Scenario file is in fact a simple text file in Unicode format with each scenario describing like:
[Line #1] Name of scenario [Line #2] This scenario will be default for this list of formats identifiers [Line #3] Attack description #1 [Line #4] Attack description #2 ... [Line #N] Attack description #(N-2) [Blank line]
Name of scenario can be anything up to 256 symbols long.
Formats identifiers are predefined set of 4 symbols long codes uniquely describing each format supported by this program. Right now it's possible to use following codes:
Each attack description line follows simple syntax to define separate attack. General syntax is:
If there any special symbols within param it must be enclosed into double quotes. If there is a double quote symbol itself it must be duplicated, i. e.
defines charset with one symbol — double quote, while
defines charset with 6 symbols, 1-2-3-4-5 digits and double quote character.
Character \ (backslash) having special meaning, it must be followed either by backslash meaning backslash itself must be used, i. e.
defines charset with one symbols — backslash. If \ followed by x then two next symbols must be hexadecimal character code while if it's followed by X then four next symbols must be hexadecimal character code in Unicode encoding. Thus,
defines charset with two symbols — space (code = 0x20) and Russian capital letter A (code = 0x410).
This also means that file paths are looks like:
Asterisk before file name having special meaning — to use internal rules or dictionary files built-in into program.
No dictionary based attacks NONE /a:b /c:a /min:1 /max:3 /a:b /c:s /min:4 /max:4 /a:b /c:c /min:4 /max:4 /a:b /c:d /min:4 /max:5 Default for MS Office 2007-2010, RAR3, TrueCrypt RAR3 OF07 OF10 BBB6 TRUE ABP4 /a:b /c:a /min:1 /max:2 /a:r /r:*1s.rul /d:*medium_en.dic /a:r /r:*1a.rul /d:*medium_en.dic /a:b /c:a /min:3 /max:3 /a:b /c:s /min:4 /max:4 /a:b /c:c /min:4 /max:4 /a:b /c:d /min:4 /max:5 /a:r /r:*2s.rul /d:*medium_en.dic /d:*small_en.dic
This short scenario file describes two scenarios named "No dictionary based attacks". And second one is marked as default for MS Office 2007-2010, RAR3, TrueCrypt files via RAR3 OF07 OF10 BBB6 TRUE ABP4 format identifier. First scenario using only brute-force attacks while second one performing some dictionary based attack with rules sets and dictionaries built-in into program.
You can also check out file named "Default scenario file.txt" in program directory for more advanced scenarios.