Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Tue, 14 Feb 2012 17:05:18 -0500
From: Matt Weir <cweir@...edu>
To: john-dev@...ts.openwall.com
Subject: Re: stacking rules and external filters on top of other
 modes (was: --external=Keyboard mode [was: john-users])

I'm probably misunderstanding the capability the original question was
asking for, but it sounds like they were asking for parallel
processing of rules instead of batch/sequential processing, aka:

>>"--rules=a --rules=b" invoke the two rulesets in parallel (so
>>e.g. if the rulesets have 3 rules each, that will be an equivalent of 9
>>rules total)

Hashcat currently supports that by using a stdin option and then
applying all the rules to each input word before moving to the next
input word, (there may be other ways they support parallel rules, but
that's the way I'm familiar with).

The basic issue, chaining rules in parallel, is a problem I've run
into in the past when using John. The way I dealt with it was by
writing my own scripts that did pretty much the same thing. That's not
an ideal method to deal with the problem though since I'll be the
first to admit my scripts were fairly slow. Here is an example where I
applied word mangling rules to the output created by JtR's incremental
mode:

https://sites.google.com/site/reusablesec/Home/password-cracking-tools/middle-child

One way JtR could deal with the problem is much the same way Hashcat
does. If both the -stdin and the -rules options are selected, then
John should create all of the "mangling rule + input word" guesses for
the first input word before moving on to the next input word. Another
option would be to cache N words from stdin, run the rules on them to
create guesses, (essentially using them as a small input dictionary),
while grabbing the next N words from stdin.

This might also help the initiatives to get JtR to work with GPU's as
you'd only have to transfer each dictionary word once to the GPU as
you'd be applying all of the mangling rules there and then discarding
it, vs creating the guess on the CPU and just transferring it to the
GPU to be hashed. I admit I haven't been keeping up with the JtR GPU
development though so I might be repeating old info or you guys came
up with a better solution already ;)

Matt Weir

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ