Products Openwall GNU/*/Linux   server OS John the Ripper   password cracker Free & Open Source for any platform Pro for Linux (RPM package) Pro for Mac OS X (dmg package) Wordlists   for password cracking passwdqc   policy enforcement phpass   password hashing in PHP crypt_blowfish   ditto in C/C++ tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login Services Publications Articles Presentations Community Mailing lists Community wiki Donations Resources Source code repository (CVSweb) File archive & mirrors How to verify digital signatures Password recovery resources Recommended books What's new

Date: Wed, 3 Jan 2007 19:53:51 +0100
From: websiteaccess <websiteaccess@...il.com>
To: john-users@...ts.openwall.com
Subject: Incremental mode VS specific rules mode

Hi,

 This is the question of the day. What is more efficient: Incremental 
alpha mode (-i:alpha) or -rules for cracking large amount of HASHED ?


 ------ GOOD/BAD for incremental mode -----
 GOOD : incremental mode crack really fastly little words (with 6, 7 
characters)
 GOOD : no writing of boring rules
 BAD: incremental test all possibility ! Even with a to z, it can take 
really long time (especially for passwords with more than 10 characters)

------ GOOD/BAD for rules mode -----
GOOD : the rules are powerfull.
GOOD : with rules we can test only highly probably possible passwords 
(with
             some variations).
GOOD : can test passwords more than 8 letters
BAD : we have to write rules :( sometimes really boring.


 In this project I test my own new rules based on statistics frequencies
letters (each language has his own frequency).

 I do test with raw-md5 hashes (allow passwords with more than 8 
letters).

 NOTE: JTR with incremental is not able (with the basic JTR) cracking 
words longer than 8 letters, with my rules there is no limit (12 or 13 
letters seems already strong  password).

 My rules are specific for french passwords. I will do others rules for 
others language if needed.
 Of course, my actual rules can crack non-french words, but, there are 
more powerfull with french words.

 I have tested in first -i:alpha with a 2128 hashes, then the same 
hashes with my rules.

 In 2128 hashes, may be (and surely) there is a lot of passwords 
composed with (only may be) digits. These hashes will not be volontary 
cracked.
 I only test my rules contains only alpha (a to z), and incremental 
mode (-i:alpha) will use only a to z (not A-Z or/and 0-9). In this way, 
we can compare the same jobs.

 My project was do rules for crack maximum hashes in a minimum time.


 I give you some results, let's compare :


                                   p a s s w o r d s  f o u n d w i t h
     length words      •    MODE -i:alph   •   mode -rules
------------------------------------------------
         12                  •           0(*)           •	 0
         11                  •           0(*)           •	 1
         10                  •           0(*)           •	10
          9                   •           0(*)           •	34
          8                   •          82              •       135
          7                   •         166             •       173
          6                   •         392             •       341
          5                   •          64              •	61
          4                   •          49              •	47
	3                   •           8               •	 0(**)	
------------------------------------------------
			•	 761		•	802
------------------------------------------------
	time		•         12 h 06	 •      9 h 02
        elapsed		•     (still cracking)   • (100% done)
------------------------------------------------

(*) incremental mode, can't crack passwords with more 8 letters
(**) rules are not configured for cracking words less 4 letters.

 Finally, it seems rules crack more passwords in less time.

 "Rules mode" has cracked 45 words with more 8 letters (hardest
 to crack) in less time than incremental mode (- 3h04mn)

 Hope this test can be usefull for someone.

 -- Websiteacces --
 

-- 
To unsubscribe, e-mail john-users-unsubscribe@...ts.openwall.com and reply
to the automated confirmation request that will be sent to you.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux - Powered by OpenVZ