(10-08-2012, 07:09 PM)Mem5 Wrote: Hum, so how can I add them to the charset ?
Long story short, you're going to need to know what charset was being used to store the data being hashed. How the characters were encoded will determine how you must emulate that encoding in your attack. For characters like € this could be any of the following (and many more):
Windows-874 encoding: \x80
UTF-8 encoding: \xE2\x82\xAC
UTF-16LE: \xAC\x20
UTF-16BE: \x20\xAC
and if you really wanted to cover your bases:
ASCII: \x3F (unexpressible, so gets converted to ? in my shell anyway)
Again, there are likely many more possibilities using different language charsets, etc...
If you have the ability to set a password in the system you are testing I would suggest setting a known password containing a trailing "€", then taking the hash created and trying different encodings until you crack it.
As you can see, there is no way to do this generically (at least no efficient way), hence why these characters cannot simply be added to the default symbol charset.