Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Mon, 23 May 2005 20:26:49 +0400
From: Solar Designer <solar@...nwall.com>
To: john-users@...ts.openwall.com
Subject: Re: Possible to set min. password size?

On Sun, May 15, 2005 at 12:47:42PM -0700, Whom Ever wrote:
> --- James <jbdive@...dspring.com> wrote:
> >  If you know passwords are at least 8 characters
> > long is it possible to set
> > JTR to start at 8 and move up?
> 
> [Incremental:All]
> File = $JOHN/all.chr
> MinLen = 0
> MaxLen = 16
> CharCount = 95 
> 
> I'm new to John, but I think all you need to do is
> adjust the MinLen setting in john.conf (later
> versions) or john.ini (earlier versions).  This will
> be found in the Incremental:YOURCHOICE section(s).

While you're correct about the syntax, the above example obviously
won't work for the default all.chr (which only has data for lengths up
to 8), the MaxLen = 16 and CharCount = 95 combination wouldn't work
because of the 64-bit integer overflow (one wouldn't be able to
generate a *.chr file for these settings), and setting MaxLen beyond 8
doesn't make sense for traditional DES-based hashes anyway.

I have already addressed all of these issues in more detail (including
workarounds, where appropriate) in my other responses on this list.

-- 
Alexander Peslyak <solar at openwall.com>
GPG key ID: B35D3598  fp: 6429 0D7E F130 C13E C929  6447 73C3 A290 B35D 3598
http://www.openwall.com - bringing security into open computing environments

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ