Date: Wed, 4 Jul 2007 15:00:01 +0400 From: Solar Designer <solar@...nwall.com> To: john-users@...ts.openwall.com Subject: Re: Incremental mode limited to 8 character words? On Wed, Jul 04, 2007 at 12:23:30AM +0200, Frank Dittrich wrote: > I didn't study the source, but since CHARSET_MAX is < 128, > you might get away with CHARSET_SCALE=128, or 0x80. > (If possible, I would not set CHARSET_SCALE to a value which is > not a power of 2, since I'd expect a performance impact otherwise.) Actually, no, CHARSET_SCALE is not in any way connected with CHARSET_MAX (except that we should avoid integer overflows) and almost arbitrary values of CHARSET_SCALE are OK as long as it's at least 1 (since it's used as a multiplier). There's no performance impact from any of this; CHARSET_SCALE is only used while .chr files are being generated and it affects the precision of fixed-point operations. Worse precision (lower values of CHARSET_SCALE) means potentially less optimal order in which the resulting .chr file will try candidate passwords. Here are some working CHARSET_* settings: For lengths up to 9: just increase CHARSET_LENGTH to 9. No other changes are needed (default CHARSET_SCALE of 0x100 is OK). This is because the requirement is actually a bit less strict than what the comment says. Those who want to find out what it really is can refer to charset.c: charset_self_test(). ;-) For lengths up to 10, we can use a range of 84 ASCII codes: #define CHARSET_MIN '\'' #define CHARSET_MAX 'z' #define CHARSET_LENGTH 10 #define CHARSET_SCALE 9 For lengths up to 13, we can use either lowercase or uppercase letters: #define CHARSET_MIN 'a' #define CHARSET_MAX 'z' #define CHARSET_LENGTH 13 #define CHARSET_SCALE 18 The above example is for lowercase letters. I've actually tested it by first generating a fake john.pot from all.lst: zcat all.gz | sed 's/^/:/' > john.pot Then I generated a new .chr file with the patched build of JtR 1.7.2: ./john --make-charset=alpha13.chr This has taken under a minute (and around 80 MB of RAM) and the output was: Loaded 2783610 plaintexts Generating charsets... 1 2 3 4 5 6 7 8 9 10 11 12 13 DONE Generating cracking order... DONE Successfully written charset file: alpha13.chr (26 characters) Then I added a new section to john.conf: [Incremental:Alpha13] File = $JOHN/alpha13.chr MinLen = 0 MaxLen = 13 CharCount = 26 Finally, I've tested this new "incremental" mode: ./john -i=alpha13 --stdout >&- By pressing a key, I saw what candidate passwords it would be trying: words: 1237066 time: 0:00:00:02 w/s: 618533 current: brimpaset words: 1937544 time: 0:00:00:03 w/s: 645848 current: pangingatuur words: 2654081 time: 0:00:00:04 w/s: 663520 current: sesslj words: 4158186 time: 0:00:00:06 w/s: 693031 current: rozmarises words: 6440073 time: 0:00:00:09 w/s: 715563 current: moretail words: 9486464 time: 0:00:00:13 w/s: 729728 current: rivuletti words: 11058620 time: 0:00:00:15 w/s: 737241 current: spichiserei words: 12584642 time: 0:00:00:17 w/s: 740273 current: affenensker words: 14092397 time: 0:00:00:19 w/s: 741705 current: podentuiset words: 15634776 time: 0:00:00:21 w/s: 744513 current: kestllas words: 17224298 time: 0:00:00:23 w/s: 748882 current: ammcgetu words: 20371318 time: 0:00:00:27 w/s: 754493 current: bentykk (This is on a fairly slow Pentium 3 system.) > If password length 9 is OK, you could combine the incremental mode > (MinLength = MaxLength = 8) and an external mode which always > appends the same character. This might actually be a reasonable thing to do. Frank - thank you for helping address Tom's actual question while I wasn't around. -- Alexander Peslyak <solar at openwall.com> GPG key ID: 5B341F15 fp: B3FB 63F4 D7A3 BCCC 6F6E FC55 A2FC 027C 5B34 1F15 http://www.openwall.com - bringing security into open computing environments -- To unsubscribe, e-mail john-users-unsubscribe@...ts.openwall.com and reply to the automated confirmation request that will be sent to you.
Powered by blists - more mailing lists
Powered by Openwall GNU/*/Linux - Powered by OpenVZ