Metasploit mailing list archives

Previous By Date Next
Previous By Thread Next

Re: leet generator

From: Jonathan Cran <jcran () 0x0e org>
Date: Mon, 13 Feb 2012 09:59:25 -0600
On Sun, Feb 12, 2012 at 10:21 AM, Carlos Pantelides
<carlos_pantelides () yahoo com> wrote:

I've
understood all the changes, agreed with almost all of them,
added Sumit  combinations,
fixed the output opening and
moved some variables from local to instance and drop from 32 sec to 6 for
"abracadabra24"


nice!


I thought about it, but it starts to depart from simple. What about reversed
words?
The driver of this script/module was a cracking against some user tables I
had at work. I used the php incarnation of leet  plus some bash to generate
mikeYEAR (m1k31975, m1k31976...). I think that john the ripper knows how to
deal with it better.


Separate modules for separate functions would be ideal, imo. Have you
looked at john's wordlist mangling?
http://www.openwall.com/john/doc/EXAMPLES.shtml

We have modules within the framework to use john directly, so if
you're building wordlists for cracking, you may want to look into
this.  Have a look at the auxiliary/analyze/jtr_* modules.


If I add a YEAR_START/STOP option, a PREFIX, a POSTFIX, it will grow from
"leet" to another thing. Perhaps there is a way to chain modules. I will
invest some time later.


RC files are the preferred way to chain modules into a workflow. Check
out the scripts in scripts/resource/ for examples.



Carlos Pantelides

----------------

http://seguridad-agile.blogspot.com/




-- 
Jonathan Cran
jcran () 0x0e org
515.890.0070
_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework
Previous By Date Next
Previous By Thread Next

Current thread: