SkillAgentSearch skills...

OMEN

OMEN: Ordered Markov ENumerator - Password Guesser

GenerateConvertImprove

Install / Use

/learn @RUB-SysSec/OMEN
About this skill

Quality Score

0/100

Supported Platforms

Universal

README

OMEN: Ordered Markov ENumerator

OMEN is a Markov model-based password guesser written in C. It generates password candidates according to their occurrence probabilities, i.e., it outputs most likely passwords first. OMEN significantly improves guessing speed over existing proposals. If you are interested in the details on how OMEN improves on existing Markov model-based password guessing approaches, please refer to OMEN: Faster Password Guessing Using an Ordered Markov Enumerator.

User Guide

OMEN consists of two separate program modules: createNG and enumNG. createNG calculates n-gram probabilities based on a given list of passwords and stores them on the hard disk. Based on these probabilities enumNG enumerates new passwords in the correct order (descending).

Installation

Use a recent Linux version make sure you have installed git (Git version control system), gcc (GNU Compiler Collection), and make (GNU Make). You can install it under Ubuntu Linux via:

$ sudo apt-get install build-essential git

Check out the source code via:

$ git clone https://github.com/RUB-SysSec/OMEN.git OMEN

Change into the newly created directory OMEN and run:

$ make

If compilation is successful, you can find createNG and enumNG within the current directory.

.
├── alphabetCreator
├── createNG
├── docs
│   ├── CHANGELOG.md
│   ├── LICENSE
│   └── screenshots
├── enumNG
├── evalPW
├── makefile
├── README.md
└── src
    ├── alphabetCreator.c
    ...

If you like, you can now remove the src folder and the makefile file, they are no longer used.

Windows User?

A short installation guide using Cygwin on Windows 10 can be found here.

Basic Usage

Before one can generate any passwords, the n-gram probabilities have to be estimated using createNG. To calculate the probabilities using the default settings, createNG must be called giving a path to a password list that should be trained:

$ ./createNG --iPwdList password-training-list.txt

Each password of the given list must be in a new line. The module then reads and evaluates the list generating a couple of files. Besides a config file (createConfig) storing the used settings (in this case the default setting), several files are created containing information about the grams and the password length. These files have the extension '.level':

  • IP.level (Initial Probability): Stores the probabilities of the first (n-1)-gram of each password.
  • CP.level (Conditional Probability): Stores the probabilities of the actual n-grams.
  • EP.level (End Probability): Stores the probabilities of the last (n-1)-gram of each password.
  • LN.level (Length): Stores the probabilities for the password length.

The probabilities of each n-gram and the lengths are mapped to levels between 0 (most likely) and 10 (least likely). Once those files are created, enumNG can be used to generate a list of passwords ordered by probabilities. Currently, enumNG supports three modes of operation: file, stdout, simulated plaintext attack. In the default mode of enumNG, a list of password guesses based on these levels is created. Using the command

$ ./enumNG

generates 1 billion passwords and stores them in a text file, which can be found in the 'results' folder. The passwords in this file are ordered by level (i.e., by probability). Since common text editors are not able to handle such huge files, it is recommended for testing to reduce the number of passwords created. This can be done using the argument -m.

$ ./enumNG -m 10000

It will create an ordered list with 10,000 passwords only. If you are interested in printing the passwords to the standard output (stdout) stream use the argument -p.

$ ./enumNG -p -m 10000

If you are interested in evaluating the guessing performance against a plaintext password test set use the argument -s. Please note: In this mode OMEN benefits from the adaptive length scheduling algorithm incorporating live feedback, which is not available (due to the missing feedback channel) in file and stdout mode.

$ ./enumNG -s=password-testing-list.txt -m 10000

The result of this evaluation can be found in the 'results' folder.

Both modules provide a help dialog which can be shown using the -h or --help argument.

Password Cracking

How to get from $2a$10$HNYF4KajSTqxIP/KoiB5tOCVeKUgvscTh32hhAmppFk4T/USmI2B. to "GoodOMEN!123"?

Ethics

OMEN was developed for academic use cases like improving probabilistic password modeling, estimating guess numbers or password strength, in general, to improve password security. Do not abuse this software to harm other people's privacy or to break the law.

Preimage Attacks

Popular hash evaluators like Hashcat and John the Ripper support hundreds of hash and cipher formats and could be easily integrated due to their support to read password candidates via their standard input (stdin) stream.

$ ./enumNG -p -m 10000 | ./hashcat64.bin ...

or

$ ./enumNG -p -m 10000 | ./john --stdin ...

For optimal guessing performance, consider to train createNG with a password distribution that is similar to the one you like to crack.

Please note: Using probabilistic password modeling to crack passwords, in general, should only be considered against slow hashes (e.g., bcrypt, PBKDF2, scrypt, or Argon2) were the number of feasible guesses is limited or in very targeted attacks. In contrast, for very fast hashes (MD5, SHA-1, or NTLM), using good dictionaries and mangling rules (e.g., best64.rule) are the way to go.

If you are interested in this topic, consider to read the following papers and their related work (this list is incomplete, you can help by expanding it):

Probabilistic Context-Free Grammars

  • Password Cracking Using Probabilistic Context-Free Grammars (SP '09)
  • Guess Again (and Again and Again): Measuring Password Strength by Simulating Password-Cracking Algorithms (SP '12)
  • On the Semantic Patterns of Passwords and their Security Impact (NDSS '14)
  • Next Gen PCFG Password Cracking (TIFS '15)
  • ...
  • Software A, Software B

Markov Models

  • Fast Dictionary Attacks on Passwords Using Time-Space Tradeoff (CCS '05)
  • OMEN+: When Privacy meets Security: Leveraging personal information for password cracking (CoRR '13)
  • A Study of Probabilistic Password Models (SP '14)
  • OMEN: Faster Password Guessing Using an Ordered Markov Enumerator (ESSoS '15)
  • ...
  • Software A, Software B

Neural Networks

  • Fast, Lean, and Accurate: Modeling Password Guessability Using Neural Networks (USENIX '16)
  • Using Neural Networks for Password Cracking (Blog post by Sebastian Neef '16)
  • Design and Evaluation of a Data-Driven Password Meter (CHI '17)
  • ...
  • Software A, Software B

Hybrids

  • John the Ripper 'Incremental' Mode
  • Introducing the PRINCE Attack-Mode (PASSWORDS '14)
  • ...
  • Software A, Software B

Approach Comparison

  • Measuring Real-World Accuracies and Biases in Modeling Password Guessability (USENIX '15)
  • A Framework for Comparing Password Guessing Strategies (PASSWORDS '15)
  • PARS: A Uniform and Open-source Password Analysis and Research System (ACSAC '15)
  • ...
  • Software A, Software B

Advanced Usage

Both modules provide several command line arguments to select the various modes available and change the default settings. For instance, the probability distribution created during the createNG process may be manipulated by choosing one of the supported smoothing functions, the n-gram size, or the used alphabet. All available parameters for createNG, a short description, and the default values can be seen by calling the program with -h or --help. The same works for enumNG where for instance, the enumeration mode, the used length scheduling algorithm (only used in -s mode, see 'Basic Usage' section), and the maximum amount of attempts can be selected. If no enumeration mode is given, the default mode is executed, storing all created passwords in a text file in the 'results' folder.

OMEN+

OMEN+ is based on When Privacy Meets Security: Leveraging Personal Information for Password Cracking and is an additional feature of OMEN (implemented in the same binary). Using additional personal information about a user (e.g., a password hint or personal background information scraped from a social network) may help in speeding up the password guessing process (comparable to John the Ripper 'Single crack' mode).

Therefore, a related hint or several hints (tabulator separated) must be provided in a separate file. Furthermore, an alpha file is required containing the respective alpha values (tab separated in

RUB-SysSec

View profile

View on GitHub
GitHub Stars330
CategoryDevelopment
Updated1mo ago
Forks44
RUB-SysSec/OMEN

Languages

C

Security Score

85/100

Audited on Feb 26, 2026

No findings