Add John the Ripper rule generation with automatic Hashcat conversion

[Copilot]

PasswordRuleMiner currently generates Hashcat-only rules. This adds parallel John the Ripper (JtR) rule generation to support both password cracking ecosystems.

Changes

Core Implementation

• JohnTheRipperRuleGenerator: Generates JtR rules with prepend/append/leet/toggle/rotation operations
• RuleConverter: Converts Hashcat → JtR format (space-separated → concatenated), filters incompatible ops (bitwise L/R)
• CLI --rules {hashcat,john,both}: Select output format (default: hashcat for backward compat)

Bug Fix

• Leet-speak generation now filters multi-char substitutions (ph, |-|, etc) - both tools only support single-char sXY format

Output

• *.john files: JtR rules (concatenated: lc$2$0$2$4)
• *.rule files: Hashcat rules (space-separated: l c $2 $0 $2 $4)
• jtr_limitations.txt: Documents skipped bitwise operations when using --rules john

Example

# Generate both formats from existing potfile
python3 listminer.py -p cracked.pot --rules both -o output

# Output:
# 01_elite.rule (7,202 Hashcat rules)
# 01_elite.john (7,180 JtR rules, bitwise ops filtered)

Rule Format Comparison

# Hashcat (space-separated)
"l c $2 $0 $2 $4"  # lowercase, capitalize, append 2024

# JtR (concatenated)
"lc$2$0$2$4"       # same operations, no spaces

Compatibility Matrix

Operation	Hashcat	JtR	Notes
Case (l/u/c/t)	✓	✓	Identical
Prepend/Append (^/$)	✓	✓	Identical
Substitute (sXY)	✓	✓	Single-char only
Toggle/Rotate (T/{}/)	✓	✓	Identical
Bitwise (L/R)	✓	✗	Filtered for JtR

Parallel processing and scoring mechanisms extended to JtR generation for equivalent performance.

Original prompt

Currently, PasswordRuleMiner generates Hashcat-compatible password rules. To enhance its versatility, add functionality to generate John the Ripper (JtR) rules as well. This enhancement will appeal to a wider user base and provide greater workflow integration.

Key Features to Implement:

1. Add a new JohnTheRipperRuleGenerator class to generate JtR rules (e.g., prepend, append, toggle case transformations).
2. Support transformations for rules commonly used in JtR (e.g., prepend, append, substitute, toggle).
3. Ensure feature parity wherever possible between Hashcat and JtR rule generation.
4. Update the CLI to allow users to specify output formats: --rules hashcat, --rules john, or --rules both.
5. Extend parallel processing and scoring mechanisms to support JtR rule generation for efficiency.
6. Include unit tests to verify the correctness of the new rule formats and their compatibility with JtR.

Challenges:

• Some advanced Hashcat rules (like bitwise operations) may not have direct JtR equivalents, so document any limitations.
• Ensure that the added functionality does not compromise the efficiency of the existing Hashcat rule generation.

Expected Outcome:
The tool should be capable of generating both Hashcat and JtR rules with comparable performance, while allowing users to choose their desired format(s). This will make the tool highly versatile for password cracking workflows.

This pull request was created from Copilot chat.

---

💬 We'd love your input! Share your thoughts on Copilot coding agent in our 2 minute survey.