john icon indicating copy to clipboard operation
john copied to clipboard
verified publisher icon openwall

Update hashcat mode with new rules

Open magnumripper opened this issue 1 month ago • 3 comments

Originally posted by @magnumripper in #5553 Originally posted by @fukc-gihtub in #5553

A number of other rules have been added to hashcat in the meantime: h, H, S, B, v.

BNX and vNX.

Here's what they do:

Hashcat Description Comment JtR (clash or not)
h convert the entire password to lowercase hex I assume it means hello -> 68656c6c6f free
H convert the entire password to uppercase hex  free
S shift the case of each char, JtR-like Like it says, we have this.
B add byte value of X at pos N, bytewise. ex: hello0 -> hello` BNX, and B50 for the example free
v insert char X every N chars vNX vVNM: "update l (length), then subtract M from N and assign to variable V"

For BNX and "print0 -> hello`" my first guess was that B6N would add 0x30 (with some N) to the 6th char '0' (0x30) resulting in the backtick (0x60). But we can't represent a byte value of 0x30 (48) with our 0-9A-Z (0-36) so we'd need to prepare a variable n first. So I presume this is not quite it, or maybe the example shouldn't be "print0 -> hello`" but some other character in the end of the result string (it's not a very good example). They haven't updated the Hashcat wiki and the file in docs is a header with no examples so I can't tell.

Like us they support \xNN syntax though, so maybe it's simply B6\x30 ?

magnumripper avatar Nov 21 '25 09:11 magnumripper

Like us they support \xNN syntax though, so maybe it's simply B6\x30

I see I suggested a similar case in https://github.com/hashcat/hashcat/pull/3850#issuecomment-1689475070 and they didn't protest.

EDIT: Oh and the example is correct as of https://github.com/hashcat/hashcat/commit/66a55d22866bde481b094b23fd59b249808a658e

#define RULE_OP_MANGLE_CHR_ADD           'B'  // add byte value of X at pos N, bytewise. ex: hello0 -> hello`

Edit again:

the file in docs is a header with no examples so I can't tell.

The comment and example is there too, not sure what I had been drinking.

It's a poor example as the byte value of '0' and the term needed are both 0x30. So I'm still not 100% sure this is it.

magnumripper avatar Nov 21 '25 09:11 magnumripper

https://github.com/hashcat/hashcat/pull/4562

fukc-gihtub avatar Nov 21 '25 10:11 fukc-gihtub

So according to that, the example would be accomplished using B50 (Add byte value of '0' to the character in position 6, zero-based.

We too use zero-based character positions, I was wrong above. Will edit OP.

magnumripper avatar Nov 21 '25 11:11 magnumripper