hashcat-3.00 Toggle attack produces duplicates
#1
Hi all,

 I've encountered a problem which I have no idea how to solve.

 word.txt contains only one word which is "word".
 I'm trying with the default toggles1.rule.
 Here is the result:


Code:
hashcat64.exe -r "rules\toggles1.rule" --stdout word.txt

Word
wOrd
woRd
worD
word
word
word
word
word
word
word
word
word
word
word

 Obviously it produces lots of duplicates since the rules like: T8, T9,  etc. doesn't do anything with a 4 character long word. But shouldn't these results get rejected?
 Same applies when the toggle hits a digit which cannot be toggled, but it just ignores it, and outputs the original word.
 How can I filter the output so the unchanged results (compared to the input) get rejeted?

BRs
/Andras
#2
Noone?
Is this normal behavior or a bug or is there a setting for this?
#3
Well, in this specific case some rules are applied, since hashcat was instructed to apply all these rules, but they/some didn't change the password candidate because the toggles should take place at positions that are outside the password candidate's password length.

I.e. if you toggle like this:
apply "T9" to "word" than the result is "word"

since there is no position 9(+1, because first position is 0) in "word".

I would say that this is somehow to be expected behaviour since hashcat can't by no means keep track of all current and previous password candidate and filter/unique them, because word lists and number of rules could be huge etc.

So in this case the answer is "don't apply rules that do not change the plains within your word list" and in general the answer (even if not 100% "acceptable" all the time, I guess) "ignore the few duplicates, since if your candidates/rules are good enough there should be very, very neglectable little".
#4
One suggestion, since we should be running word lists of same length words at a time (having used splitlen) is to when using 4 character words, use a subset of the toggle rules that only go to length 4. And with 5 character words, use the subset that just go out to length 5. And so on.
#5
Okay, so this is normal behavior.
I didn't know that the user should prepare word lists with same length words and run them one-by-one.
This makes things a bit more complicated, but of course doable.

BTW: I opened this thread because I found another thread where it was stated that the result would get filtered out if the toggle rule would hit a number (which cannot be toggled), but it seems it's not the case anymore.
Thanks.