitely test it out as well when I feel 100% better again. I have to say that I got 0 programming knowledge/skills, but I think I just have to copy the code, make it a .py file and then run it by clicking on the .py file or running it from the commandprompt.
Thanks for the explanation as well about the script!
@ 174region174,
I will play around with that as well when I feel 100% better again and if the method of CmdFlaz doesn't work. Thanks!
Good luck mate, just put [qu0te]text here[/qu0te] - turn the 0 to a o for quotes on multiple
Thanks! And thanks!
|
