Openwall Project   /home  Owl  JtR  Pro  crypt  pam_passwdqc  tcb  phpass  scanlogd  popa3d  msulogin  /  Linux  BIND  /  advisories  presentations  /  services  donations  /  wordlists  passwords  /  NEWS  community  lists  Wiki  CVSweb  mirrors  signatures
bringing security into open environments
 
Password Recovery Resources on the Net
[<prev] [next>] [thread-next>] [month] [year] [list] 
Date: Wed, 3 Jan 2007 19:53:51 +0100
From: websiteaccess <websiteaccess@...il.com>
To: john-users@...ts.openwall.com
Subject: Incremental mode VS specific rules mode

Hi,

 This is the question of the day. What is more efficient: Incremental 
alpha mode (-i:alpha) or -rules for cracking large amount of HASHED ?


 ------ GOOD/BAD for incremental mode -----
 GOOD : incremental mode crack really fastly little words (with 6, 7 
characters)
 GOOD : no writing of boring rules
 BAD: incremental test all possibility ! Even with a to z, it can take 
really long time (especially for passwords with more than 10 characters)

------ GOOD/BAD for rules mode -----
GOOD : the rules are powerfull.
GOOD : with rules we can test only highly probably possible passwords 
(with
             some variations).
GOOD : can test passwords more than 8 letters
BAD : we have to write rules :( sometimes really boring.


 In this project I test my own new rules based on statistics frequencies
letters (each language has his own frequency).

 I do test with raw-md5 hashes (allow passwords with more than 8 
letters).

 NOTE: JTR with incremental is not able (with the basic JTR) cracking 
words longer than 8 letters, with my rules there is no limit (12 or 13 
letters seems already strong  password).

 My rules are specific for french passwords. I will do others rules for 
others language if needed.
 Of course, my actual rules can crack non-french words, but, there are 
more powerfull with french words.

 I have tested in first -i:alpha with a 2128 hashes, then the same 
hashes with my rules.

 In 2128 hashes, may be (and surely) there is a lot of passwords 
composed with (only may be) digits. These hashes will not be volontary 
cracked.
 I only test my rules contains only alpha (a to z), and incremental 
mode (-i:alpha) will use only a to z (not A-Z or/and 0-9). In this way, 
we can compare the same jobs.

 My project was do rules for crack maximum hashes in a minimum time.


 I give you some results, let's compare :


                                   p a s s w o r d s  f o u n d w i t h
     length words      .    MODE -i:alph   .   mode -rules
------------------------------------------------
         12                  .           0(*)           .	 0
         11                  .           0(*)           .	 1
         10                  .           0(*)           .	10
          9                   .           0(*)           .	34
          8                   .          82              .       135
          7                   .         166             .       173
          6                   .         392             .       341
          5                   .          64              .	61
          4                   .          49              .	47
	3                   .           8               .	 0(**)	
------------------------------------------------
			.	 761		.	802
------------------------------------------------
	time		.         12 h 06	 .      9 h 02
        elapsed		.     (still cracking)   . (100% done)
------------------------------------------------

(*) incremental mode, can't crack passwords with more 8 letters
(**) rules are not configured for cracking words less 4 letters.

 Finally, it seems rules crack more passwords in less time.

 "Rules mode" has cracked 45 words with more 8 letters (hardest
 to crack) in less time than incremental mode (- 3h04mn)

 Hope this test can be usefull for someone.

 -- Websiteacces --
 

-- 
To unsubscribe, e-mail john-users-unsubscribe@...ts.openwall.com and reply
to the automated confirmation request that will be sent to you.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ