• caglararli@hotmail.com
  • 05386281520

What’s the most simple approach to this wordlist generation and ruleset problem?

Çağlar Arlı      -    26 Views
9Oca

What’s the most simple approach to this wordlist generation and ruleset problem?

This is a password recovery project, which is more complex than just generated a wordlist, since using my tries (see below) it seems to be not enough to just generate a wordlist.

I'm trying to recover my old Bitcoin wallet, which I created a while back. I know what passwords I've been using back then, I just mashed them together back in the day and I know the approximate pattern used to build it. Just to be sure (and because I have the computational power to try all of them) I want to try taking these like 3-5 words and mashing them together in an arbitrary order. Yes, I've already extracted the hash for John/Hashcat.

Given that I have the following initial wordlist, which needs processing:

word1 (similar to words2v1, but the words (NOT the whole character sequence!) are reversed)
words2v1 (all lowercase) OR
words2v2 (uppercase for each start of word) OR
words2v3 (camel case) OR
words2v4 (uppercase start for first word only) 
word3v1 (same 3-letter word that may repeat 2-3 times all uppercase at the start of the word) OR
word3v2 (same 3-letter word that may repeat 2-3 times camel case at the start of the word) OR
word3v3 (same 3-letter word that may repeat 2-3 times uppercase at the start of the word)
123 (only at the end, optional) OR
321 (only at the end, optional)

The word count in total should be according to the wordlist preprocessor list be like 3-5 words and all variants need to be tried, length should be between 13 and 25.

I tried this

I tried the following:

john -w:'/home/kali/btcrec/src.txt' --mask=?w?w?w --stdout > test.txt

-> this gives wrong output (yes I'm aware that my pattern is like 4-5 words, but I just tried out whether it works at all)

john hashcathash.txt -rules=btc -w:'/home/kali/btcrec/wordlistfinal.txt'

-> the ruleset seemed like a good idea, but I seem to have messed it up a bit so it doesn't recognize the ruleset and I have no idea how to debug, because it says it's not found instead of that the error gets printed out.

My btc rule looks like this:

[List.Rules.btc]
swW <14 >26


crunch 2 8 -q wordlistfinal.txt > wlist4.txt

-> the first two number flags don't seem to do anything at all! this gives me completely bad results apparently.

bopscrk -i

-> this software sounded very promising, but the case functionality did something else, but in general it did 90% of the work needed for a proper wordlist in my humble opinion.

My questions are:

  • I'm slowly beginning to bash my head against the wall - what's the most simple way to solve this problem?
  • Is using John/Hashcat to preprocess the wordlist actually the way to go? (with a custom ruleset)

Test cases examples for the cases above:

wordWordwordword123
wordWordWordWord321

I would appreciate a more or less full solution, but pointers/tips in the most simple direction would be highly appreciated.

Son Yazılar

Son Yorumlar