If the point is to generate all possible strings that could be passwords, given that they all include a contiguous "hint" as a substring, then this would be very easy to do, but I don't think a regex match/substitution would have anything to do with a suitable brute-force answer.

Given that you know the set of characters allowed as part of the password, then I suspect that some nested-loop approach (having those characters in an array) would probably constitute the expected solution.

That said, I'm sure it would be easier in perl than in java. For example, if the password length is N and the length of the "hint" substring is M, you could loop over all possible character sequences of length N-M, and for each of those, insert the hint string at each juncture within the sequence (offset 0, offset 1, ... offset N-M).

(Update: in other words, what Zaxo said :)