search

hashcat / princeprocessor

Standalone password candidate generator using the PRINCE algorithm
Other
425 stars 98 forks source link

feature request: flag to separate words #49

Open roycewilliams opened 8 years ago

roycewilliams commented 8 years ago

tl;dr:

Please allow specifying a separator and/or mask between words.

Details:

I've been thinking about ways to extend cracking functionality in the passphrase space. This is a bit rambly, but bear with me.

When PRINCE words are concatenated, some potentially useful information is lost: the word breaks. (You can sort of simulate this by supplying words with spaces at the end, but then you end up with an unnecessary trailing space.)

If PRINCE words were separated, then amplifying rules could someday be applied to individual words. Of course, that would require a way to do that. :) I was hoping to apply different rulesets to different words, as in:

c0rr3ct Horse! yrettab ssttaappllee

... but for more than just two words (so hashcat's --rule-left and --rule-right wouldn't be enough).

Something like this:

pp64 --separator=\[a space]

If there's a better way to do what I'm asking, I'd rather do that.

It might also be nice to be able to feed it a mask, as in

pp64 --separator=?d

... which would produce:

correct0horse0battery0staple
correct0horse0battery1staple

... etc., but that's just a random extra idea.

roycewilliams commented 8 years ago

In the meantime, if word separators were supported, you could pipe the output of princeprocessor to another tool that applied a simple additional rule (like capitalizing each word).

akhepcat commented 7 years ago

I'll add my "yes" to royce's request, especially being able to use the mask separator!

(word)(?s)(word) would seem to be a pretty common pattern, and having to pre-compute onto disk just to get around rule restrictions is a pain.

drzraf commented 4 years ago

Same here: Since it's all about concatenation, separators should be treated first-class like in admin@home, foo:bar@baz, ... From a quick look I'd say that concatenation actually happens there and adding separators selection (and increasing greatly the keyspace) wouldn't be trivial.

I'd thought that JtR (@magnumripper) implementation could provide some smart ruies expression like in $0, $1 to access individual PRINCE words during concatenation (or at least define the individual separators to use) but rules seem to be applied only after concatenation happened.

mythofechelon commented 4 years ago

Yes, this would be very useful.

roycewilliams commented 2 years ago

Separator management is provided by the relatively new combinatorX, but it requires multiple copies of the same wordlist when the target length is more than two words. Also, I haven't benchmarked its speed vs princeprocessor.