ad-password-protection icon indicating copy to clipboard operation
ad-password-protection copied to clipboard

Published 20 hours ago verified publisher icon lithnet

Review potential additional character substitutions

Open ryannewington opened this issue 4 years ago • 2 comments

char subsitution:

can the following be added? 6 --> b (g?) 3 --> e or m or w 9 --> g or q ! --> i or l 1 --> i or l 7 --> j or t 5 --> s

  • (plus) --> t

is it even possible to have multiple replacement options like for example the "3". I can imagine that can turn into a nightmare as you would end up with multiple (if not many due to exponential increase) passwords to check against the store

Originally posted by @zjorz in https://github.com/lithnet/ad-password-protection/issues/22#issuecomment-517661566

ryannewington avatar Aug 02 '19 22:08 ryannewington

https://github.com/lithnet/ad-password-protection/issues/34#issue-519995447

ryannewington avatar Nov 08 '19 12:11 ryannewington

From @enviableone

Link to Hashcat's leetspeak rule: these 21 are the most common password substitutions used and should increase the hitrate on banned words. For those not uptodate on hashcat syntax, s is the substitute directive and the following character is substituted for the one following so sa4 is swap a for 4 this rulle would generate a couple of normalisation candidates, 9 could be g or q, and if adding the missing to the current rule set 6 can be b or g

ryannewington avatar Nov 08 '19 12:11 ryannewington