I have uploaded a screenshot of what exactly is going on, here: http://ift.tt/1wVc0UN
I can see that single-crack mode includes a rule that looks at the username, and "slices" it to identify the password. I concluded this based on the fact that I have ACC_ff77 and ACC_fInAlfAntAsy77 setup with the same password (the password being fInAlfAntAsy77), and single-crack mode does not solve ACC_ff77, but it DOES solve ACC_fInAlfAntAsy77.
I doublechecked this with ACC_123passw0rd123, which the screenshot shows being solved instantly. I also changed the username to not include the password, and it too was not solved in single-crack mode.
That's all well and good, but this brings me to my question: Why is ACC_^.^S#kvV not being solved? The password is ^.^S#kvV so the same ruleset in single-crack mode that is solving the other two usernames should solve this one. I looked through the rulesets, but I admit I did not understand them all. I could not figure out which rule specifically was the one identifying the passwords.
To prove my due diligence, I added my own rule to the single crack mode: x[0-9]l
This rule successfully identifies the password from ACC_^.^S#kvV, as well as the other two accounts. However, I am still very curious why whatever rule is identifying the other two accounts is failing on ACC_^.^S#kvV
Aucun commentaire:
Enregistrer un commentaire