Base words (feature request) #59
Comments
|
That seems like a reasonable idea, I would just need to fix on a single set
of substitutions otherwise it would get too complex.
Substituting 1 for i or l , as long as it is consistent, I don't think
would really matter. Swapping 1 for i and saying the base word for 1inked1n
is inkedin isn't going to give the correct base, but the human looking at
it would be able to understand the mistake and the context.
I'll see what I can get added, I'll probably do it as a new plug in rather
than modify the existing so not too break the way it currently works
…On Wed, 10 Aug 2022, 14:40 Lexus89, ***@***.***> wrote:
Hi @digininja <https://github.com/digininja> First of all thank you for
all the hard work you put in this tool. Pipal does a great job analyzing
passwords. What I noticed is that the top 10 base words are not really the
"base" words. For example, it sometimes happens that ***@***.***" and
***@***.***' are (yes also separately) mentioned as a base word, while you
would think in the basis it should be "password" (the others are
variations).
Perhaps an idea to merge the functionality of deleet with pipal (
https://github.com/digininja/deleet)? It could really improve the value
of the output.
—
Reply to this email directly, view it on GitHub
<#59>, or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAA4SWOHR2D6FERYAL5QULTVYOWMNANCNFSM56ESRGTA>
.
You are receiving this because you were mentioned.Message ID:
***@***.***>
|
|
Very very late reply - perhaps usable for someone having this issue as well - a comparison to dictionary words may help determining what substitutions were used (for deleet). Convert back to the potential original words, search in a custom dictionary file, and the one found is likely to have the correct base word. |
|
I've just checked and I've not done anything significant to this code for 10 years! It has probably been about that long since I last touched Ruby for anything more than a few line script. I'll see if I can remember how any of it works and make some changes. |
Haha no worries, I didn't even expect a reply as it was so long ago (I do hope it has not been 10 years already haha! Time flies). Just wanted to share the idea, even if for archiving purposes ;) |
|
It wasn't that long since you did the original comment, but looking at the
code dates, it has been that long since any major updates.
…On Fri, 4 Aug 2023 at 16:30, Lexus89 ***@***.***> wrote:
I've just checked and I've not done anything significant to this code for
10 years! It has probably been about that long since I last touched Ruby
for anything more than a few line script.
I'll see if I can remember how any of it works and make some changes.
Haha no worries, I didn't even expect a reply as it was so long ago (I do
hope it has not been 10 years already haha! Time flies). Just wanted to
share the idea, even if for archiving purposes ;)
—
Reply to this email directly, view it on GitHub
<#59 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAA4SWPZQ2KVZH3266K6YNLXTUIQVANCNFSM56ESRGTA>
.
You are receiving this because you were mentioned.Message ID:
***@***.***>
|
|
Try the new |
|
I've tided up that code, done a few more little fixes, and pushed it all into the main branch. Hopefully it is all working correctly, any problems, let me know. |
|
Thanks a lot! Looking at the output of deleet, it might bring more concrete results when deleet is focusing on the base word output instead of the raw passwords. With some luck this will return 'potato' as the main base word, which can be used for creating new (client tailored) word lists. When deleet-ing those they can also be merged again (p0t4t, p0t@t, etc. => single 'potat' statistic). Password listpotato123! Top 10 base wordspotato = 4 (57.14%) Top 10 passwords (from deleet)potato = 2 (28.57%) There will be some weird cases like 'p0tat0' => 'potat' (due to ltrim/rtrim), which would make things a bit more complicated, but I am hoping the overall result will be more in line with what to feed to the password cracker. With larger results a print all instead of top X could also be useful. My apologies for these ideas, I tend to overcomplicate things.. :) |
|
I'll have a look at doing base words instead of the main word, shouldn't be
too hard to do.
You can change the top X with the cap parameter so you get everything.
…On Mon, 7 Aug 2023 at 10:09, Lexus89 ***@***.***> wrote:
Thanks a lot! Looking at the output of deleet, it might bring more
concrete results when deleet is focusing on the base word output instead of
the raw passwords. With some luck this will return 'potato' as the main
base word, which can be used for creating new (client tailored) word lists.
When deleet-ing those they can also be merged again (p0t4t, ***@***.***, etc.
=> single 'potat' statistic).
Password list
potato123!
123!potato
potato!
$potato$
p0t4t0
***@***.***
***@***.***!
Top 10 base words
potato = 4 (57.14%)
p0t4t = 1 (14.29%)
***@***.*** = 1 (14.29%)
***@***.*** = 1 (14.29%)
Top 10 passwords (from deleet)
potato = 2 (28.57%)
potatoi2e! = 1 (14.29%)
i2e!potato = 1 (14.29%)
potato! = 1 (14.29%)
$potato$ = 1 (14.29%)
potato2o2e! = 1 (14.29%)
There will be some weird cases like 'p0tat0' => 'potat' (due to
ltrim/rtrim), which would make things a bit more complicated, but I am
hoping the overall result will be more in line with what to feed to the
password cracker. With larger results a print all instead of top X could
also be useful.
My apologies for these ideas, I tend to overcomplicate things.. :)
—
Reply to this email directly, view it on GitHub
<#59 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAA4SWOKWGU5B76GJMJPLT3XUCWFBANCNFSM56ESRGTA>
.
You are receiving this because you were mentioned.Message ID:
***@***.***>
|
|
I've just pushed a change that will deleet the base word rather than the main word. This: Used to go to: Now goes to: |
|
The base words are detected a lot better now, really useful thanks a lot! Small thing I noticed; sometimes it also prints an empty base word ("" = x%), probably because the string is empty after deleet-ing, but that doesn't really matter it's good enough for me ;) |
|
I'll get that fixed. I wonder if that effects the other base word checker
as well, I'll have a look at the same time.
…On Wed, 16 Aug 2023, 11:52 Lexus89, ***@***.***> wrote:
The base words are detected a lot better now, really useful thanks a lot!
Small thing I noticed; sometimes it also prints an empty base word ("" =
x%), probably because the string is empty after deleet-ing, but that
doesn't really matter it's good enough for me ;)
—
Reply to this email directly, view it on GitHub
<#59 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAA4SWI3FUMTHQABZOQHIR3XVSQ6TANCNFSM56ESRGTA>
.
You are receiving this because you were mentioned.Message ID:
***@***.***>
|
|
I've just pushed a fix for this. |
Hi @digininja First of all thank you for all the hard work you put in this tool. Pipal does a great job analyzing passwords. What I noticed is that the top 10 base words are not really the "base" words. For example, it sometimes happens that "p@ssw0rd" and "p@ssword' are (yes also separately) mentioned as a base word, while you would think in the basis it should be "password" (the others are variations).
Perhaps an idea to merge the functionality of deleet with pipal (https://github.com/digininja/deleet)? It could really improve the value of the output.
The text was updated successfully, but these errors were encountered: