1Rexgen.txt - This document describes how to use the rexgen library, to perform
2regex expression work within JtR.  Rexgen library is copywrite Jan Starke,
3jan.starke@outofbed.org   The regex.c code in JtR by JimF, Spring 2014.
4
5First off, see the section at the bottom of this document about how to obtain
6build and install librexgen.
7
8Usage within JtR: --regex[=option=option2=option3]=expression
9
10The current options we have are:
11    case      will tell librexgen to do case insensitive work
12    alpha     This will use replaceable alphabets.  This can do some REALLY
13              fun things, like replace a letter with a word, etc. The alphabet
14              will be run to convert the reg-ex AFTER the word has been
15              prepared and delivered.  Fun things like f mapping to ph
16              or M mapping to |\/| can be done.  Case can also easily be
17              done here if the case option is also used. These options
18              are stored in the regex_alphabets.conf file in ./run dir
19              of JtR.  There are these current alphabets:
20              The default (if just =alpha is used). It is an empty
21              alphabet, nothing will change.  alpha:case  This is the
22              same as using the case option.  alpha:leet  This is a
23              simple 1337 (elite) transform, where some common lower
24              case letters are changed to numbers.  alpha:leet_case
25              is the same leet, but has full case conversion handled.
26              alpha:leet2 and alpha_leet2_case are a little stronger
27              elite stuff (with and without casing).  alpha:leet3
28              and alpha:leet3_case are strong elite, but probably
29              overkill as far as password guessing goes. They will
30              certainly find more, but there are a LOT of obsure multi-
31              letter replacements which likely are not seen in garden
32              variety passwords. h -> h H  |-|  ]-[  }-{  (-)  )-(  }{  #
33              is one example of alpha:leet3.
34              alpha:ascii2nonascii is a alphabet which will convert ascii
35              characters into non ascii utf8 characters which 'look'
36              similar (i.e. a with grave, umlat, accent, hook, etc)
37
38
39Currently, rexgen can be used stand alone, OR with wordlist and rules.
40There are plans to also add this to single mode at some time.
41
42The command line switch for stand along is --regex[=case]=expression
43The expression is a stand along rexex expression.  If the optional
44=case is there, then the expression is handled in a case insensitive
45manner (case mangling).  So using:  --regex=case=pass  would use these:
46PASS
47PASs
48PaSS
49PaSs
50pASS
51pASs
52paSS
53paSs
54PAsS
55PAss
56PasS
57Pass
58pAsS
59pAss
60pasS
61pass
62
63Stand alone usage is not most useful (especially since the rexgen built
64command can do this and more).  But it is there more to use as 'testing'
65for building expressions (along with using JtR's --stdout).
66
67
68RexGen in --wordlist mode:
69
70This is more powerful. It addes rexgen logic to each word from the wordlist
71to happen AFTER any rules (JtR rules) are applied.  In this mode, all \0 will
72be replaced with the current word (from wordlist, with rules applied), and
73then all of the regular expressions will be performed on this word.
74
75
76------------------------------------------------
77--- Obtaining, building, installing rexgen.  ---
78------------------------------------------------
79First off, you must obtain and install rexgen library. It can be found here:
80
81https://github.com/teeshop/rexgen
82
83git clone --recursive https://github.com/teeshop/rexgen.git
84
85As of this writing the last known good version is 2.0.8 so you may want
86to check that out.
87
88Once you download it, it requires a cmake environment, along with flex and
89bison to be installed and working.  To build, see instructions on this page:
90
91https://github.com/teeshop/rexgen/blob/master/README.md
92
93Instead of just running ./install.sh, you can first run ./build.sh
94as a regular user and then just run ./install.sh as root.
95
96cd rexgen/src
97./build.sh
98sudo ./install.sh
99
100If there are no errors (especially from cmake), librexgen should be installed.
101
102To test:
103rexgen '[0-2]password[A-C]'
1040passwordA
1051passwordA
1062passwordA
1070passwordB
1081passwordB
1092passwordB
1100passwordC
1111passwordC
1122passwordC
113
114Once you are at this point, rexgen is installed.  JtR ./configure now needs
115--enable-rexgen to detect and use the library.
116
117Note, JtR help document is NOT here to troubleshoot installation of this
118library.  A simple how to do it (when thing work right), is what was listed.
119If there problems beyond what is addressed in this document, then the lib's
120author is probably the best way to go.  A quick 'help me' post on john-users
121may get the proper answer, AND if we get a quick resolve, we will likely
122update this document listing this issue.  But anything past the basics,
123are really beyond the scope of the JtR developers.
124