Please note, this is a STATIC archive of website hashcat.net from October 2020, cach3.com does not collect or store any user information, there is no "phishing" involved.

hashcat Forum

Full Version: Limiting the consecutive occurrence
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
Pages: 1 2 3 4 5 6 7 8 9 10 11 12 13
(05-28-2012, 01:42 PM)M@LIK Wrote: [ -> ]Hmm, right now I can think of anything for that, as far as I know there's nothing near to that in sed.

Can grep delete lines too? as you only need to delete any line that contained these.

Code:
ABCDEF
BCDEFG
CDEFGH
DEFGHI
EFGHIJ
FGHIJK
GHIJKL
HIJKLM
IJKLMN
JKLMNO
KLMNOP
LMNOPQ
MNOPQR
NOPQRS
OPQRST
PQRSTU
QRSTUV
RSTUVW
STUVWX
TUVWXY
UVWXYZ

Edit:
just thinking, what would be the likey hood that 8 upper alpha password would have ABCD or MNOP because if its unlikely which I would think, then I could tighten this up and remove any line with 4, 5 and 6 characters in a alphabetical order any where in the whole line. This would further reduce the lists.
@Pixel

Thanks for the code !!!

I realise what I had done wrong now, I was filtering way to hard. I also had never tried starting with anything other than A so obviously there was a lot to delete before getting any hits.

I have reduced my filtering somewhat and starting from B it now works, thank you for your help.

M@lik
Please see above, thats what I was doing wrong...thanks.

OK I have some Regular Expression code to share here which as I said before is almost exactly like M@liks but not for SED. I had to take out the backslash for my interpreter to work.

This bit is the consecutive one.
Code:
(.)\1

This bit is for n occurrences per line.
Code:
(.).*\1

The reason these may be useful is that they can be used to filter an already generated list.... Hope it helps.

On the subject of how hard to filter can I get some agreement from you two ?

It would seem that we should allow 2 consecutive characters together and no more than 2 per line. Do you both agree ? I think any more or less defeats the object of filtering.


However I do like Pixels idea about not allowing consecutive alphabetical order either. Nice one ! Big Grin

Comments please...
(05-28-2012, 02:29 PM)Hash-IT Wrote: [ -> ]It would seem that we should allow 2 consecutive characters together and no more than 2 per line. Do you both agree ? I think any more or less defeats the object of filtering.

This sound good to me, I just hope we don't find a password with more than 2 consecutive characters together or per line.

(05-28-2012, 02:29 PM)Hash-IT Wrote: [ -> ]However I do like Pixels idea about not allowing consecutive alphabetical order either. Nice one ! Big Grin

Would like to see some output after this to see if any more idea come to mind. Don't know how to do it yet, I think ULM might be able to do it but as you said it has bugs. I'd prefer if it could be done with sed or even grep as trust them more.
(05-28-2012, 03:19 PM)Pixel Wrote: [ -> ]This sound good to me, I just hope we don't find a password with more than 2 consecutive characters together or per line.

Ha ha, just my sort of luck that would happen !! However remember this is just a quick check with an optimistic, optimised brute force attack. It is not meant to find everything but it aims to find most in the shortest time. .... hopefully. Big Grin


(05-28-2012, 03:19 PM)Pixel Wrote: [ -> ]Would like to see some output after this to see if any more idea come to mind. Don't know how to do it yet, I think ULM might be able to do it but as you said it has bugs. I'd prefer if it could be done with sed or even grep as trust them more.

Yes ULM is awesome, I thank Blazer everyday for that little jem, I just wish he hadn't moved on to other things. It is still the best password manager EVER ! Big Grin

To be realistic for a moment (a first for me) this whole idea and thread will only make sense with atoms help. It has to be on GPU and generated on the fly as making these huge lists is just ridiculous. However I think we should carry on as a proof of concept. atom seems to like people to prove their suggestions are worth pursuing before he considers them seriously. I don't think anyone would deny we are trying hard to do that !! Also we seem to be the only topic on the hashcat forum for the last couple of days, have you noticed the interest in this ? Big Grin
Okay, a bit big progress here!

@Pixel:: I have implemented that rule, any 4 or above characters in alphabetic order will be knocked out! Using the sed itself!

I also made the command-line much more easier, all you have to do now is:
1- Make a new text file and paste the following:
Code:
/\(.\)\1\1/d
/\(.\).*\1.*\1/d
/\(.\).*\1.*\(.\).*\2/d
/\(ABCD\|BCDE\|CDEF\|DEFG\|EFGH\|FGHI\|GHIJ\|HIJK\|IJKL\|JKLM\|KLMN\|LMNO\|MNOP\|NOPQ\|OPQR\|PQRS\|QRST\|RSTU\|STUV\|TUVW\|UVWX\|VWXY\|WXYZ\)/d
And save it.
2- When generating or filtering a list:
Code:
mp64 ?u?u?u?u?u?u?u?u | sed -f [the_script_here]
And that's it!
I'd strongly recommend this as we are having more rules, it will be hard to put all this in the command-line itself.

Have a try and let me know what you get.

@Hash-IT:: I partly agree with you last post, however, I really don't think it will be easy for us to convince atom about all this, and even if we did manage to do so, it will be hard enough to code such an attack. Yes, it does look easy now, but I feel not the same about GPU.
(05-28-2012, 03:39 PM)M@LIK Wrote: [ -> ]Okay, a bit big progress here!

@Pixel:: I have implemented that rule, any 4 or above characters in alphabetic order will be knocked out! Using the sed itself!

I also made the command-line much more easier, all you have to do now is:
1- Make a new text file and paste the following:
Code:
/\(.\)\1\1/d
/\(.\).*\1.*\1/d
/\(.\).*\1.*\(.\).*\2/d
/\(ABCD\|BCDE\|CDEF\|DEFG\|EFGH\|FGHI\|GHIJ\|HIJK\|IJKL\|JKLM\|KLMN\|LMNO\|MNOP\|NOPQ\|OPQR\|PQRS\|QRST\|RSTU\|STUV\|TUVW\|UVWX\|VWXY\|WXYZ\)/d
And save it.
2- When generating or filtering a list:
Code:
mp64 ?u?u?u?u?u?u?u?u | sed -f [the_script_here]
And that's it!
I'd strongly recommend this as we are having more rules, it will be hard to put all this in the command-line itself.

Have a try and let me know what you get.

WOW M@LIK thats one awesome sed command Big Grin thanks for your effort. Time for some testing...me thinks
Great work there M@lik ! Its looking good. Big Grin

(05-28-2012, 03:39 PM)M@LIK Wrote: [ -> ]I partly agree with you last post, however, I really don't think it will be easy for us to convince atom about all this, and even if we did manage to do so, it will be hard enough to code such an attack. Yes, it does look easy now, but I feel not the same about GPU.


This is my fear also, without GPU we have to make these huge lists and store them somewhere.

I wonder if atom can modify the maskprocessor for us to be a more efficient way to do this ? He seems very good at speeding existing ideas up.

I am also wondering why we couldn't have a set of rules for this in the GPU and pipe maskprocessor to it ? All maskprocessor has to do is supply A-Z with no filtering. The GPU rule engine could then do the filtering, this may not be useful for MD5 etc but for slower algorithms like WPA it may be more useful. In fact the rules work so fast in hashcat-plus I am sure he can do it.
M@LIK somethings not right when I run
Code:
mp64.exe --start-at=HSJSKLMK --stop-at=HSSSTMET H?u?u?u?u?u?u?u | sed -f awesome_script.txt >H.txt

These passwords slipped through

HSJSKLNJ
HSJSKLOJ
HSJSKLPJ
HSJSKLQJ
HSJSKLZJ

They is more and I did what you said put these in a text file
Code:
/\(.\)\1\1/d
/\(.\).*\1.*\1/d
/\(.\).*\1.*\(.\).*\2/d
/\(ABCD\|BCDE\|CDEF\|DEFG\|EFGH\|FGHI\|GHIJ\|HIJK\|IJKL\|JKLM\|KLMN\|LMNO\|MNOP\|?NOPQ\|OPQR\|PQRS\|QRST\|RSTU\|STUV\|TUVW\|UVWX\|VWXY\|WXYZ\)/d

should this ?NOPQ\ be there?
Haha... I was expecting this.

This happend because:
Pixel Wrote: [ -> ]so I remove one of them. The command I using that seems to work is...


Just add this to the script:
Code:
/\(.\).*\(.\).*\1.*\2/d

Let me know if you found any other bugs!
(05-28-2012, 05:12 PM)M@LIK Wrote: [ -> ]Haha... I was expecting this.

Just add this to the script:
Code:
/\(.\).*\(.\).*\1.*\2/d

Let me know if you found any other bugs!

Do you mean add it or should Pixel replace this line..
Code:
/\(.\).*\1.*\(.\).*\2/d

With this...
Code:
/\(.\).*\(.\).*\1.*\2/d

Thanks.
Pages: 1 2 3 4 5 6 7 8 9 10 11 12 13