Date: Fri, 30 Jun 2006 06:54:15 +0000 (UTC) From: Phantom <phantom_otw@...oo.com> To: john-users@...ts.openwall.com Subject: Re: rules - Q vs M and their effects on speed? > It would help if you learn to quote relevant bits of context. I usually do that, but in this case I thought that you would be able to easily understand what I was referring to :) > > it does make a difference in which order rules are entered in the > > conf/ini file > > Yes - because you want rules that happen to produce a higher success > rate tried first - but this has nothing to do with the M and Q commands. Ok, so basically that is because the sooner a password is cracked, the better because then the follwing rules won't waste energy on the same hashes? > > when the rules have a possibility "creating" duplicate candidate words. > > That is irrelevant to the ordering of rules - but it is a reason to use > the M and Q commands as appropriate. > > > That way the Q can "cover" more than one rule/line? > > All rule commands, including Q, are a part of the rule they're specified > in only. However, when writing a rule, it is wise to take into > consideration other rules that you have in the same ruleset. > > > I was under the impression that the Q and M switches were only applied to the > > rule/line in which they appeared... > > That's correct. Well, then I don't understand your first example: >For example, the following two rules: ># Try words as they are >: ># Lowercase every word >-c lQ > >might produce fewer duplicate candidate passwords than: > ># Try words as they are >: ># Lowercase every word >-c l > >would. That's because some input words are already all-lowercase, so >converting them to lowercase does not change them. The "Q" in the first >example would reject words that are unaffected by the conversion. >(Alternatively, words could have been checked for containing uppercase >letters prior to the conversion to lowercase.) Why do you include two lines here, if the Q does not cover more than one line? I understood it as lowercase words that are tried on the first rule ":" are not affected by the lowercase conversion in the second rule, which is why you included the Q in the second rule - to avoid the already tried lowercase words from the first rule to be "converted" by the second rule? > > So how does one decide in which rules to include a Q in order to avoid > > as many duplicates as possible > > You have to think and be smart. I'm afraid that I can't provide a better > answer. Even if I would come up with step-by-step instructions, those > would resemble an implementation of AI on top of your brain. I see.. guess I would have to pay you for that, ey? ;) > You appear to think that the only reason to not use Qs is to avoid the > processing costs associated with them. This is not the case. The > primary reason why John does not imply a Q after each rule is that doing > so would reject candidate passwords that are _not_ duplicates of any > others. Thus, Q should be used with care. Yes, I am beginning to see that now, was just curious as to how big an impact on speed they had- Please consider the below rules: >8'7 >7'7 >8'6 >7'6 >6'6 >7'5 >6'5 >5'5 If using the "wordlist" below, I have tried placing Q's and M's at the end on some of the rules, all of the rules, before and after the ', but I still can't avoid getting duplicate words as a results of the above rules and the below wordlist - please advice? <Wordlist> bananas bananasing Bananas Bananasinger Bananasingerer oranges orAnges orangesandapples Orangesandapples orangesandapplessuck I get the same 46 words as output wether I use Q (and M) or not.... So guess I missed something obvious here :( Regards -- To unsubscribe, e-mail john-users-unsubscribe@...ts.openwall.com and reply to the automated confirmation request that will be sent to you.
Powered by blists - more mailing lists
Powered by Openwall GNU/*/Linux - Powered by OpenVZ