Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 30 Jun 2006 06:54:15 +0000 (UTC)
From:  Phantom <phantom_otw@...oo.com>
To: john-users@...ts.openwall.com
Subject:  Re: rules - Q vs M and their effects on speed?

> It would help if you learn to quote relevant bits of context. 

I usually do that, but in this case I thought that you would be able to easily 
understand what I was referring to :)
 
> > it does make a difference in which order rules are entered in the
> > conf/ini file
> 
> Yes - because you want rules that happen to produce a higher success
> rate tried first - but this has nothing to do with the M and Q commands.

Ok, so basically that is because the sooner a password is cracked, the better
because then the follwing rules won't waste energy on the same hashes?

 
> > when the rules have a possibility "creating" duplicate candidate words.
> 
> That is irrelevant to the ordering of rules - but it is a reason to use
> the M and Q commands as appropriate.
> 
> > That way the Q can "cover" more than one rule/line?
> 
> All rule commands, including Q, are a part of the rule they're specified
> in only.  However, when writing a rule, it is wise to take into
> consideration other rules that you have in the same ruleset.
> 
> > I was under the impression that the Q and M switches were only applied to the
> > rule/line in which they appeared...
> 
> That's correct.

Well, then I don't understand your first example:

>For example, the following two rules:

># Try words as they are
>:
># Lowercase every word
>-c lQ
>
>might produce fewer duplicate candidate passwords than:
>
># Try words as they are
>:
># Lowercase every word
>-c l
>
>would.  That's because some input words are already all-lowercase, so
>converting them to lowercase does not change them.  The "Q" in the first
>example would reject words that are unaffected by the conversion.
>(Alternatively, words could have been checked for containing uppercase
>letters prior to the conversion to lowercase.)

Why do you include two lines here, if the Q does not cover more than one line?
I understood it as lowercase words that are tried on the first rule ":" are not
affected by the lowercase conversion in the second rule, which is why you
included the Q in the second rule -  to avoid the already tried lowercase 
words from the first rule to be "converted" by the second rule?

> > So how does one decide in which rules to include a Q in order to avoid 
> > as many duplicates as possible
> 
> You have to think and be smart.  I'm afraid that I can't provide a better
> answer.  Even if I would come up with step-by-step instructions, those
> would resemble an implementation of AI on top of your brain. 

I see.. guess I would have to pay you for that, ey? ;)


> You appear to think that the only reason to not use Qs is to avoid the
> processing costs associated with them.  This is not the case.  The
> primary reason why John does not imply a Q after each rule is that doing
> so would reject candidate passwords that are _not_ duplicates of any
> others.  Thus, Q should be used with care.

Yes, I am beginning to see that now, was just curious as to how big an impact
on speed they had- 


Please consider the below rules:

>8'7
>7'7
>8'6
>7'6
>6'6
>7'5
>6'5
>5'5

If using the "wordlist" below, I have tried placing Q's and M's at the end on
some of the rules, all of the rules, before and after the ', but I still
can't avoid getting duplicate words as a results of the above rules and the 
below wordlist - please advice?

<Wordlist>
bananas
bananasing
Bananas
Bananasinger
Bananasingerer
oranges
orAnges
orangesandapples
Orangesandapples
orangesandapplessuck

I get the same 46 words as output wether I use Q (and M) or not....
So guess I missed something obvious here :(


Regards


-- 
To unsubscribe, e-mail john-users-unsubscribe@...ts.openwall.com and reply
to the automated confirmation request that will be sent to you.

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ