Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 16 Jun 2006 19:28:40 +0000 (UTC)
From:  Phantom <phantom_otw@...oo.com>
To: john-users@...ts.openwall.com
Subject:  Re: Inverted chatsets?

Solar Designer <solar@...> writes:
> So you must be talking about "inverting" character frequencies, not the
> character set.  That would mean that we treat the characters and
> character combinations that were most commonly seen in our sample
> passwords as the least likely ones, and instead treat the characters and
> character combinations that were never seen as the most likely ones.  In
> other words, we would sort of start our search from the "end" of the
> list of candidate passwords that "incremental mode" normally generates.

Yes, that is what I ment. Sorry for not beeing more clear

> Of course, chances are that we won't get any passwords cracked in any
> reasonable amount of time in this way.

Well, I still say it would be worth testing :)
Since there must be some passwords, where doing it "backwards" would be faster 
than the normal way...?

> On the other hand, if you, for example, have run digits.chr and then
> proceed to run all.chr, you actually want to exclude all-numeric
> passwords from those produced by -i=all.  Right now, the only way to do
> that is with an external filter().  But you might as well choose to not
> do it since all-numeric passwords correspond to a small portion of the
> password space, whereas filtering has a certain processing cost for all
> candidate passwords (including those that contain non-digits).  This
> example also serves to illustrate one reason why I suggest that people
> go for all.chr (or lanman.chr) right away, without bothering with the
> more restrictive charsets.

yeah, I see what you mean..

Then, it might be beneficial to be able to start -i:all from a certain point, 
further on in the frequency "tables" - something like skip the first 10 mill 
most likely combination and start from there instead?

I find it hard to figure out how the .rec files are built and how, 
if possible, one could edit a .reito make it jump past some combinations 
and start from somewhere else...


Regards

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ