Using Rules in a Dictionary Attack

Hello, world. I’m Zanidd and welcome back to the Hands On Password Cracking and Security Course on Code Red. In this section, we are going to take a look at dictionary attacks. In this video, we’re going to take a look how to further use rules to crack passwords using dictionary attacks. We’ve learned from previous lessons that different rules can be used to apply transformations and filter to our word list. So how can we do this?

You just need to open the /etc/john/john.conf file in your favorite editor.

Then you can search for the according section, namely List.Rules, Wordlist.

And you can see that there are already a couple of rules in this file. Now, you can still use these rules or you can create your own section like this and add your rules beneath it.

One important thing is, you might want to open this file as a root user. So just type in sudo, the name of your favorite editor, and the path to the john.conf file.

You might need a root user privilege to edit this file. So just enter sudo, the name of your favorite editor, the path to the file, hit Enter, and you have opened the file as root user.

One little hint, if you’re unfamiliar with Vim, you can also use Nano or a console editor.

Or you can use Mousepad or a standard editor with a GUI.

So what passwords will you encounter in this exercise, just to prepare you for the rules you will be writing? These are some examples. These are not the actual passwords that you’re going to break. But these are the classification of the passwords. So one is like football, a lowercase letters only password. And the second type will be like terces, which is just secret reversed. So you will have to reverse the words. Then we have something like jordan23, which is a lowercase word with two numbers. We also have something like !slegna777, which is basically a special symbol in front of a reversed word, in this case, it’s angels, and then three numbers at the end.

Then we have something like flowers, where you’ll have to replace O’s with zero’s. And also something like Amanda, which is to capitalize the first letter and add a number suffix.

If you go into the repository, you will find a directory called dictionary rules.

In this directory, you’ll have a couple of files which contain MD5 hashes of passwords.

Now, every file is basically an explanation of the rule you’ll have to write to correct this file efficiently. For example, you can see lower case add two numbers will have a word that’s lower case and contains two numbers at the end. And capitalize and add number will be a word that starts with an uppercase letter, the rest will be lowercase. And at the end of the word will be a number, like Amanda9 in our example.

So, your exercise for this video is to create rules for the passwords shown before. But be cautious. The exercise passwords are just similar types, not the exact same passwords. Let’s see how efficient rules you can write and how fast you can crack the passwords. Thank you for watching this section about dictionary attacks. In the next section, we’re going to save computing time by using Rainbow tables.