Date: Wed, 04 Jul 2007 00:23:30 +0200 From: "Frank Dittrich" <frank_dittrich@...mail.com> To: john-users@...ts.openwall.com Subject: Re: Incremental mode limited to 8 character words? Tom Earp wrote: >i've seen that post about the 16 digit generation....but it doesn't really >help. modifying the source for that application reduces the character set >from the full set of printable characters to just numbers, so increasing >the output length keeps it within the "64 bit limit" as described in the >source > >from the source.......... (params.h) > >/* >* Charset parameters. >* Be careful if you change these, ((SIZE ** LENGTH) * SCALE) should fit >* into 64 bits. You can reduce the SCALE if required. >*/ >#define CHARSET_MIN ' ' >#define CHARSET_MAX 0x7E >#define CHARSET_SIZE (CHARSET_MAX - CHARSET_MIN + 1) >#define CHARSET_LENGTH 8 >#define CHARSET_SCALE 0x100 > CHARSET_MIN is space (0x20 = 32) CHARSET_MAX is the '~' character (0x7E = 126). (at least for ASCII) So you have (126 – 32 + 1) = 95 different characters. For max. password length 8, you have (95**8), ca. 6.634e+15 combinations. CHARSET_SCALE is 0x100 = 256. I didn't study the source, but since CHARSET_MAX is < 128, you might get away with CHARSET_SCALE=128, or 0x80. (If possible, I would not set CHARSET_SCALE to a value which is not a power of 2, since I'd expect a performance impact otherwise.) 64bit means 2**64, which is about 1.845e+19. If you divide this value by (95**8), you get 2780.555... If you divide that by 256, you'll get a value less than 11, meaning the 9th position of your password candidate cannot use all 95 different values required, and an overflow will occur. Even if you use 0x80 as CHARSET_SCALE, you only have 21 characters left for the 9th position. So your only choice is reducing the charset size. May be you don't have all the 95 characters from ' ' to '~' in your john.pot file. Set CHARSET_MIN to the min. char, e.g. ' ', and CHARSET_MAX to the max. character, e.g. '~'. Set CHARSET_SCALE to 0x80. If you have not more than 80 different characters, you should be able to set CHARSET_LENGTH to 9. (80 ** 9) * 128 is about 1.172e+19, which is smaller than (2**64). For length 10, you can only use 51 different characters, and so on. When creating a new .chr file, john mentions the number of different characters used. >if i change charset_length to 16 and change nothing else, it compiles, but >then when i try to create a new .chr file i get the error "pow64of32() >overflow" >i have tried adjusting the charset_scale value to something lower, but it >had no effect and i still got the overflow error Yes, for length 16, you can probably use just 11 different characters. I don't now if you can reduce CHARSET_SCALE even more, a specially crafted john.pot file and an external mode. >if i implement an external mode in jtr, will it generate the words in a >simple brute-force way, or will it still do the business of creating better >combinations like it does with the incremental mode? It depends on the definition of your external mode, but that would be extremely hard to to. Why are you sure you need an incremental mode with password length > 8? If password length 9 is OK, you could combine the incremental mode (MinLength = MaxLength = 8) and an external mode which always appends the same character. (You could run one session which appends '1' to the passwords generated using incremental mode, another session which appends 2, ... Just check the frequency of last characters in your john.pot file for suitable candidates. >----- Original Message ----- From: "Frank Dittrich" Please don't top-post, and don't full-quote. (I know using hotmail doesn't produce reasonable mails either, but I try to avoid most of the usual problems caused by inappropriate MUAs, see http://learn.to/quote OK, a mailing list is not usenet, but I think that similar “rules” apply. Frank _________________________________________________________________ Express yourself instantly with MSN Messenger! Download today it's FREE! http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/ -- To unsubscribe, e-mail john-users-unsubscribe@...ts.openwall.com and reply to the automated confirmation request that will be sent to you.
Powered by blists - more mailing lists
Powered by Openwall GNU/*/Linux - Powered by OpenVZ