Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <20100418232254.GA17817@openwall.com>
Date: Mon, 19 Apr 2010 03:22:54 +0400
From: Solar Designer <solar@...nwall.com>
To: john-users@...ts.openwall.com
Subject: Re: duplicate 2 latest digits

On Sun, Apr 18, 2010 at 10:37:49PM +0200, websiteaccess@...il.com wrote:
>  I would like duplicate 2 times the last 2 digits .
> wordlist : john
> 
>  john + (from 00 to 99)
>  john -> john000000 to john 999999

Here's the ruleset line to do what you need:

Az"[0-9][0-9]\1\2\1\2"

It produces:

john000000
john010101
john020202
...
john090909
john101010
john111111
...
john979797
john989898
john999999
words: 100  time: 0:00:00:00 100%  w/s: 10000  current: john999999

You may also prefix the line with a length check such that you do not
try adding the 6-character strings to words that are already too long.
For example, to ensure there's room for at least two characters:

<- Az"[0-9][0-9]\1\2\1\2"

or to ensure there's room for at least three characters (such that the
resulting candidate passwords will be different from those produced by
an append-two-digits ruleset line, which is probably also present):

va*2 <a Az"[0-9][0-9]\1\2\1\2"

or to ensure there's room for all 6 characters:

va*5 <a Az"[0-9][0-9]\1\2\1\2"

or just restrict this to short words (irrespective of what the target
hash type's length limit is):

<7 Az"[0-9][0-9]\1\2\1\2"

or combine both kinds of restrictions:

<7 va*2 <a Az"[0-9][0-9]\1\2\1\2"

This kind of complexity may be beneficial in "universal" rulesets that
are meant to be near-optimal for all hash types.

Alexander

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.