02-15-2016, 11:12 PM
Hi,
I'd like to ask if the following idea for a new attack mode would be worth posting on github as a new feature request.
I would find quite useful if the elements of a mask could correspond to all words from given dictionaries, not just single bytes. This way one could perform the following types of attacks:
?<dict1>?s?<dict2>?d?d
Furthermore, (language specific) utf-8 brute force would be supported out-of-the-box without workarounds:
?<utf8dict>?<utf8dict>?<utf8dict> ...
where <utf8dict> would contain the relevant utf8-chars as words.
I am aware that the proposed functionality can already be achieved by using various workarounds (hybrid emulation rules, programatically generated mask files, pre-applying rules to a dictionary then combinator, reading from stdin, etc), but these all have drawbacks (amplification done on cpu, huge disk space and/or memory requirement, lot of manual preparing, etc).
My guess is that implementing this attack mode would require a considerable amount of programming, and it wouldn't be trivial to implement it efficiently, so I'm not sure if it's worth the effort, and if it is aligned with the current development goals/directions. Furthermore it would require a completely new attack mode. (I've read some oclhashcat code for fun, but I have absolutely no experience in GPU programming.)
Any opinions?
I'd like to ask if the following idea for a new attack mode would be worth posting on github as a new feature request.
I would find quite useful if the elements of a mask could correspond to all words from given dictionaries, not just single bytes. This way one could perform the following types of attacks:
?<dict1>?s?<dict2>?d?d
Furthermore, (language specific) utf-8 brute force would be supported out-of-the-box without workarounds:
?<utf8dict>?<utf8dict>?<utf8dict> ...
where <utf8dict> would contain the relevant utf8-chars as words.
I am aware that the proposed functionality can already be achieved by using various workarounds (hybrid emulation rules, programatically generated mask files, pre-applying rules to a dictionary then combinator, reading from stdin, etc), but these all have drawbacks (amplification done on cpu, huge disk space and/or memory requirement, lot of manual preparing, etc).
My guess is that implementing this attack mode would require a considerable amount of programming, and it wouldn't be trivial to implement it efficiently, so I'm not sure if it's worth the effort, and if it is aligned with the current development goals/directions. Furthermore it would require a completely new attack mode. (I've read some oclhashcat code for fun, but I have absolutely no experience in GPU programming.)
Any opinions?