Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sat, 14 Apr 2012 00:29:43 +0200
From: magnum <john.magnum@...hmail.com>
To: john-users@...ts.openwall.com
Subject: Re: .chr files (Was: automation equipped working place
 of hash cracker, proposal)

On 04/13/2012 08:51 PM, Frank Dittrich wrote:
> After thinking about it again, this might be at least similar to the
> point magnum made:
> If you do have a bias in the passwords which serve as input for
> generating a .chr file, using this .chr file for incremental mode will
> increase that bias. If this bias doesn't exist in the passwords which
> are still uncracked, you'll have generated a less than optimal .chr file.
> 
> For the same reason, you might want to reduce the impact frequently used
> passwords will have on your .chr file.
> E.g., if you crack DES password hashes, and you have 4096 different
> hashes for "password" on your .pot file, 8 character passwords starting
> with "p" will be over-represented in the password candidates tried
> first, and so on.

Interesting. I have had the idea you should use unfiltered john.pot for
making the chr files. But maybe this is just a bad idea in general, for
the very reason you give here.

magnum

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.