The program features a macrolanguage that is used for checking passwords during the dictionary based attack. Using a macrolanguage requires special skills and is only recommended for use by information security specialists.
To make using the macro language easier, we added a Rules Editor to the application.
Main idea of this attack is to take one word from dictionary and modify it with so called "rules".
Rules file should be in Unicode (little-endian with header) format and starts from some defines:
Name=Simple set Language=English Caps=ABCDEFGHIJKLMNOPQRSTUVWXYZ Smalls=abcdefghijklmnopqrstuvwxyz
Main defines are "Caps=" & "Smalls=" which will be used later with "capitalize", "lowerize" and other toggle case mutations. All empty lines and lines starts from ';' will be skipped. ';' used to start comment.
After "[Rules]" actual rules definition starts. Each line == single rule. There are some specials characters to define actions and "normal" characters which will be added to current string.
Special characters can be inserted using '\'. Character followed '\' will be used 'as is'. Except for 'x' as '\xNNNN' can be used to describe Unicode character which hex value NNNN.
Processing always starts from blank line. The base definition is:
which means "insert current word from dictionary".
Modifiers start from '.', possible values are:
.l lowercase word .u uppercase word .c capitalize word .C inv capitalize word .t toggle case word .R reverse word .2-9 repeat word 2-9 times .TN toggle char N=0..9, A..Z, x = last .dN delete char at pos N .iNX insert char X at position N (z = insert after last char) .rNX replace char at position N with X .sXY replace all chars X with Y .xX remove all chars X from word .eN truncate word to N symbols .pN push char at pos N to stack keeping it on pos .PN push char at pos N to stack and remove it from word .qN pop char from stack to pos N and keep char on stack .QN pop char from stack to pos N and remove char from stack
Now some examples. Let "current word" be "PassWord", then
$w PassWord $w.l password $w.u PASSWORD $w.c Password $w.C pASSWORD $w.t pASSwORD $w.R droWssaP $w.2 PassWordPassWord $w.3 PassWordPassWordPassWord $w.c.Tx PassworD $w.R.c Drowssap $w.R.c.Tx DrowssaP $w.d0 assWord $w.d0.c Assword $w.dx PassWor $w.dx.c Passwor $w.p0.Q0 PPassWord $w.p0.Q0.c Ppassword $w.p0.q0.Q0 PPPassWord $w.p0.q0.Q0.c Pppassword $w.px.Qz PassWordd $w.px.Qz.c Passwordd $w.px.qz.Qz PassWorddd $w.px.qz.Qz.c Passworddd $w0 PassWord0 $w1 PassWord1
It's possible to use $w more than once.
It's possible to use brackets to perform multiple mutations.
It's possible to use flow control. Simple rejects can be done with:
<N continue only if word is less than N symbols length >N continue only if word is greater than N symbols length =N continue only if word is exactly N symbols length $w>4 PassWord will be processed $w<4 PassWord will be skipped
More complex flow control possible with compare operation followed by predicated command. It's possible to compare:
.bNX compare char at position N with X .BXN count number of char X occurencies at word and compare it with N .vN compare current length of word with N
Result of compare are carry and zero flags. And these flags can be used with:
@gt execute next command only if result was greater than @lt --||-- less than @le --||-- less or equal @ge --||-- greater or equal @eq --||-- equal @ne --||-- not equal
$w.b0G @ne 0 if first character is not 'G' then append '0' $w.b1a @eq 1 if second character is 'a' then append '1' $x.Bs2 @ge ! if there 2 or more 's' in word then append '!' $w.v3 @ge 1 if word length is 3 or more symbols then append '1' $w.v4 @gt (555) if word length is more than 4 symbols then append "555"
There is special command '|' -- reject word. Also can be used like:
$x.Bs2 @ne | reject word if it doesn't contains two 's'