Using Rules with Hashcat

By no means am I an expert with Hashcat; however, I have a fairly decent track record for cracking passwords. As discussed in Hashcat Rule Generator from a word or words in a file, the order of rules matter when chaining them together.

Duplicate the word

If your environment requires users to have rather large passwords, I highly suggest the following rule:

d
cd

Utilizing rules such as dive, t0xlc, generated, d3ad0ne and then chaining the dup.rule file for 1 or both of the above could really help.

In this scenario the rule exists in rules/dup.rule

hashcat64.exe -m 100 -o mine.txt -r rules/dive.rule -r rules/dup.rule ../hashes/hashes.txt ../wordlists/english.txt

You can chain as many of the rules that your system will let you and then you can duplicate the value:

asdf123 becomes

• asdf123asdf123
• Asdf123Asdf123

I also like to tack on specials at the end sometimes. Using a variation of the num append rules could be beneficial.

Another useful rule to duplicate the words is:

p1c
p2c
p3c

hashcat64.exe -m 100 -o mine.txt -r rules/generated.rule -r rules/dup.rule -r rules/num_p.txt ../hashes/hashes.txt ../wordlists/english.txt

If you really love JtR instead of hashcat, you can modify your john.conf and add something like:

[List.Rules:Duplicate]
cd
d

I also recommend Jake Miller's very useful pot file script. Utilizing the -c option will create a stripped wordlist from your pot files (hashcat or jtr).

Appendix A - What is in my rule files

Append Number

$1
$2
$3
$4
$5
$6
$7
$8
$9
$0

Prepend Number

^1
^2
^3
^4
^5
^6
^7
^8
^9
^0

Append Special

$!
$@
$#
$$
$%
$^
$&
$*
$(
$)
$_
$-
$+
$=

Prepend Special

^!
^@
^#
^^
^%
^^
^&
^*
^(
^)
^_
^-
^+
^=

Append Number or Special

$1
$2
$3
$4
$5
$6
$7
$8
$9
$0
$!
$@
$#
$$
$%
$^
$&
$*
$(
$)
$_
$-
$+
$=

Duplicate

p1c
p2c
p3c

Capitalize the first letter and lower the rest

c