Rules with combinator attack

[powderspecial600]

It it possible to use rules with the combinator attack? From what I can tell it allows the input, but it doesn't actually compute any rules based on the dictionaries.

With two (the same) dictionaries and rules applied.

Progress.......: 29/49 (59.18%) <- I would expect this number to be much higher.

With one dictionary and rules applied.

Progress.......: 21987/21987 (100.00%)

I am using the same rules and dictionaries in both examples. I realize it could add a lot of time by applying rules to a combinator attack, but am wondering if it is possible.

[unix-ninja]

Yes. Use the hybrid attack to do this.

http://hashcat.net/wiki/doku.php?id=hybrid_attack

[mastercracker]

Your post lack a little bit of details but if I get it right, you want to make all the combinations of 2 lists and then apply rules to them. Using -a 1 won't work. The workaround is to "rulify" your second list. For example, if the second list contains the following words:

how
rule
combination

then you create the file 2.rule containing this:

$h$o$w
$r$u$l$e
$c$o$m$b$i$n$a$t$i$o$n

Then you use -a 0 with your first wordlist then -r 2.rule then -r other.rule

[powderspecial600]

Your post lack a little bit of details but if I get it right, you want to make all the combinations of 2 lists and then apply rules to them. Using -a 1 won't work. The workaround is to "rulify" your second list. For example, if the second list contains the following words:

how
rule
combination

then you create the file 2.rule containing this:

$h$o$w
$r$u$l$e
$c$o$m$b$i$n$a$t$i$o$n

Then you use -a 0 with your first wordlist then -r 2.rule then -r other.rule

Ok that sounds like it would work, but would be a lot of work. I was hoping to apply a generic rule supplied with hashcat to one or both of the dictionaries on a combinator attack. So for example I apply passwordspro rules, which does a bunch of transforms and additions, etc, to a word. The idea being it does that to the lists in both dictionaries as the combinations are being tried.

For example, if I had a rule that tried a list as is and also uppercases all the words I would expect combinations like this. My 1st dictionary would contain the words: password, server, and backup. My second dictionary would be the same.

I would see combinations

passwordpassword
passwordserver
passwordbackup
serverpassword
serverserver
serverbackup
backuppassword
backupserver
backupbackup
PASSWORDPASSWORD
PASSWORDSERVER
PASSWORDBACKUP
SERVERPASSWORD
SERVERSERVER
SERVERBACKUP
BACKUPPASSWORD
BACKUPSERVER
BACKUPBACKUP

It would add potentially a ton of combinations, but would work for smaller word lists.

[mastercracker]

2 things. 1) Just to be clear, the first solution I proposed will work with OCLHashcat-plus, not Hashcat. 2) With -a 1, you can use -j and -k that will modify the word of the first and second wordlist, respectively. However, you can specify only 1 rule for the -j and 1 for the -k so you would have to generate command lines for each combination of rules that you want and it would be even more work.

[powderspecial600]

Yea that is what I was kinda afraid of. Good on OCLHashcat-plus that is what I am using. I just found it was weird it would take a rule, but didn't appear to apply it.

[atom]

We should reject -r in case in -a 1 is used and stop the command running so that users knows its not supported. Can you please open a TRAC Ticket for this?

[powderspecial600]

Yes I will do.

[Kuci]

atom, adding -r support for combinator attack is a good idea. It'd be really useful.

[epixoip]

pipe combinator.bin into plus with -r