{"id":13531668,"url":"https://github.com/sensepost/common-substr","last_synced_at":"2025-05-07T01:04:04.730Z","repository":{"id":57623495,"uuid":"133270527","full_name":"sensepost/common-substr","owner":"sensepost","description":"Simple tool to extract the most common substrings from an input text. Built for password cracking.","archived":false,"fork":false,"pushed_at":"2020-06-28T20:18:21.000Z","size":43,"stargazers_count":65,"open_issues_count":0,"forks_count":18,"subscribers_count":6,"default_branch":"master","last_synced_at":"2025-05-07T01:03:27.622Z","etag":null,"topics":["cracking","passwords","string-manipulation","wordlist-generator"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/sensepost.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2018-05-13T20:07:20.000Z","updated_at":"2025-04-17T02:23:04.000Z","dependencies_parsed_at":"2022-08-30T11:40:55.438Z","dependency_job_id":null,"html_url":"https://github.com/sensepost/common-substr","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sensepost%2Fcommon-substr","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sensepost%2Fcommon-substr/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sensepost%2Fcommon-substr/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sensepost%2Fcommon-substr/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/sensepost","download_url":"https://codeload.github.com/sensepost/common-substr/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":252793664,"owners_count":21805057,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cracking","passwords","string-manipulation","wordlist-generator"],"created_at":"2024-08-01T07:01:04.725Z","updated_at":"2025-05-07T01:04:04.689Z","avatar_url":"https://github.com/sensepost.png","language":"Go","readme":"# common-substr\nSimple tool to extract the most common substrings from an input text. Built for password cracking. A write-up on the theory can be found [at the sensepost.com blog](https://sensepost.com/blog/2018/cracking-efficiency-measurements-common-substring-attack/)\n\nThere are two versions, the older awk script and the newer \u0026 faster golang version. They use the same commandline switches.\n\n# Usage\n```\nCommon Substring Generator by @singe\nUsage: ./common-substr [-hinsp] [-t \u003cn\u003e] [-l \u003cn\u003e] [-L \u003cn\u003e] -f \u003cfilename\u003e\n\t-h|--help This help\n\t-i|--insensitive Ignore case of substrings\n\t-L|--maxlength \u003cn\u003e Maximum length substring to look for. Default is 32.\n\t-l|--minlength \u003cn\u003e Minimum length substring to look for. Default is 2.\n\t-n|--nostats Just print the substrings, no stats. Default is to include them.\n\t-t|--threshold \u003cn\u003e Only print substrings more prevalent than \u003cn\u003e percent.\n\t-f|--file \u003cfilename\u003e The file to extract substrings from\n\t-s|--suffix Only look at suffix substrings at the end of a string\n\t-p|--prefix Only look at prefix substrings at the beginning of a string\nDefault output (with stats) is tab separated: \u003cpercentage\u003e\t\u003ccount\u003e\t\u003csubstring\u003e\nSorted from most to least common\n```\n\n## Simple Usage Examples\n\nGiven the test file:\n```\n123\n123\n234\n```\n\nWe can find the most common substrings:\n```\n./common-substr -f test\n100     3 23\n66.6667 2 12\n66.6667 2 123\n```\nRead this output as \"100% of the input file had the substring \"23\" which consisted of 3 instances\".\n\nDo the same, but suppress printing of the stats:\n```\n./common-substr -f test -n\n23\n12\n123\n```\n\nOnly include substrings that occur at least 70% of the time:\n```\n./common-substr -f test -t 70\n100\t3\t23\n```\n\nThe stats are tab-separated, to make cut'ing easy:\n```\n./common-substr -f test \u003e output\ncut -f 3 output\n23\n12\n123\n```\n\nOnly include substrings 3 characters or longer:\n```\n./common-substr -f test -l 3 \n66.6667 2 123\n```\n\nOnly include substrings 2 characters or shorter:\n```\n./common-substr -f test -L 2 \n100     3 23\n66.6667 2 12\n```\n\nOnly include the start of the strings (prefix):\n```\n./common-substr -f test -p\n66.6667\t2\t12\n66.6667\t2\t123\n```\n\nOnly include the end of the strings (suffix):\n```\n./common-substr -f test -s\n66.6667\t2\t23\n66.6667\t2\t123\n```\n\n# Password Cracking Examples\n\n## Vanilla wordlist + substrings\nAn example use for password cracking. Assuming you've put already cracked clear-text passwords in a file called 'passwords':\n```\n# Limit substrings to a max length of 27 and only include those which occur\n# at least 1% or more of the time\n./common-substr -t 1 -l 27 -n -f passwords \u003e substrs\nsort -u passwords \u003e uniques\nhashcat -a1 hashes uniques substrs \n```\n\n## Basewords + substrings\n\nIt also helps to create \"base words\" and combine those with the substrings:\n```\ngrep -oi \"[a-z]*[a-z]\" uniques \u003e basewords\nhashcat -a1 hashes basewords substrs\n```\nRemember to try it the other way around too:\n```\nhashcat -a1 hashes substrs basewords\n```\n\n## All Substrings\n\nDrop the threshold and throw the full list of substrings into combinator:\n```\n./common-substr -n -f passwords \u003e all-substrs\nhashcat -a1 hashes all-substrs all-substrs\n```\n\n## Prefix \u0026 Suffix Substrings\n\nTake the commons starts and ends of passwords and combine them:\n```\n./common-substr -n -p -f passwords \u003e prefix\n./common-substr -n -s -f passwords \u003e suffix\nhashcat -a1 hashes prefix suffix\n```\n\n# Building\n\nThe golang version can be built using `go build ./common-substr.go`.\n\nThe awk version can be run using the `common-substr.sh` wrapper script. It requires awk.\n\nI recommend the golang version.\n","funding_links":[],"categories":["Wordlist tools"],"sub_categories":["Generation/Manipulation"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsensepost%2Fcommon-substr","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsensepost%2Fcommon-substr","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsensepost%2Fcommon-substr/lists"}