GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → sensepost → common-substr

sensepost / common-substr

Licence: GPL-3.0 license
Simple tool to extract the most common substrings from an input text. Built for password cracking.

Programming Languages

go
31211 projects - #10 most used programming language
shell
77523 projects
rust
11053 projects

Labels

string-manipulationpasswordscrackingwordlist-generator

Projects that are alternatives of or similar to common-substr

password-list
Password lists with top passwords to optimize bruteforce attacks
Stars: ✭ 174 (+210.71%)
Mutual labels:  passwords, cracking
Hashtopolis
A Hashcat wrapper for distributed hashcracking
Stars: ✭ 835 (+1391.07%)
Mutual labels:  passwords, cracking
server
Hashtopolis - A Hashcat wrapper for distributed hashcracking
Stars: ✭ 954 (+1603.57%)
Mutual labels:  passwords, cracking
cracken
a fast password wordlist generator, Smartlist creation and password hybrid-mask analysis tool written in pure safe Rust
Stars: ✭ 192 (+242.86%)
Mutual labels:  cracking, wordlist-generator
Bitcracker
BitCracker is the first open source password cracking tool for memory units encrypted with BitLocker
Stars: ✭ 463 (+726.79%)
Mutual labels:  passwords, cracking
M4ngl3m3
Common password pattern generator using strings list
Stars: ✭ 103 (+83.93%)
Mutual labels:  passwords, cracking
ink
A Logger backend that logs JSON
Stars: ✭ 64 (+14.29%)
Mutual labels:  passwords
python-wordlist-generator
Create awesome wordlist with python, demo: https://asciinema.org/a/101677
Stars: ✭ 87 (+55.36%)
Mutual labels:  wordlist-generator
CharlesHack
Hacking Charles Web Debugging Proxy, Working 4.1.4 Version
Stars: ✭ 17 (-69.64%)
Mutual labels:  cracking
Anti-Debugging
A collection of c++ programs that demonstrate common ways to detect the presence of an attached debugger.
Stars: ✭ 297 (+430.36%)
Mutual labels:  cracking
evil-briefcase
Change cases quickly with vim motions in emacs
Stars: ✭ 20 (-64.29%)
Mutual labels:  string-manipulation
Pwdlyser-CLI
Python-based CLI Password Analyser (Reporting Tool)
Stars: ✭ 29 (-48.21%)
Mutual labels:  passwords
string theory
Flexible modern C++ string library with type-safe formatting
Stars: ✭ 32 (-42.86%)
Mutual labels:  string-manipulation
passthief
A Python script to steal all the passwords via the use of plugins 😈
Stars: ✭ 27 (-51.79%)
Mutual labels:  passwords
Libft
42 library of basic C functions - queues, lists, memory operations and more 😄
Stars: ✭ 21 (-62.5%)
Mutual labels:  string-manipulation
IMAPLoginTester
A simple Python script that reads a text file with lots of e-mails and passwords, and tries to check if those credentials are valid by trying to login on IMAP servers.
Stars: ✭ 47 (-16.07%)
Mutual labels:  passwords
bigint
bigint is a C++ library which can handle Very very Big Integers. It can calculate factorial of 1000000... it can go any big. It may be useful in Competitive Coding and Scientific Calculations which deals with very very large Integers. It can also be used in Decryption process. It has many inbuilt functions which can be very useful.
Stars: ✭ 34 (-39.29%)
Mutual labels:  string-manipulation
the-stringler
An OOP approach to string manipulation.
Stars: ✭ 36 (-35.71%)
Mutual labels:  string-manipulation
Brutal-wordlist-Generator
Brutal Wordlist Generator is a java based Application software used to generate the wordlist with best of UX interface
Stars: ✭ 24 (-57.14%)
Mutual labels:  wordlist-generator
MacOS-WPA-PSK
PoC script showing that MacOS leaves the wireless key in NVRAM, in plaintext and accessible to anyone.
Stars: ✭ 29 (-48.21%)
Mutual labels:  passwords
View All Similar Projects ➔

common-substr

Simple tool to extract the most common substrings from an input text. Built for password cracking. A write-up on the theory can be found at the sensepost.com blog

There are two versions, the older awk script and the newer & faster golang version. They use the same commandline switches.

Usage

Common Substring Generator by @singe
Usage: ./common-substr [-hinsp] [-t <n>] [-l <n>] [-L <n>] -f <filename>
	-h|--help This help
	-i|--insensitive Ignore case of substrings
	-L|--maxlength <n> Maximum length substring to look for. Default is 32.
	-l|--minlength <n> Minimum length substring to look for. Default is 2.
	-n|--nostats Just print the substrings, no stats. Default is to include them.
	-t|--threshold <n> Only print substrings more prevalent than <n> percent.
	-f|--file <filename> The file to extract substrings from
	-s|--suffix Only look at suffix substrings at the end of a string
	-p|--prefix Only look at prefix substrings at the beginning of a string
Default output (with stats) is tab separated: <percentage>	<count>	<substring>
Sorted from most to least common

Simple Usage Examples

Given the test file:

123
123
234

We can find the most common substrings:

./common-substr -f test
100     3 23
66.6667 2 12
66.6667 2 123

Read this output as "100% of the input file had the substring "23" which consisted of 3 instances".

Do the same, but suppress printing of the stats:

./common-substr -f test -n
23
12
123

Only include substrings that occur at least 70% of the time:

./common-substr -f test -t 70
100	3	23

The stats are tab-separated, to make cut'ing easy:

./common-substr -f test > output
cut -f 3 output
23
12
123

Only include substrings 3 characters or longer:

./common-substr -f test -l 3 
66.6667 2 123

Only include substrings 2 characters or shorter:

./common-substr -f test -L 2 
100     3 23
66.6667 2 12

Only include the start of the strings (prefix):

./common-substr -f test -p
66.6667	2	12
66.6667	2	123

Only include the end of the strings (suffix):

./common-substr -f test -s
66.6667	2	23
66.6667	2	123

Password Cracking Examples

Vanilla wordlist + substrings

An example use for password cracking. Assuming you've put already cracked clear-text passwords in a file called 'passwords':

# Limit substrings to a max length of 27 and only include those which occur
# at least 1% or more of the time
./common-substr -t 1 -l 27 -n -f passwords > substrs
sort -u passwords > uniques
hashcat -a1 hashes uniques substrs

Basewords + substrings

It also helps to create "base words" and combine those with the substrings:

grep -oi "[a-z]*[a-z]" uniques > basewords
hashcat -a1 hashes basewords substrs

Remember to try it the other way around too:

hashcat -a1 hashes substrs basewords

All Substrings

Drop the threshold and throw the full list of substrings into combinator:

./common-substr -n -f passwords > all-substrs
hashcat -a1 hashes all-substrs all-substrs

Prefix & Suffix Substrings

Take the commons starts and ends of passwords and combine them:

./common-substr -n -p -f passwords > prefix
./common-substr -n -s -f passwords > suffix
hashcat -a1 hashes prefix suffix

Building

The golang version can be built using go build ./common-substr.go.

The awk version can be run using the common-substr.sh wrapper script. It requires awk.

I recommend the golang version.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].