Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 9 Sep 2013 14:40:35 -0400
From: Rich Rumble <richrumble@...il.com>
To: john-dev@...ts.openwall.com
Subject: Re: Sayantan's Weekly Report #13

On Mon, Sep 9, 2013 at 1:21 PM, magnum <john.magnum@...hmail.com> wrote:

>
> Just thinking out loud here: How much is the gain from consecutive ranges?
> I believe HashCat does in fact not use consecutive ranges even for eg. ?l
> but instead sort them after some kind of probability order. This would be
> even more useful with ?a which should probably start with some lower-case
> letter and end with "~" or some other less used character. I have noticed
> that when you use a large mask like ?a?a?a?a?a?a it takes quite a while
> before first crack because the "msb" part starts with seldom used specials.
>
Couldn't  ?a?a?a?a?a?a = incremental 6 (all.chr)
maybe ?u?l?l?l = inc_1(alpha_upper) + inc_3(alpha_lower)
 or would it just make more sense that ?u?l?l?l is actually
inc_4(alpha_lower) with just the first char capitalized (C)

It could just be me not understanding, and Mask mode is a totally different
animal than Incremental/trigraphs. With the recent work that's been done,
are there better ways to guess weak passwords? Would "n-grams" work in
place of ?a?a?a?a?a?a (6-"grams") work there as well as inc-6-all, or
markov-6-all? I can't code anything and math isn't a subject I'm gooder in,
so that's your guys show, I'm just always curious :) Devils advocate
signing off.
-rich

[ CONTENT OF TYPE text/html SKIPPED ]

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ