Products Openwall GNU/*/Linux   server OS John the Ripper   password cracker Free & Open Source for any platform Pro for Linux (RPM package) Pro for Mac OS X (dmg package) Wordlists   for password cracking passwdqc   policy enforcement phpass   password hashing in PHP crypt_blowfish   ditto in C/C++ tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login Services Publications Articles Presentations Community Mailing lists Community wiki Donations Resources Source code repository (CVSweb) File archive & mirrors How to verify digital signatures Password recovery resources Recommended books What's new

Date: Mon, 08 Aug 2011 12:15:08 +0200
From: magnum <rawsmooth@...dband.net>
To: john-users@...ts.openwall.com
Subject: Unicode DumbForce

I just uploaded 
"0004-Dumb16-UCS-2-and-Dumb32-Unicode-external-modes-added.patch" to the 
wiki, that adds two external modes to john.conf:

* Dumb16 tries all allocated codepoints in the UCS-2 part of Unicode 6.0 
(there are 15801 of them) and outputs them as UTF-8.

* Dumb32 tries all allocated codepoints in Unicode 6.0 (there are 23296 
of them) and outputs them as UTF-8. Note that our current NT and mscash1 
formats only supports UCS-2 so using Dumb32 against them is just a waste.

For Unicode formats (like NT), use with -enc=utf8 (or just -utf8 for 
John versions from 1.7.7 Jumbo-5 and prior to 1.7.8 Jumbo-5). For 8-bit 
formats (hashes actually made from UTF-8) you don't need such options 
and in this case you can use these modes with much older versions of JtR.

These are meant for narrowing in on a codepage for Unicode hashes, or 
for experimenting/debugging or just understanding how mindbogglingly 
huge the Unicode space is when brute forcing: For example, using Dumb16 
we can exhaust 3 characters for NT in a couple of weeks, but a 4th 
character would take 500 years. Using Dumb32 it would be thousands of 
years. The external engine becomes a bottleneck when attacking very fast 
hashes, NT speed (using -enc=utf8) decreases from ~21000K to just ~3500K 
for me when running dumb16.

But if you're lucky you'll crack a very short password and this might 
help in choosing wordlists and encodings for further, non-dumb cracking. 
Another option, of course, is to comment out parts of the character 
definitions for attacking a certain part of the space.

The mode definitions are long. Like already discussed, we need some sort 
of #include for john.conf.

magnum

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux - Powered by OpenVZ