Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 25 Apr 2013 22:19:03 -0400
From: Rich Rumble <richrumble@...il.com>
To: john-dev@...ts.openwall.com
Subject: Re: revised incremental mode and charset files (was:
 Bleeding-jumbo branch updated from core)

On Thu, Apr 25, 2013 at 9:06 PM, magnum <john.magnum@...hmail.com> wrote:

> For length, 15 is barely enough. Again, unless there is some kind of bad
> drawback, why not make a significant increase and ship it with 24 or even
> more, useful or not. And again you do not have to supply charsets that
> really go that far.
>
> If there is a significant tradeoff (speed? size? precision?), limit length
> a little from what I just suggested but not charset_max. Just my opinion.
>
I've recently tried 15-20 characters from chr based on rockyou. Anything
pver 11-12 characters (other than digit only) I can't find success with
All.chr, however that's just me. At those lengths wordlists are the place
to be, unless you can just let them run on and on, or you can really
distribute it out, I'd say 15 is about all you can hope for max, pure alpha
would stretch it, and I most work on fast hashes. But perhaps like you
said, have Incremental: conf's contain the limitations and have chr files
capable of more ship with JtR. I'd keep them at or below 15 in conf for
sure.

It is slower as well because john still iterates the more likely character
sets, and having a length like that will have some new comers scratching
their heads, I think. Adding in more possible characters I'm all for, but
that too will as you pointed out slow things down naturally. If there were
some filters (in conf) to go along with those CPxxxx (etc...) additions,
I'm all for it. I won't need then often, but it'd be nice to know I can
easily try them or create them, or an easily configured option to be just
0x32-0x7f?
</my2cents>
-rich

Content of type "text/html" skipped

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ