Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <AANLkTi=6LfeiX3vDqjTaNp4mQOT2Kyjq4_16mEpb8n_V@mail.gmail.com>
Date: Tue, 19 Oct 2010 16:52:05 -0500
From: Minga Minga <mingakore@...il.com>
To: john-users@...ts.openwall.com
Subject: Solution to this 'l33t' rules problem?

So heres something that I can't figure out, take the word:

   neglected

And place it into a wordlist.

and run a command such as:

# ./john -w:neglected.dic --rules:korelogicrulesl33t -stdout | grep -i ^n3gl3

You get words such as :

n3gl3ct3d  N3gl3ct3d  n3gl3c+3d  N3gl3c+3d

But how would you go about cracking the passwords:

N3gl3cted  n3gl3cted Negl3cted Negl3ct3d

Notice that _NOT_ all of the e's are turned into 3s. I've started to see a few
of these passwords that Ive missed previously, and I totally should have been
able to crack them.

Any ideas?  The problem obviously isn't with just 'e's  but _all_
"l33t" translations.

What about 'mississippi' ? The 'l33t' rules should be able to generate
passes like;
mis$iss1ppi   (Notice how one of the s's is changed - and only one of
the i's is changed
as well).

I got the idea for this from the list of NTLM hashes not cracked from the DEFCON
contest.

-Rick / Minga
KoreLogic

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.