Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <AANLkTim4TJCsj+083iA3s6j-q4DjPKidKOJ=w2Q9vbi2@mail.gmail.com>
Date: Tue, 22 Feb 2011 14:26:45 -0500
From: Rich Rumble <richrumble@...il.com>
To: john-users@...ts.openwall.com
Subject: Re: 1337 aka Leet Rules

Sorry to dredge this one back up... but for our organization I crack
the "hardest" passes with l337 rules.
On Tue, Aug 3, 2010 at 4:55 PM, Solar Designer <solar@...nwall.com> wrote:
> On Wed, Aug 04, 2010 at 12:35:32AM +0400, Solar Designer wrote:
>> To produce all combination's of "e" to "3" and "o" to "0" replacements in
>> a word containing 2 instances of each of these characters, you can use:
>>
>> %2e vap0 %2o vbp0 /e vcp0 /o op[o0] oc[e3] ob[o0] oa[e3]
>
> Actually, this can be simplified to:
>
> %2e op[e3] %2o op[o0] /e op[e3] /o op[o0]
>
In the lines below I've had some very very good success against our users
I've been studying the RULES file more and more, number one to understand
what you've sent me in this thread previously:) and B to better my own rules
So far, I'm still using what you sent.
#ea
%4a op[a4] %4e op[e3] %3e op[e3] %3a op[a4] %2e op[e3] %2a op[a4] /e
op[e3] /a op[a4]
%4a op[a4] /e op[e3] %4e op[e3] /a op[a4] %3a op[a4] /e op[e3] %3e
op[e3] /a op[a4] %2e op[e3] /a op[a4]
These rules are ok, but they do produce duplicates and the target word itself
in this case I'm only using qqQQaaaaeeee as a test. Would there be a way to
replace A and E with 4/3 no matter how many times it occurs in the
word, but still
be iterative like it is now, rotating all possible combination's? I
know I can use sXY
to do all of them, but I have a feeling the preprocessor and rules may
be powerful
enough for the job. It took me a while to realize that op was
overstrike/memorize
so using M/Q/X so far in my trial and error methods hasn't yielded fruit.
I've looked into trying to understand di/trigraphs as well as the
frequencies that
a/e/l/i/o/t (and others) occur in the english language to create more targeted
instances of these rules, and not just create every possible combo by
hand like I have been doing.
Should I perhaps use some 1337 script to create more wordlists or fake
pot files and create a chr file? I have yet to do this, I have created some
1337 wordlists, but I don't like to use them. I did, can't find it now, have
a php script that would do this, I suppose I could feed wordlists mangled
by the script to stdin, but if the preprocessor is capable I'd prefer it there
as other can benefit from it now matter their platform. There are many
more combination's of a/e/l/i/o/t I'd use as well.
-rich

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.