08-11-2013, 04:42 AM
As I've mentioned before, I look at the world of file password recovery software, to get ideas of what else is going on out there, with word lists and rules. Those programs don't have 15 character limitations, and make working with multiple word lists easy, for example. They are also all commerical, and typically Russian.
But, trial versions are usually available, and can be broken out by UniExtract, to just look at the help files, word lists, and rules, if one doesn't want to bother with actually installing them.
A relatively new entry to the field are the Office password recovery programs by Passcape Software, at https://www.passcape.com/office_passwords
They have a john-like language, which I haven't compared to hashcat yet, but while most companies either have just a few sample rules, or a few KoreLogic rules, those Passcape's programs have 100,000 lines of rules. D3ad0ne's V2.1 rules distributed with hashcat have 35,000 lines. The more approachable KoreLogic rules for hashcat have around 200,000 lines while the more exotic, like KoreLogicRulesAppendNumbers_or_Specials_PrependLetter.rule alone has over 1,000,000 (one million) lines.
I'm not going to have the time to compare and contrast Passcape's rules to those known for hashcats, for a while, so am asking here, in case anyone else is interested. (E.g., are these simply a subset of KoreLogic's rules or unrelated? Are D3ad0ne's rules in there, without attribution? Or, are they unrelated? Are they any "good"? Etc.)
But, trial versions are usually available, and can be broken out by UniExtract, to just look at the help files, word lists, and rules, if one doesn't want to bother with actually installing them.
A relatively new entry to the field are the Office password recovery programs by Passcape Software, at https://www.passcape.com/office_passwords
They have a john-like language, which I haven't compared to hashcat yet, but while most companies either have just a few sample rules, or a few KoreLogic rules, those Passcape's programs have 100,000 lines of rules. D3ad0ne's V2.1 rules distributed with hashcat have 35,000 lines. The more approachable KoreLogic rules for hashcat have around 200,000 lines while the more exotic, like KoreLogicRulesAppendNumbers_or_Specials_PrependLetter.rule alone has over 1,000,000 (one million) lines.
I'm not going to have the time to compare and contrast Passcape's rules to those known for hashcats, for a while, so am asking here, in case anyone else is interested. (E.g., are these simply a subset of KoreLogic's rules or unrelated? Are D3ad0ne's rules in there, without attribution? Or, are they unrelated? Are they any "good"? Etc.)