hashcat icon indicating copy to clipboard operation
hashcat copied to clipboard

Published 20 hours ago verified publisher icon hashcat

Rule to remove all special characters or numbers

Open 0xVavaldi opened this issue 1 year ago • 1 comments

Rules like @ allow us to remove numbers such as: @0@1@2@3@4@5@6@7@8@9, but take up a lot of space in the queue when trying to stack rules, especially when combining it with special characters.

I would like to see a rule added that allows us to purge all characters part of a specific mask.

For example: Pd Purges all ?d Ps Purges all ?s

Ideally we'd even support custom charsets with -1 -2 -3. But I understand this might be a technical limitation. P1 Purges all characters in custom charset 1

0xVavaldi avatar Jun 28 '24 08:06 0xVavaldi

Crack's original syntax for this is @?d@?s, also supported in JtR, and ditto in many other commands (and to represent literal ? in such commands, it needs to be written as ??). Doesn't hashcat support it?

$ echo 'pa$$w0rd' | ./john --pipe --rules=': @?d@?s' --stdout 2> /dev/null
pawrd

solardiz avatar Jul 07 '24 23:07 solardiz

poc

$ echo -n c5r6g7h9809n | ./hashcat -j 'Pd' --stdout --quiet
crghn
$ echo -n crghn | md5sum
0a3744b3bb31fbab376ee4b1181cece2  -
$ echo 'Pd' > P.rule
$ echo -n c5r6g7h9809n | ./hashcat -m 0 '0a3744b3bb31fbab376ee4b1181cece2' -r P.rule --potfile-disable --quiet -D1

0a3744b3bb31fbab376ee4b1181cece2:crghn
Session..........: hashcat
Status...........: Cracked
Hash.Mode........: 0 (MD5)
Hash.Target......: 0a3744b3bb31fbab376ee4b1181cece2
Time.Started.....: Sun Oct 27 02:30:09 2024 (0 secs)
Time.Estimated...: Sun Oct 27 02:30:09 2024 (0 secs)
Kernel.Feature...: Pure Kernel
Guess.Base.......: Pipe
Guess.Mod........: Rules (P.rule)
Speed.#1.........:     6623 H/s (0.02ms) @ Accel:512 Loops:1 Thr:1 Vec:4
Recovered........: 1/1 (100.00%) Digests (total), 1/1 (100.00%) Digests (new)
Progress.........: 1
Rejected.........: 0
Restore.Point....: 0
Restore.Sub.#1...: Salt:0 Amplifier:0-1 Iteration:0-1
Candidate.Engine.: Device Generator
Candidates.#1....: crghn -> crghn
Hardware.Mon.SMC.: Fan0: 100%
Hardware.Mon.#1..: Temp: 75c

As soon as I have time I will try to complete it by integrating all the built-in charsets ;)

matrix avatar Oct 27 '24 00:10 matrix

@matrix Please use the same syntax that JtR uses (and Crack did), or at least a non-conflicting syntax. We already use the P command character for something else:

        English grammar commands.

p       pluralize: "crack" -> "cracks", etc. (lowercase only)
P       "crack" -> "cracked", etc. (lowercase only)
I       "crack" -> "cracking", etc. (lowercase only)

solardiz avatar Oct 27 '24 01:10 solardiz