Date: Wed, 13 Dec 2006 21:30:26 +0300 From: Solar Designer <solar@...nwall.com> To: john-users@...ts.openwall.com Subject: Re: wordlist generator This is somewhat off-topic, however one thing that I'd like to have documented in here is that John the Ripper can in fact be used as a "wordlist generator". The --stdout option makes JtR output the candidate passwords that it would be trying, and you can redirect the output to a file or pipe it into another program. On Wed, Dec 13, 2006 at 10:37:09AM -0500, RV Tec wrote: > I've lost a password of a proprietary software. If you have a copy of this program, then you can likely either extract the password from it (if the password is stored in plaintext or in a reversible form) or patch it to bypass the check. However, these actions might violate your license terms for the program. > Actually, it's a passphrase, and I'm only missing the case combination. ... > I've already put up a shell script to brute force this mentioned software, > but I need to assemble a wordlist. The problem is that I havent found a > way of building a wordlist with all the case combination from a > passphrase. You do not need these combinations stored in a "wordlist" file. You merely implement a trivial script (e.g., in Perl) that both generates candidate passwords and tries them against your program. > Does anynone have any clues on how I can proceed? Does anyone know a > software (UNIX or Windows, whatever) that makes this possible? Perl is that software. John the Ripper with its --stdout option is also that software (for your specific task, either external or wordlist mode can be used, although doing it all in Perl is likely easier given that you'd need another script anyway). > Since the passphrase contains only 35 chars, to build a file with all > combinations possible, performance wont be problem. If I understood you correctly, the file would occupy over 1.2 TB of disk space (perhaps on a RAID array). (The file may be smaller if some character positions contain non-letters - e.g., spaces or digits - and the "wordlist generator" is smart enough to take advantage of that.) Also, you might run into issues with (lack of) large file support with some software if you're on a 32-bit system. Are you sure you want that? There is no need to have those candidate passphrases stored in a file, as I have mentioned above. Also, for producing all possible case permutations in a passphrase that is 35 characters long, JtR's wordlist mode might not work well. For a much shorter passphrase, I would suggest the use of something like this example from the default john.conf: # Case toggler for cracking MD4-based NTLM hashes (with the contributed # patch), given already cracked DES-based LM hashes. # Rename this section to [List.Rules:Wordlist] to activate it. [List.Rules:NT] l lMT[*0]T[*1]T[*2]T[*3]T[*4]T[*5]T[*6]T[*7]T[*8]T[*9]T[*A]T[*B]T[*C]T[*D]Q This one is for up to 14 characters. However, for longer passphrases this approach doesn't work well as JtR will attempt to validate the syntax of all preprocessor-expanded rules and that will be taking a long time (in your case, there will be over 34 million of such rules). Also, RULE_RANGES_MAX in src/params.h would need to be increased (it defaults to 16 for JtR 1.7). -- Alexander Peslyak <solar at openwall.com> GPG key ID: 5B341F15 fp: B3FB 63F4 D7A3 BCCC 6F6E FC55 A2FC 027C 5B34 1F15 http://www.openwall.com - bringing security into open computing environments Was I helpful? Please give your feedback here: http://rate.affero.net/solar -- To unsubscribe, e-mail john-users-unsubscribe@...ts.openwall.com and reply to the automated confirmation request that will be sent to you.
Powered by blists - more mailing lists
Powered by Openwall GNU/*/Linux - Powered by OpenVZ