Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Wed, 4 Jan 2006 20:33:11 +0000 (UTC)
From:  Phantom <phantom_otw@...oo.com>
To: john-users@...ts.openwall.com
Subject:  Suggestion/requests and a few questions...

A couple of suggestions/request for future updates to JTR:

1) Add another character class command.
Similar to "s?CY - replace all characters of class C in the word with Y".

But instead replace all characters of one class with all characters of another
class.

If implemented, would this mean that all combinations are tried for each
replacement? 

(So if a word has more than one instance of the first class, all combinations
 of the second class would be tried for all instaces of the first one)

I wanted to replace vowels in words with symbols and signs, 
so I made this rule:
"<9>4/?vs?v[.,:;'\"?!`$%^&*()\-_+=|\\<>\[\]{}#@..."

However, I found that only 1 sign is replaced at a time - they are not mixed.
Would the above suggested addition solve this "issue"? 
And is it something you would consider implementing?


2) Possible expantion of the incremental function by building markov chains of
length 5
out of guessed password statistics based on john.pot,
and using these to generate the ("random") strings.

A friend of mine started making a tool for this to generate wordlists.
So source code could be made avaiable to you upon request.
(It is coded in c++, but the algorithm itself should be mainly c)


3) An option/switch for logfile creation during -single mode to also output
username (of the cracked hash) to the logfile.
This could help people gain insight into how single rules actually work
on different input words and help improve/optimize further rule creation.


In replies to other posts here, you mention your TODO-list for 1.7 ....is this
list to be found anywhere? if so, where?
If not, can it be made avaiable please? 
Will make it easier for us users NOT to suggest/comment on things others have
already suggested/commented on without having to remember/look through all
posts.. :)

Keep up then excellent work on JTR and hope to see 1.7 soon ;)

Best regards

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ