Hi <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="

Try the new deleet_checker in here: <p dir="auto"

Base words (feature request) about pipal HOT 13 OPEN

digininja commented on August 21, 2024

Base words (feature request)

from pipal.

Comments (13)

digininja commented on August 21, 2024 1

I've just pushed a change that will deleet the base word rather than the main word.

This:

p@ssword
P@ssw0rd1
123Pas5word22
123P@ssw0rd1
fish
pa55word

Used to go to:

password = 2 (33.33%)
passwordi = 1 (16.67%)
i2epassword22 = 1 (16.67%)
i2epasswordi = 1 (16.67%)
fish = 1 (16.67%)

Now goes to:

password = 5 (83.33%)
fish = 1 (16.67%)

from pipal.

digininja commented on August 21, 2024

That seems like a reasonable idea, I would just need to fix on a single set of substitutions otherwise it would get too complex. Substituting 1 for i or l , as long as it is consistent, I don't think would really matter. Swapping 1 for i and saying the base word for 1inked1n is inkedin isn't going to give the correct base, but the human looking at it would be able to understand the mistake and the context. I'll see what I can get added, I'll probably do it as a new plug in rather than modify the existing so not too break the way it currently works

…

On Wed, 10 Aug 2022, 14:40 Lexus89, ***@***.***> wrote: Hi @digininja <https://github.com/digininja> First of all thank you for all the hard work you put in this tool. Pipal does a great job analyzing passwords. What I noticed is that the top 10 base words are not really the "base" words. For example, it sometimes happens that ***@***.***" and ***@***.***' are (yes also separately) mentioned as a base word, while you would think in the basis it should be "password" (the others are variations). Perhaps an idea to merge the functionality of deleet with pipal ( https://github.com/digininja/deleet)? It could really improve the value of the output. — Reply to this email directly, view it on GitHub <#59>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AAA4SWOHR2D6FERYAL5QULTVYOWMNANCNFSM56ESRGTA> . You are receiving this because you were mentioned.Message ID: ***@***.***>

from pipal.

Lexus89 commented on August 21, 2024

Very very late reply - perhaps usable for someone having this issue as well - a comparison to dictionary words may help determining what substitutions were used (for deleet). Convert back to the potential original words, search in a custom dictionary file, and the one found is likely to have the correct base word.

from pipal.

digininja commented on August 21, 2024

I've just checked and I've not done anything significant to this code for 10 years! It has probably been about that long since I last touched Ruby for anything more than a few line script.

I'll see if I can remember how any of it works and make some changes.

from pipal.

Lexus89 commented on August 21, 2024

I've just checked and I've not done anything significant to this code for 10 years! It has probably been about that long since I last touched Ruby for anything more than a few line script.

I'll see if I can remember how any of it works and make some changes.

Haha no worries, I didn't even expect a reply as it was so long ago (I do hope it has not been 10 years already haha! Time flies). Just wanted to share the idea, even if for archiving purposes ;)

from pipal.

digininja commented on August 21, 2024

It wasn't that long since you did the original comment, but looking at the code dates, it has been that long since any major updates.

…

On Fri, 4 Aug 2023 at 16:30, Lexus89 ***@***.***> wrote: I've just checked and I've not done anything significant to this code for 10 years! It has probably been about that long since I last touched Ruby for anything more than a few line script. I'll see if I can remember how any of it works and make some changes. Haha no worries, I didn't even expect a reply as it was so long ago (I do hope it has not been 10 years already haha! Time flies). Just wanted to share the idea, even if for archiving purposes ;) — Reply to this email directly, view it on GitHub <#59 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AAA4SWPZQ2KVZH3266K6YNLXTUIQVANCNFSM56ESRGTA> . You are receiving this because you were mentioned.Message ID: ***@***.***>

from pipal.

digininja commented on August 21, 2024

Try the new deleet_checker in here:

https://github.com/digininja/pipal/tree/deleet

from pipal.

digininja commented on August 21, 2024

I've tided up that code, done a few more little fixes, and pushed it all into the main branch.

Hopefully it is all working correctly, any problems, let me know.

from pipal.

Lexus89 commented on August 21, 2024

Thanks a lot! Looking at the output of deleet, it might bring more concrete results when deleet is focusing on the base word output instead of the raw passwords. With some luck this will return 'potato' as the main base word, which can be used for creating new (client tailored) word lists. When deleet-ing those they can also be merged again (p0t4t, p0t@t, etc. => single 'potat' statistic).

Password list

potato123!
123!potato
potato!
$potato$
p0t4t0
pot@t0
p0t@to2023!

Top 10 base words

potato = 4 (57.14%)
p0t4t = 1 (14.29%)
pot@t = 1 (14.29%)
p0t@to = 1 (14.29%)

Top 10 passwords (from deleet)

potato = 2 (28.57%)
potatoi2e! = 1 (14.29%)
i2e!potato = 1 (14.29%)
potato! = 1 (14.29%)
$potato$ = 1 (14.29%)
potato2o2e! = 1 (14.29%)

There will be some weird cases like 'p0tat0' => 'potat' (due to ltrim/rtrim), which would make things a bit more complicated, but I am hoping the overall result will be more in line with what to feed to the password cracker. With larger results a print all instead of top X could also be useful.

My apologies for these ideas, I tend to overcomplicate things.. :)

from pipal.

digininja commented on August 21, 2024

I'll have a look at doing base words instead of the main word, shouldn't be too hard to do. You can change the top X with the cap parameter so you get everything.

…

On Mon, 7 Aug 2023 at 10:09, Lexus89 ***@***.***> wrote: Thanks a lot! Looking at the output of deleet, it might bring more concrete results when deleet is focusing on the base word output instead of the raw passwords. With some luck this will return 'potato' as the main base word, which can be used for creating new (client tailored) word lists. When deleet-ing those they can also be merged again (p0t4t, ***@***.***, etc. => single 'potat' statistic). Password list potato123! 123!potato potato! $potato$ p0t4t0 ***@***.*** ***@***.***! Top 10 base words potato = 4 (57.14%) p0t4t = 1 (14.29%) ***@***.*** = 1 (14.29%) ***@***.*** = 1 (14.29%) Top 10 passwords (from deleet) potato = 2 (28.57%) potatoi2e! = 1 (14.29%) i2e!potato = 1 (14.29%) potato! = 1 (14.29%) $potato$ = 1 (14.29%) potato2o2e! = 1 (14.29%) There will be some weird cases like 'p0tat0' => 'potat' (due to ltrim/rtrim), which would make things a bit more complicated, but I am hoping the overall result will be more in line with what to feed to the password cracker. With larger results a print all instead of top X could also be useful. My apologies for these ideas, I tend to overcomplicate things.. :) — Reply to this email directly, view it on GitHub <#59 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AAA4SWOKWGU5B76GJMJPLT3XUCWFBANCNFSM56ESRGTA> . You are receiving this because you were mentioned.Message ID: ***@***.***>

from pipal.

Lexus89 commented on August 21, 2024

The base words are detected a lot better now, really useful thanks a lot! Small thing I noticed; sometimes it also prints an empty base word ("" = x%), probably because the string is empty after deleet-ing, but that doesn't really matter it's good enough for me ;)

from pipal.

digininja commented on August 21, 2024

I'll get that fixed. I wonder if that effects the other base word checker as well, I'll have a look at the same time.

…

On Wed, 16 Aug 2023, 11:52 Lexus89, ***@***.***> wrote: The base words are detected a lot better now, really useful thanks a lot! Small thing I noticed; sometimes it also prints an empty base word ("" = x%), probably because the string is empty after deleet-ing, but that doesn't really matter it's good enough for me ;) — Reply to this email directly, view it on GitHub <#59 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AAA4SWI3FUMTHQABZOQHIR3XVSQ6TANCNFSM56ESRGTA> . You are receiving this because you were mentioned.Message ID: ***@***.***>

from pipal.

digininja commented on August 21, 2024

I've just pushed a fix for this.

from pipal.

Base words (feature request) about pipal HOT 13 OPEN

Comments (13)

Password list

Top 10 base words

Top 10 passwords (from deleet)

Related Issues (20)

Recommend Projects

React

Vue.js

Typescript

TensorFlow

Django

Laravel

D3

Recommend Topics

javascript

web

server

Machine learning

Visualization

Game

Recommend Org

Facebook

Microsoft

Google

Alibaba

D3

Tencent