Products Openwall GNU/*/Linux   server OS John the Ripper   password cracker Free & Open Source for any platform Pro for Linux (RPM package) Pro for Mac OS X (dmg package) Wordlists   for password cracking passwdqc   policy enforcement phpass   password hashing in PHP crypt_blowfish   ditto in C/C++ tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login Services Publications Articles Presentations Community Mailing lists Community wiki Donations Resources Source code repository (CVSweb) File archive & mirrors How to verify digital signatures Password recovery resources Recommended books What's new

Date: Fri, 16 Jun 2006 19:28:40 +0000 (UTC)
From:  Phantom <phantom_otw@...oo.com>
To: john-users@...ts.openwall.com
Subject:  Re: Inverted chatsets?

Solar Designer <solar@...> writes:
> So you must be talking about "inverting" character frequencies, not the
> character set.  That would mean that we treat the characters and
> character combinations that were most commonly seen in our sample
> passwords as the least likely ones, and instead treat the characters and
> character combinations that were never seen as the most likely ones.  In
> other words, we would sort of start our search from the "end" of the
> list of candidate passwords that "incremental mode" normally generates.

Yes, that is what I ment. Sorry for not beeing more clear

> Of course, chances are that we won't get any passwords cracked in any
> reasonable amount of time in this way.

Well, I still say it would be worth testing :)
Since there must be some passwords, where doing it "backwards" would be faster 
than the normal way...?

> On the other hand, if you, for example, have run digits.chr and then
> proceed to run all.chr, you actually want to exclude all-numeric
> passwords from those produced by -i=all.  Right now, the only way to do
> that is with an external filter().  But you might as well choose to not
> do it since all-numeric passwords correspond to a small portion of the
> password space, whereas filtering has a certain processing cost for all
> candidate passwords (including those that contain non-digits).  This
> example also serves to illustrate one reason why I suggest that people
> go for all.chr (or lanman.chr) right away, without bothering with the
> more restrictive charsets.

yeah, I see what you mean..

Then, it might be beneficial to be able to start -i:all from a certain point, 
further on in the frequency "tables" - something like skip the first 10 mill 
most likely combination and start from there instead?

I find it hard to figure out how the .rec files are built and how, 
if possible, one could edit a .reito make it jump past some combinations 
and start from somewhere else...


Regards

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux - Powered by OpenVZ