Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Sun, 22 May 2005 22:16:46 +0200
From: "Frank Dittrich" <frank_dittrich@...mail.com>
To: john-users@...ts.openwall.com
Subject: Feature request regarding --rules option

Hi,

I think it could be a useful feature if the --rules option would
accept an optional qualifier: --rules[=RULESET]

If not specified, the default rule set should be Wordlist when
the --rules option is used together with --wordlist[=FILE]
or --stdin.
It should be Single, if used together with option --single
(independent on whether or not --rules is specified together with
the --single option).
Or, just don't allow different rule sets for single mode.
I think it's more helpful for word lists.

With this addition, you don't need to edit john.conf, if you want
to apply a different set of rules.
Instead, you could maintain different rule sets and decide which rule
set to try in which sequence, for which word list(s), or for which
passwd file or --salts option.

Reasons to have different rule sets:

It does make sense to try more rules on small word lists
(e.g. names) or with --salts=20 first, check which rules cracked
most passwords, and apply these rules to larger word lists or for
the other salts.

For passwords cracked using the incremental mode, you could check
whether it makes sense to define new rules to crack other passwords
which might have been built using the same mangling rule.

For systems with different password policies, you could adjust the
sequence of rules accordingly.
E.g., if the users are required to change their password every
month, you'll frequently find password "schemes" like
secret01, secret02, ...
If you know the password has to be mixed case and contain at least
one special character, you can use this knowledge to adjust the
sequence of rules...

Another reason might be the recently discussed LANMAN and NT hash
issue.


One workaround is to use different directories and adjust the
[List.Rules:Wordlist] section of john.conf accordingly.
But then you'd have to synchronize the john.pot files.

The other workaround is to edit the john.conf file and rename a
section to [List.Rules:Wordlist] after renaming the old
[List.Rules:Wordlist] section.
But this is error prone if you have several instances of john
running at the same time.
If you have to restart your machine, you have to make sure to
restore the [List.Rules:Wordlist] section correctly before you
can resume cracking, otherwise the corresponding .rec file is toast.

Keeping Wordlist and Single as the defaults will ensure you can still
use your old .rec files after upgrading JtR to a newer version.

What do you think? Is this addition useful?
It should be fairly easy to implement.


Regards
Frank Dittrich

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.