The problem to solve:
create a password list containing patterns that matched name123
How to solve:
- www[.]packetstormsecurity[.]com/Crackers/wordlists/ provided many good starting points for name-based dictionaries.
- A few of these were thrown together into a big file (which was of course run through sort and uniq).
- john.conf was modified to read:
[List.Rules:Wordlist]
$1$2$3
When you do this, you need to
change the existing [List.Rules:Wordlist] line to read something else
like [List.Rules:OLDWordlist].
The $ tells john to append the character that follows such that
- $1 will produce name1
- $1$2 will produce name12
- $1$2$3 will produce name123
- Then just run john with the --wordlist and --rules parameters on your password file like so:
$ ./john --session=htaccess123 --wordlist=dictionaries/all_words \
--rules htaccess_from_somewhere
or just to write a post-rules dictionary (named new_wordlist123) file use:
$ ./john --session=htaccess123 --wordlist=dictionaries/all_words \
--rules --stdout > new_wordlist123
...yes a few lines of a bash/PERL/Ruby/whatever script can append
things to each line in a file too but hey try something new today.. | 