Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 4 Jul 2007 15:00:01 +0400
From: Solar Designer <solar@...nwall.com>
To: john-users@...ts.openwall.com
Subject: Re: Incremental mode limited to 8 character words?

On Wed, Jul 04, 2007 at 12:23:30AM +0200, Frank Dittrich wrote:
> I didn't study the source, but since CHARSET_MAX is < 128,
> you might get away with CHARSET_SCALE=128, or 0x80.
> (If possible, I would not set  CHARSET_SCALE to a value which is
> not a power of 2, since I'd expect a performance impact otherwise.)

Actually, no, CHARSET_SCALE is not in any way connected with CHARSET_MAX
(except that we should avoid integer overflows) and almost arbitrary
values of CHARSET_SCALE are OK as long as it's at least 1 (since it's
used as a multiplier).  There's no performance impact from any of this;
CHARSET_SCALE is only used while .chr files are being generated and it
affects the precision of fixed-point operations.  Worse precision (lower
values of CHARSET_SCALE) means potentially less optimal order in which
the resulting .chr file will try candidate passwords.

Here are some working CHARSET_* settings:

For lengths up to 9: just increase CHARSET_LENGTH to 9.  No other
changes are needed (default CHARSET_SCALE of 0x100 is OK).  This is
because the requirement is actually a bit less strict than what the
comment says.  Those who want to find out what it really is can refer to
charset.c: charset_self_test(). ;-)

For lengths up to 10, we can use a range of 84 ASCII codes:

#define CHARSET_MIN			'\''
#define CHARSET_MAX			'z'
#define CHARSET_LENGTH			10
#define CHARSET_SCALE			9

For lengths up to 13, we can use either lowercase or uppercase letters:

#define CHARSET_MIN			'a'
#define CHARSET_MAX			'z'
#define CHARSET_LENGTH			13
#define CHARSET_SCALE			18

The above example is for lowercase letters.  I've actually tested it by
first generating a fake john.pot from all.lst:

	zcat all.gz | sed 's/^/:/' > john.pot

Then I generated a new .chr file with the patched build of JtR 1.7.2:

	./john --make-charset=alpha13.chr

This has taken under a minute (and around 80 MB of RAM) and the output was:

Loaded 2783610 plaintexts
Generating charsets... 1 2 3 4 5 6 7 8 9 10 11 12 13 DONE
Generating cracking order... DONE
Successfully written charset file: alpha13.chr (26 characters)

Then I added a new section to john.conf:

[Incremental:Alpha13]
File = $JOHN/alpha13.chr
MinLen = 0
MaxLen = 13
CharCount = 26

Finally, I've tested this new "incremental" mode:

	./john -i=alpha13 --stdout >&-

By pressing a key, I saw what candidate passwords it would be trying:

words: 1237066  time: 0:00:00:02  w/s: 618533  current: brimpaset
words: 1937544  time: 0:00:00:03  w/s: 645848  current: pangingatuur
words: 2654081  time: 0:00:00:04  w/s: 663520  current: sesslj
words: 4158186  time: 0:00:00:06  w/s: 693031  current: rozmarises
words: 6440073  time: 0:00:00:09  w/s: 715563  current: moretail
words: 9486464  time: 0:00:00:13  w/s: 729728  current: rivuletti
words: 11058620  time: 0:00:00:15  w/s: 737241  current: spichiserei
words: 12584642  time: 0:00:00:17  w/s: 740273  current: affenensker
words: 14092397  time: 0:00:00:19  w/s: 741705  current: podentuiset
words: 15634776  time: 0:00:00:21  w/s: 744513  current: kestllas
words: 17224298  time: 0:00:00:23  w/s: 748882  current: ammcgetu
words: 20371318  time: 0:00:00:27  w/s: 754493  current: bentykk

(This is on a fairly slow Pentium 3 system.)

> If password length 9 is OK, you could combine the incremental mode
> (MinLength = MaxLength = 8) and an external mode which always
> appends the same character.

This might actually be a reasonable thing to do.

Frank - thank you for helping address Tom's actual question while I
wasn't around.

-- 
Alexander Peslyak <solar at openwall.com>
GPG key ID: 5B341F15  fp: B3FB 63F4 D7A3 BCCC 6F6E  FC55 A2FC 027C 5B34 1F15
http://www.openwall.com - bringing security into open computing environments

-- 
To unsubscribe, e-mail john-users-unsubscribe@...ts.openwall.com and reply
to the automated confirmation request that will be sent to you.

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ