-
Notifications
You must be signed in to change notification settings - Fork 2.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Adding new rule, increment all numeric values #3850
base: master
Are you sure you want to change the base?
Conversation
Appreciate the work, but it appears that your rule can be emulated by the swap rule eg |
True. But his suggestion is to replace all that with F. There's a limit to how many functions a rule can hold, so it absolutely makes sense. |
It's not quite right. You cannot use "s" since after "s01" you lose information where initial ones were. Your output:
I think you can do something like this:
I'll test it, it might be too slow. Maybe not. |
@b8vr The limit for rule functions is 31 operations, i think having to dedicate 10 or so to replacements to achieve this is not too unreasonable. The main issue that @blazer2x has brought up is that it appears you can emulate this completely with existing rule functions, which makes this a little less useful than it probably seems. The majority of rule functions implement some functionality that can't be precisely emulated by other rules. There's still plenty of overlap, especially among the original JTR compatible rule list, and you can achieve similar outcomes through a few different mixtures of rule operations, but a rule operation that has 100% overlap with existing rule ops may not be best use of the limited rule operator signatures that are left.
I don't think the output would be all 0s, but I agree that it looks like you need to add an extra step or so to make it work identically. This is also relatively similar to how the +N ASCII increment functionality would work, but that's position based so only partial overlap. Unless this rule is particularly fast compared to the sXX method or offer some case where using the sXX rules can't do this, I agree with @blazer2x that maybe we don't need it implement as it's own rule. |
Meanwhile, to test the speed we need to write an optimized code since the current code is quite dodgy. Then we can decide that we don't need this rule. But it would be better to have on optimized code here anyway. |
I kindly disagree. |
Ah yeah, I do see how it becomes all 0s, you are correct. I had already copied the inverted one to test with the place holder and not the original when I quickly tested it, that was entirely my mistake. Also to be clear, I do agree that this could be useful, just voicing agreement with the concerns about rule functions with overlap. More rule functions is something I've also been working on so the constraints of the function syntax are still fresh for me. Trying to fit a bunch of new rules into the limited syntax is tough and making efficient use of the remaining symbols will be a growing concern. |
I'm not actually interested in merging this. I'd like to know how we can optimize this and what the speed difference will be. Next, if the speed will be great and we see applications for this in master (and not in forks), maybe we can merge this. Maybe not. Regarding limited syntax, perhaps we need compound rules, for example:
We can reserve a letter F for Forks, so anyone can implement their own rules using F letter and it'll never be used in hashcat.
I think we can use a binary symbol instead of @, so there will be no conflict with 99.99999% of passwords. |
Instead of @ you could use for example TAB or CR (using hex notation Edit: using LF |
Ah right. Yes, that makes sense. I didn't think about that. I guess to be on the safe side, you could use any non-printable character. |
This is a draft since it's only a prototype code.
Expected input:
Expected output:
I am open to any ideas and suggestions, including bitwise optimizations for OpenCL kernels.