Posts: 2
Threads: 1
Joined: Oct 2014
Hello,
I apologize if this is not the right place to be posting this, but here it goes. I am basically a script kiddy slowly learning things on my spare time. I am currently using hashcatgui v0.44.
I have noticed a lot of passwords with the format being [word 1][word 2][number].
I have cracked multiple hashes that have this format but would like to speed things up. I currently have a wordlist that contains all of the word 1 and 2s I have cracked. I have looked into the combinator attack, but i can't for the life of me figure out how to append a number to the right dictionary. I've read a few places about using the combinator.bin and piping it to oclhashcat, but i am confused by this and don't know where to start. I kind of need a step by step instruction if i am to do this
I know i could use a wordlist combiner and use a &?d rule in a straight attack, but i can only seem to find wordlist mergers.
Any help would be greatly appreciated.
Posts: 10
Threads: 1
Joined: Dec 2014
You can use combinator.exe or combinator.bin from the hashcat utils package to combine your two wordlists together into a single new wordlist. Then you can use the hybrid attack (-a 6) to append the digits or you could just use a rule file to append digits to the end ($1, $2, etc).
Here is some python code if the utils tools dont do it for you for some reason:
Code:
def combinator(infile1, infile2, outfile):
"""
This reads input file1 and combines all entries with all entries from file2
$ cat demo.out
c
ss123
$$w0r
min!1
$ cat demo.txt
abc
pass123
P@$$w0rd1
@dmin!123
Example: combinator('demo.txt', 'demo.out', 'demo.combinator')
$ cat demo.combinator
abc
abcc
cabc
abcss123
ss123abc
abc$$w0r
$$w0rabc
abcmin!1
min!1abc
pass123
pass123c
cpass123
pass123ss123
ss123pass123
pass123$$w0r
$$w0rpass123
pass123min!1
min!1pass123
P@$$w0rd1
P@$$w0rd1c
cP@$$w0rd1
P@$$w0rd1ss123
ss123P@$$w0rd1
P@$$w0rd1$$w0r
$$w0rP@$$w0rd1
P@$$w0rd1min!1
min!1P@$$w0rd1
@dmin!123
@dmin!123c
c@dmin!123
@dmin!123ss123
ss123@dmin!123
@dmin!123$$w0r
$$w0r@dmin!123
@dmin!123min!1
min!1@dmin!123
"""
try:
f1=open(infile1)
f2=open(infile2)
fw=open(outfile, 'w+')
for line in f1:
fw.write(line.strip().encode('utf8', 'ignore') + "\n")
f2.seek(0)
for word in f2:
fw.write(line.strip().encode('utf8', 'ignore') + word.strip().encode('utf8', 'ignore') + "\n")
fw.write(word.strip().encode('utf8', 'ignore') + line.strip().encode('utf8', 'ignore') + "\n")
# Uncomment to add numbers to the end if you like, currently just merges the two lists (word1 + word2 and word2 + word1)
# for i in range(0,10):
# fw.write(line.strip().encode('utf8', 'ignore') + word.strip().encode('utf8', 'ignore') + str(i) + "\n")
fw.close()
f2.close()
f1.close()
return True
except:
return False
Posts: 83
Threads: 19
Joined: Dec 2014
It can be done with oclhashcat, but it will take some work. You have two options (AFAIK):
1) Use the hashcat utility program combinator to create a new dictionary, then you can use rules with that. This has the downside that it requires a bit a disk space. The bigger the dictionaries, the more diskspace. The space required is roughly the space used by dictionary 1 multiplied by the space used by dictionary 2. Yes, it is possible to pipe things, but that gets trickier.
The command is combinator.exe dict1 dict2 > newdict.dict
Obviously, if you on Linux, substitute the Linux binary.
Once you have the new, combo, dictionary, then run it as an -a 6 attack and use ?d mask. It could be done with rules too.
2) With oclhashcat, you can use a combinator attack (-a 1) and a single rule, applied to either the left or right dictionary word. An example of such a command (using the Nvidia version of oclhashcat on Windows) is:
cudahashcat64.exe -a 1 -m 0 --remove -o found.txt --rule-right=$5 md5.hash dict1.dict dict2.dict
where:
-a 1 is a combinator attack
-m 0 is for MD5 hashes
--remove is to remove found hashes from the found file. I believe there are some speed improvements from doing this, and definitely makes tracking progress easier
-o found.txt is where to dump the found hashes
--rule-right=$5 is a rule to apply to the right (and therefore second) word. In this example $5 means append a 5 to the word.
md5.hash is the file containing a list of hashes
dict1.dict is the first dictionary (left word)
dict2.dict is the second dictionary (right word), which can be the same as the first dictionary
The downside to this method is you have to alter the rule for each digit after each run, i.e. first run has $1, then second run has $2, etc. since combinator attacks don't allow rules files. You can, of course, write a script/batch file to help.
Posts: 2
Threads: 1
Joined: Oct 2014
Wow, thanks for the quick reply guys. I ended up finding a program for linux last night called wordlist manipulator that could combine the wordlists the way i wanted, but it seemed like it was adding extra characters that i couldn't see and wasn't useful to me.
I ended up using the combinator.exe, btw i just figured out how to write a cmd file to take advantage of it, and combining the wordlists into one. I wrote a little rule file to append numbers 1-9 to it and it worked!
Again thanks for all the help guys. I thought combinator.exe was an executable that the binary file used to execute a combination attack. Are there any other cool things I don't know about that you guys love?