digininja / pipal Goto Github PK

Hi @digininja First of all thank you for all the hard work you put in this tool. Pipal does a great job analyzing passwords. What I noticed is that the top 10 base words are not really the "base" words. For example, it sometimes happens that "p@ssw0rd" and "p@ssword' are (yes also separately) mentioned as a base word, while you would think in the basis it should be "password" (the others are variations).

Perhaps an idea to merge the functionality of deleet with pipal (https://github.com/digininja/deleet)? It could really improve the value of the output.

While running pipal against the passwords included in the newseasims.com dump, I ran into an error:

$ ./pipal.rb -o 2013.04.20-newseasims_com-pipal 2013.04.20-newseasims_com-pwd 
Generating stats, hit CTRL-C to finish early and dump stats on words already processed.
Please wait...
Something went wrong, please report it to [email protected] along with these messages:

incompatible encoding regexp match (UTF-8 regexp with ASCII-8BIT string)

Encoding::CompatibilityError

Backtrace:
./pipal.rb:401:in `=~'
./pipal.rb:401:in `block (3 levels) in <main>'
./pipal.rb:331:in `each_line'
./pipal.rb:331:in `block (2 levels) in <main>'
./pipal.rb:329:in `catch'
./pipal.rb:329:in `block in <main>'
/Users/adamcaudill/.rvm/rubies/ruby-2.0.0-p0/lib/ruby/2.0.0/benchmark.rb:281:in `measure'
./pipal.rb:45:in `<main>'

I was able to correct the error by changing line pipal.rb:340 from

line.force_encoding("ASCII-8BIT")

to:

line.force_encoding("UTF-8")

Running on OSX:

$ ruby -v
ruby 2.0.0p0 (2013-02-24 revision 39474) [x86_64-darwin12.2.1]

Not sure if it's because I'm running Ruby 2, or something about my setup, I know the ASCII vs UTF8 issue with Ruby can be a nightmare to get right.

So, i tried installing ruby on a new OS, Debian 11, Latest linux and on Windows

None of them did work and all throwing the same error

root@20012-42031:~/test# ./pipal.rb --help Traceback (most recent call last): 4: from ./pipal.rb:179:in

ruby versions used:
windows (3.0)
debian (2.7)
linux (2.5)

I have a dump of cleartext email id and password pairs. I have used the basic checkers like basic.rb, date_checker.rb, etc. by extracting all passwords in a txt file and passing that. But I can't figure out how am I supposed to pass the email ids for using the email_names.rb file. I have tried passing the file as colon-separated lines of pairs but that doesn't seem to work...

The --external param (mentioned in the readme) is also removed.

Thanks!

Pipal is awesome at searching for specific strings in passwords. Does the password have the word "pink"? It does? Ok, increment the count of pink +1.

What I find is that many of my users use mangled forms of the words in the pipal checkers. So instead of "pink" there may be "p!nk", "p1nk", "pInk", etc. From what I'm seeing pipal doesn't have mangle rules that can be applied to each string it is looking for. Since this would be something that could be used across all checkers and not just within a certain one, wanted to see what @digininja thought about adding something to the core pipal.rb script to allow for --mangle rules to be applied to strings searched for.

i had tried ruby1.9.3 and higher versoin and got same error
[root@localhost pipal-master]# ./pipal.ry -? -bash: ./pipal.ry: No such file or directory [root@localhost pipal-master]# ./pipal.rb -? <internal:/usr/local/lib/ruby/3.0.0/rubygems/core_ext/kernel_require.rb>:85:in require': /opt/pipal-master/checkers_enabled/01basic
.rb:1: unknown regexp options - bac (SyntaxError)
../checkers_available/basic.rb
^~~~~~
from internal:/usr/local/lib/ruby/3.0.0/rubygems/core_ext/kernel_require.rb:85:in require' from ./pipal.rb:184:in block in

Using pipal with the '--external' option gives the following errror:

undefined local variable or method `external_list' for main:Object

NameError

Backtrace:
./pipal.rb:236:in `block (2 levels) in <main>'
./pipal.rb:235:in `each_line'
./pipal.rb:235:in `block in <main>'
/usr/lib/ruby/1.9.1/getoptlong.rb:604:in `block in each'
/usr/lib/ruby/1.9.1/getoptlong.rb:601:in `loop'
/usr/lib/ruby/1.9.1/getoptlong.rb:601:in `each'
./pipal.rb:211:in `<main>'

I am using the github current version of pipal. I tried both ruby1.9.1 and ruby1.9.3.

Hi

This is the first time I have used Ruby or Pipal and I'm getting the following error:

C:/Security/Ruby/Pipal/pipal.rb:261:in ``': No such file or directory - wc -
l 'passwords.txt' (Errno::ENOENT)
from C:/Security/Ruby/Pipal/pipal.rb:261:in`

This is probably user error but any help would be much appreciated. I'm running the following command and both pipal and the passwords.txt file are in same directory:

pipal.rb passwords.txt -o passout.txt

Thanks

Pipal is my go-to password analyzer. Love it. The one additional thing I wish it had is the hashcat mask generator that PACK has. I always run both analyzers, but PACK just to get the masks. If pipal had that, that would be pretty awesome. I thought of just merging the two, but PACK is python and pipal is ruby. I've never tried ruby myself, otherwise I'd jump in and try to create a version myself. Sorry...

Here is the source code for PACK: https://thesprawl.org/projects/pack/

It would be nice to have a feature for creating wordlists based on the base words. A 'de-1337'-function could help creating these wordlists. The password '1945un1c0rn01' could result in the base word 'unicorn' by stripping the begin/end non-alpha's and replacing the inner 1 and 0 with the alpha character (i/o).

I'd like to see a flag/option that shows the found strings to be able to quickly highlight ones of interest. I picture a --highlight or --show flag to be passed to the main script. It'll turn output like:

Seasons
winter = 15 (0.83%)
summer = 9 (0.5%)
fall = 3 (0.17%)

to

Seasons
winter = 15 (0.83%) - winteriscoming123, winterwinter!
summer = 9 (0.5%) - ILovesummer, summertimeR0CK$
fall = 3 (0.17%) - fallinginluv, snowfallsnow, fallismyFAVoriteseason

This is important for things like the new "violent" and "explicit" checkers that look for possibly disgruntled people. It'd make it easy to see the difference from a password of 'badWeatherSucks' and 'myf-ingjobsucks' at a quick glance without having to search the password list. Kind of a method of easily false positive viewing.

This tool is really a string analyzer. Most of the time, people pass passwords to it to analyze. But you can pass any word list to it. I suggest changing all the output and help text to move from "password" to "string" to help people understand it can be used in wider cases.

I try to use some module and I get an error :

pipal-modular/checkers_available/FR_area_codes.rb:145:in get_results': undefined methodlength' for nil:NilClass (NoMethodError)
from ./pipal.rb:717:in block (2 levels) in <main>' from ./pipal.rb:716:ineach'
from ./pipal.rb:716:in block in <main>' from /usr/lib/ruby/1.9.1/benchmark.rb:280:inmeasure'
from ./pipal.rb:75:in `

I do not have this error with the FR_color_checker module !

I'm not sure if this was intentional, a bug, or just an artifact of the behavior of this checker. However, "date_checker.rb" does not sort the resulting lists by frequency like every other checker. It appears that everything else uses "list_checker.rb" which sorts the output, date_checker does not.

For example, vehicles are sorted in descending order:

Vehicle
car = 101125 (0.31%)
ford = 9976 (0.03%)
bmw = 4829 (0.01%)
audi = 4653 (0.01%)

Here's a sample from Dates/Months, where March should come first (but doesn't), followed by January and February.

Dates

Months
january = 3259 (0.01%)
february = 1273 (0.0%)
march = 8481 (0.03%)

It looks like you pulled the colour checking class out from list_checker.rb but there are still variable references/names in that file referencing the colour variables.

For instance, the following excerpt shows the "colour" variables. Should they be more generically named now?

def process_word (word, extras = nil)
        @list.each_pair do |colour, count|
            if /#{colour}/i.match word
                @list[colour] += 1

Running ruby 1.9.3 :

09:35:27 connection@GLaDOS:[~/pipal]$ ruby -v
ruby 1.9.3p448 (2013-06-27 revision 41675) [x86_64-darwin12.5.0]

And pipal 3.0 :

09:36:49 connection@GLaDOS:[~/pipal]$ ruby pipal.rb
pipal 3.0 alpha Robin Wood ([email protected]) (www.digininja.org)

I get the following error :

No Checkers enabled, please read README_modular for more information

Even when running --list-checkers I am not able to run it and options such as -h and -? do not even show usage instructrions

Hey @digininja , I would like to feature pipal on Null Byte, but I'm experiencing an issue.

The wordlist being analyzed is 92,400,000 lines, 1.1Gb. Pipal seems to lag after ~2 hours of processing. At that point my CPU usage drops down to normal levels and the ETA starts to slowly increase until it stops. This was done in a Kali VM with 4 cores and 6Gb RAM. Tried again on a dedicated Ubuntu machine with an i7 and 16Gb RAM -- same issue.

Does pipal have limitations? What might be causing the lag and how can I debug?

EDIT:

I just realized Ruby v1.9 is recommended in the README.

> apt-cache policy ruby
ruby:
  Installed: 1:2.5.0
  Candidate: 1:2.5.0
  Version table:
 *** 1:2.5.0 500
	500 http://http.kali.org/kali kali-rolling/main amd64 Packages
	100 /var/lib/dpkg/status

But pipal works fine when analyzing smaller wordlists using v1.2. Should I try manually installing v1.9.x in Kali? There's an APT candidate for v2.3 and v2.5, will those suffice?

P.S. I'm not a ruby coder

It would be great if you can make it as a gem so pipal command can be used in anywhere in the command line. Also, it makes it easier to maintain your code from the user perspective.

@Lexus89 As a user of the tool, how would you feel if I update the output to produce markdown rather than basic text? I'm thinking about it as it would then let me do markdown to HTML for some nicer reports.