Blog: How Tos

Custom charsets and rules with John The Ripper and oclhashcat

Jamie Riden 10 Sep 2014

Custom charsets and rules

Occasionally you know or suspect a password may be of a particular form, such as <Word><year>, or six to eight lower case letters. First off, if using John the Ripper, I highly recommend fetching the john jumbo source and compiling that, as it provides support for many more hash types than the standard binary.

In ./john.conf, add this section – or whatever is required.

[Incremental:LamePassword]
File = $JOHN/alpha.chr
MinLen=6
MaxLen=8
CharCount=26

We will get a test password by changing the root password to something appropriate and then dumping the hashes like this:

# unshadow /etc/passwd /etc/shadow > test.crack

Now we have the test file which we can actually run this on – the only bit you really need for john is :

root:$6$mZVuffPM$M/8Kg.Y6UYHTTRQ8d0wXXurBXiTBbYlljvIXWzeJQBn4pshonTxK9i7FowgwWBQ2ig26DcDejqj
.3IHfyRPFF0

For this example, I only used a four character password, so have adjusted the configuration appropriately.

# john –incremental=LamePassword –config=./john.conf test.crack
Warning: detected hash type “sha512crypt”, but the string is also recognized as “crypt”
Use the “–format=crypt” option to force loading these as that type instead
Loaded 1 password hash (sha512crypt [64/64])
guesses: 0 time: 0:00:00:01 0.00% c/s: 393 trying: bobing – bondon
.
guesses: 1 time: 0:00:00:15 DONE (Fri Aug 29 14:55:44 2014) c/s: 421 trying: arch – abco
Use the “–show” option to display all of the cracked passwords reliably

Or, if you’d rather do it in oclhashcat you can – but you need to look up the hash type yourself. In this case, I looked up in the “—help” output that a sha512crypt password ($6$) is type 1800.

Now, we run oclhashcat with an exhaustive search of the character set. The ?l (lower case L) means lower case letters only.

C:\oclHashcat-1.01>cudaHashcat64.exe -m 1800 -a 3 –increment-min=4 –increment-max=6 –increment $6$mZVuffPM$M/8Kg.Y6UYHTTRQ8d0wXXurBXiTBbYlljvIXWzeJQBn4pshonTxK9i7FowgwWBQ2ig26DcDejqj
.3IHfyRPFF0 ?l?l?l?l?l?l

Or, if you thought that the password was alphanumeric, you could specify a custom character set like this. -1 ?l?u?d means upper, lower case and digits for charset 1. Then we ensure the mask is using ?1 (digit one).

C:\oclHashcat-1.01>cudaHashcat64.exe -m 1800 -a 3 –increment-min=4 –increment-max=6 —
Increment $6$mZVuffPM$M/8Kg.Y6UYHTTRQ8d0wXXurBXiTBbYlljvIXWzeJQBn4pshonTxK9i7FowgwWBQ2ig
26DcDejqj.3IHfyRPFF0 -1 ?l?u?d ?1?1?1?1?1?1

Although the speed of cracking sha512crypt hashes means that this new one may not be feasible to crack in the time available. (My not-particularly-special NVIDIA card gets around 3500 guesses per second.)

As another example, I was on a site where someone had used the name of an album, and a four digit number as a local machine password.

Now, supposing I returned to the same site next year, I would probably tune the password cracker to revisit passwords of a similar form. To do this, I downloaded the “rock” wordlist from Packetstorm, and applied the following rule, which appends four digits. (I’ve used MD5 instead of NTLM here for convenience.)

C:\oclHashcat-1.01>cudaHashcat64.exe -m 0 -a 6 642395cef47664a970441d3c94863eca rock ?d?d?d?d
cudaHashcat v1.01 starting…Hashes: 1 total, 1 unique salts, 1 unique digestsCache-hit dictionary stats rock: 101554 bytes, 12340 words, 123400000 keyspace
642395cef47664a970441d3c94863eca:powerslave1984Session.Name…: cudaHashcat
Status………: Cracked
Input.Base…..: File (rock)
Input.Mod……: Mask (?d?d?d?d) [4]
Hash.Target….: 642395cef47664a970441d3c94863eca
Hash.Type……: MD5
Time.Started…: 0 secs
Speed.GPU.#1…: 410.1 MH/s
Recovered……: 1/1 (100.00%) Digests, 1/1 (100.00%) Salts
Progress…….: 113725440/123400000 (92.16%)
Rejected…….: 0/113725440 (0.00%)
HWMon.GPU.#1…: 0% Util, 59c Temp, N/A Fan

Started: Mon Sep 08 13:56:23 2014
Stopped: Mon Sep 08 13:56:24 2014

If this hadn’t worked, I’d probably try capitalising the first letter of each word as well.

You can also write rules within oclhashcat, so if we create a rule file that looks like this, it will try variants on capitalisation, such as first letter capitalised, then first letter capitalised followed by a 1 (“c”, “c $1”). Capital C is the inverse operation of “c”, so capitalises the whole string except the first letter. “t” toggles the capitalisation for the whole word. Then it attempts all digits after the word from the dictionary, as well as the exclamation mark.

C
c $1
C
C $1
t
t $1
$1
$2
$3
$4
$5
$6
$7
$8
$9
$!

Here, I’ve run it against an MD5 hash of “Password1” where the dictionary is simply one entry: “password”.

C:\oclHashcat-1.01>cudaHashcat64.exe -m 0 -a 0 2ac9cb7dc02b3c0083eb70898e549b63 testdict.txt -r testrule.txt
cudaHashcat v1.01 starting…Generated dictionary stats for testdict.txt: 14 bytes, 3 words, 48 keyspaceNOTE: autotuned –gpu-accel from 128 to 12ac9cb7dc02b3c0083eb70898e549b63:Password1

Session.Name…: cudaHashcat
Status………: Cracked
Rules.Type…..: File (testrule.txt)
Input.Mode…..: File (testdict.txt)
Hash.Target….: 2ac9cb7dc02b3c0083eb70898e549b63
Hash.Type……: MD5
Time.Started…: Mon Sep 08 15:39:38 2014 (1 sec)
Speed.GPU.#1…: 7380 H/s
Recovered……: 1/1 (100.00%) Digests, 1/1 (100.00%) Salts
Progress…….: 48/48 (100.00%)
Rejected…….: 0/48 (0.00%)
HWMon.GPU.#1…: 0% Util, 52c Temp, N/A Fan

Started: Mon Sep 08 15:39:38 2014
Stopped: Mon Sep 08 15:39:39 2014

So, while it’s unlikely you would know the approximate form of the passwords before you crack any – after you have obtained a few, you may be able to tune your approach and make a more efficient search of possibilities.

The lesson for administrators is: try to make sure there is no connection between your passwords at all, and they don’t conform to any standard pattern, or you may make things that bit easier for an attacker.