Date: Sat, 15 Sep 2007 13:28:35 +0200 From: Simon Marechal <simon@...quise.net> To: john-users@...ts.openwall.com Subject: Markov filter password generation I just "released" an experimental support for Markov filter password generation. This method has several advantages over the incremental mode: * more effective in my tests, although it might be a bias induced by the passwords files I'm cracking; * supports long passwords (more than 8 chars) * easy to distribute * could be used to compute the "Markov strength" of any password and display shiny graphics in audit reports :) Grab it at http://btb.banquise.net/bin/myjohn.tgz Usage: john -markov=level:start:end:maxlen Where: * level is the maximum markov strength of passwords to be cracked * start is the index of the first password to test (starts at 0) * end is the index of the last password to test (0 means last possible password) * maxlen is the maximum length of tested passwords In order to select a "level", you could use the new "genmkvpwd" in such a way: ./genmkvpwd stats 0 12 Where "stats" is the path to the "statfile" and 12 is the maximum password length, it will display lines like: lvl=148 (3576 Kb for nbparts) 1348 K possible passwords (1348930) lvl=149 (3600 Kb for nbparts) 1493 K possible passwords (1493186) This means that at level 149, 1493K passwords will be generated, and john will stop after that. You have to evaluate your cracking speed, multiply by the desired time and you got the numbers of passwords you can try. Just find the corresponding lvl. You can easily distribute the work using the "start" and "end" parameters. I need some feedback on this generator effectiveness, especially with non french passwords. If it turns out it works well, I will release a clean patch for JtR. Enjoy! -- To unsubscribe, e-mail john-users-unsubscribe@...ts.openwall.com and reply to the automated confirmation request that will be sent to you.
Powered by blists - more mailing lists
Powered by Openwall GNU/*/Linux - Powered by OpenVZ