Rules Top Rules.

TonyS

Active member
Trusted
Cracker
Joined
Dec 30, 2019
Messages
2,176
Reaction score
17
Credits
81
Re-post from years ago on hashcat forums.

I started off with two rules. One comes with oclHashcat - the other I wrote myself. I then compiled a
huge list of MD5 hashes from the InsidePro forums to use as my target/testing hash list.

For the base dictionary, I merged/sorted/removed dupes between the rockyou dictionary
and passwords from the recent 10 million combo leak.

I ran my two rules against these hashes with this dictionary and these were the results.

Code:
passwordspro.rule (~3300 rules) - 42.52%
tony.rule (~5500 rules) - 49.44%
I outputted all rules that had a match into a file called match.rule. I then sorted
this file based on occurrence and made the following rules out of it. The different sizes could
be useful if time is of essence and/or the hashing algorithm is slow. You could also obviously
head the amount of rules that you want from the top_5000.rule instead.

I done some testing on the same list, and these were the results.

Code:
no rules      - 14.67% found
best 64       - 17.71% found
top_250.rule  - 36.14% found
top_500.rule  - 39.64% found
top_750.rule  - 41.91% found
top_1500.rule - 45.76% found
top_3000.rule - 48.77% found
I realize that the rule set will be kind of biased towards this specific list since it was created
using found passwords from this list. So for further testing, I compiled a list of 1 million hashes
using random passwords from a totally separate HQ cleartext (not cracked!) password leak. These
were the results.

Code:
$ shuf ***.dic | head -n1000000 > random.dic
$ ./md5gen random.dic > random.lst
Code:
no rules      - 8.23%  found
best 64       - 31.42% found
top_250.rule  - 42.97% found
top_500.rule  - 48.16% found
top_750.rule  - 50.97% found
top_1500.rule - 55.80% found
top_3000.rule - 60.59% found
Rules attached below.
 

Attachments

Top