Openwall GNU/*/Linux 3.0 - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date: Tue, 16 Nov 2010 15:22:56 -0600
From: Eric <eric.h.security@...il.com>
To: john-users@...ts.openwall.com
Subject: Cracking a known password shape

I use JtR often for basic cracking of NTLM, MD5, Cisco, PIX, etc and I
have going through modifying the rulesets and I have a number of great
dictionaries.  I use the incremental modes for shorter passwords, as
well.

However, in this case, I have a password.  I know a few characters in
it. It begins with an 'L' (or 'l') and the second letter is a 'o' or
'0'.  The fifth letter is likely a '-' or '_'.  The 8th character is
probably 'n' or 'N' and I need to brute-force the remaining 4-5
characters.

I cannot figure out the best method to do this. I've spent half the
day looking through archives and how-tos, but most focus on the very
basics of JtR usage.  I presume some sort of external function might
suffice, but I'm not familiar with how those are executed.  Before I
set out trying to learn the whole external filter functionality, can
anyone offer suggestions on how to attack a password that is partially
known.

I know I can brute-force a 5 character password in a reasonable amount
of time, but how to specify known characters within that?

Thanks!

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux - Powered by OpenVZ