You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
142 lines
3.0 KiB
142 lines
3.0 KiB
---
|
|
title: Recover Your Lost Password On The Command Line
|
|
summary: >
|
|
If you are like me and use many different passwords you may come to that point
|
|
when you can't think of a password for a specific service (or (zip)file). This
|
|
is how I recover most of them.
|
|
date: 2024-08-18T16:36:17+0200
|
|
#lastmod:
|
|
categories:
|
|
- amateur-radio
|
|
- computerstuff
|
|
tags:
|
|
- pentest
|
|
- scripting
|
|
- john
|
|
- hashcat
|
|
- command-line
|
|
- draft_post
|
|
|
|
# showBreadcrumbs: true
|
|
# showDate: false
|
|
# showReadingTime: false
|
|
# showWordCount: false
|
|
# showPagination: false
|
|
|
|
# feed_exclude: true
|
|
# site_exclude: true
|
|
|
|
# some help
|
|
#
|
|
# highlighting with highlights
|
|
#
|
|
# use table, as inline creates a padding around
|
|
# and it pushes the text more to the right side (end of screen)
|
|
#
|
|
# ~~~html {linenos=table,hl_lines="3-6"}
|
|
# ~~~html {linenos=inline,hl_lines="1,3-6"}
|
|
|
|
draft: true
|
|
|
|
---
|
|
|
|
I usually save most variations of my passwords in a secure file and with a rule
|
|
file I can re-create most of the passwords that I have ever used.
|
|
|
|
And because I do not want to type all the passwords by hand I use tools for this task,
|
|
which speeds this whole process up and it costs me minutes (where I can do other things
|
|
meanwhile)...
|
|
|
|
## Create the initial password file
|
|
|
|
I only use lower letters because I will punch that file through rules later that will
|
|
automatically make some letters uppercase, add some numbers to it et cetera...
|
|
|
|
~~~
|
|
password
|
|
otherpassword
|
|
~~~
|
|
|
|
Let these be our initial password file with the initial password that we use.
|
|
|
|
## The rule file
|
|
|
|
Now create a rule file that will do most of the work by modifying the lines
|
|
from our initial password file.
|
|
|
|
~~~
|
|
## take it as it is, toggle first character to uppercase or lowercase, uppercase all characters
|
|
:
|
|
T0
|
|
u
|
|
|
|
## append/prepend something to the password itself
|
|
$!
|
|
$1 $2 $3
|
|
$3 $2 $1
|
|
$m $i $n $e
|
|
^y ^m
|
|
^i
|
|
^i T1
|
|
^0
|
|
^0 T1
|
|
~~~
|
|
|
|
So if you tend to finish your weak passwords with `12shark`, you may want to add this to
|
|
your ruleset as `$1 $2 $s $h $a $r $k`.
|
|
|
|
Now every line from your password file gets appended with `12shark`.
|
|
|
|
## Line counts
|
|
|
|
~~~console
|
|
$ wc -l *
|
|
154 list.best64.txt
|
|
68196 list.d3ad0ne.txt
|
|
24 list.simple.txt
|
|
2 pwlist.txt
|
|
15 simple.rule
|
|
~~~
|
|
|
|
So our initial password file contains 2 words (2 lines), the modified new password list
|
|
based on our own ruleset contains 24 lines (passwords).
|
|
|
|
And the other two files (_best64_ and _d3ad0ne_) were made with some default rules from a
|
|
tool called [john](https://www.openwall.com/john/).
|
|
|
|
As you can see the wide-known ruleset _best64_ created 154 passwords from it and the
|
|
more enhanced rule _d3ad0ne_ created 68196 passwords from our 2 words.
|
|
|
|
## What the output looks like
|
|
|
|
Using our own ruleset from above, we get these combinations:
|
|
|
|
~~~
|
|
password
|
|
Password
|
|
PASSWORD
|
|
password!
|
|
password123
|
|
password321
|
|
passwordmine
|
|
mypassword
|
|
ipassword
|
|
iPassword
|
|
0password
|
|
0Password
|
|
otherpassword
|
|
Otherpassword
|
|
OTHERPASSWORD
|
|
otherpassword!
|
|
otherpassword123
|
|
otherpassword321
|
|
otherpasswordmine
|
|
myotherpassword
|
|
iotherpassword
|
|
iOtherpassword
|
|
0otherpassword
|
|
0Otherpassword
|
|
~~~
|
|
|
|
|