Products Openwall GNU/*/Linux   server OS John the Ripper   password cracker Free & Open Source for any platform Pro for Linux (RPM package) Pro for Mac OS X (dmg package) Wordlists   for password cracking passwdqc   policy enforcement phpass   password hashing in PHP crypt_blowfish   ditto in C/C++ tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login Services Publications Articles Presentations Community Mailing lists Community wiki Donations Resources Source code repository (CVSweb) File archive & mirrors How to verify digital signatures Password recovery resources Recommended books What's new

Date: Wed, 4 Jul 2007 15:00:01 +0400
From: Solar Designer <solar@...nwall.com>
To: john-users@...ts.openwall.com
Subject: Re: Incremental mode limited to 8 character words?

On Wed, Jul 04, 2007 at 12:23:30AM +0200, Frank Dittrich wrote:
> I didn't study the source, but since CHARSET_MAX is < 128,
> you might get away with CHARSET_SCALE=128, or 0x80.
> (If possible, I would not set  CHARSET_SCALE to a value which is
> not a power of 2, since I'd expect a performance impact otherwise.)

Actually, no, CHARSET_SCALE is not in any way connected with CHARSET_MAX
(except that we should avoid integer overflows) and almost arbitrary
values of CHARSET_SCALE are OK as long as it's at least 1 (since it's
used as a multiplier).  There's no performance impact from any of this;
CHARSET_SCALE is only used while .chr files are being generated and it
affects the precision of fixed-point operations.  Worse precision (lower
values of CHARSET_SCALE) means potentially less optimal order in which
the resulting .chr file will try candidate passwords.

Here are some working CHARSET_* settings:

For lengths up to 9: just increase CHARSET_LENGTH to 9.  No other
changes are needed (default CHARSET_SCALE of 0x100 is OK).  This is
because the requirement is actually a bit less strict than what the
comment says.  Those who want to find out what it really is can refer to
charset.c: charset_self_test(). ;-)

For lengths up to 10, we can use a range of 84 ASCII codes:

#define CHARSET_MIN			'\''
#define CHARSET_MAX			'z'
#define CHARSET_LENGTH			10
#define CHARSET_SCALE			9

For lengths up to 13, we can use either lowercase or uppercase letters:

#define CHARSET_MIN			'a'
#define CHARSET_MAX			'z'
#define CHARSET_LENGTH			13
#define CHARSET_SCALE			18

The above example is for lowercase letters.  I've actually tested it by
first generating a fake john.pot from all.lst:

	zcat all.gz | sed 's/^/:/' > john.pot

Then I generated a new .chr file with the patched build of JtR 1.7.2:

	./john --make-charset=alpha13.chr

This has taken under a minute (and around 80 MB of RAM) and the output was:

Loaded 2783610 plaintexts
Generating charsets... 1 2 3 4 5 6 7 8 9 10 11 12 13 DONE
Generating cracking order... DONE
Successfully written charset file: alpha13.chr (26 characters)

Then I added a new section to john.conf:

[Incremental:Alpha13]
File = $JOHN/alpha13.chr
MinLen = 0
MaxLen = 13
CharCount = 26

Finally, I've tested this new "incremental" mode:

	./john -i=alpha13 --stdout >&-

By pressing a key, I saw what candidate passwords it would be trying:

words: 1237066  time: 0:00:00:02  w/s: 618533  current: brimpaset
words: 1937544  time: 0:00:00:03  w/s: 645848  current: pangingatuur
words: 2654081  time: 0:00:00:04  w/s: 663520  current: sesslj
words: 4158186  time: 0:00:00:06  w/s: 693031  current: rozmarises
words: 6440073  time: 0:00:00:09  w/s: 715563  current: moretail
words: 9486464  time: 0:00:00:13  w/s: 729728  current: rivuletti
words: 11058620  time: 0:00:00:15  w/s: 737241  current: spichiserei
words: 12584642  time: 0:00:00:17  w/s: 740273  current: affenensker
words: 14092397  time: 0:00:00:19  w/s: 741705  current: podentuiset
words: 15634776  time: 0:00:00:21  w/s: 744513  current: kestllas
words: 17224298  time: 0:00:00:23  w/s: 748882  current: ammcgetu
words: 20371318  time: 0:00:00:27  w/s: 754493  current: bentykk

(This is on a fairly slow Pentium 3 system.)

> If password length 9 is OK, you could combine the incremental mode
> (MinLength = MaxLength = 8) and an external mode which always
> appends the same character.

This might actually be a reasonable thing to do.

Frank - thank you for helping address Tom's actual question while I
wasn't around.

-- 
Alexander Peslyak <solar at openwall.com>
GPG key ID: 5B341F15  fp: B3FB 63F4 D7A3 BCCC 6F6E  FC55 A2FC 027C 5B34 1F15
http://www.openwall.com - bringing security into open computing environments

-- 
To unsubscribe, e-mail john-users-unsubscribe@...ts.openwall.com and reply
to the automated confirmation request that will be sent to you.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux - Powered by OpenVZ