Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Mon, 17 Dec 2012 21:13:23 -0500
From: Rich Rumble <richrumble@...il.com>
To: john-users@...ts.openwall.com
Subject: Re: new user help with list vs. incremental modes

On Mon, Dec 17, 2012 at 1:54 PM, Raleigh Rinehart
<rrinehart@...-estech.com> wrote:
> My question is this:  how do I best configure JtR to run for a known
> password pattern?  For example, if I know ahead of time the password is
> going to be of the form 3-6 alpha-numerical characters followed by 3-8
> digits?  I've gone through the documents, mailing lists and other resources
> but am still confused on the best approach attack to this.
Incremental isn't as likely to be effective (quickly) unless you tuned
the chr files (custom chr file) to try passwords of this pattern or
type. There should be quicker ways of doing it, like the rules you've
tried are one way (but they will be prepended to all words in your
wordlist).
You can also try the external modes like Knownforce. ./john
passwords.txt -external=knownforce
The default knownforce external module is 4 alpha (all lower?) and 4
digits, I think it can be easily tweaked to your use case. (I've
included what I believe would do the job at the bottom)
> When I run that with:
>     ./john --format=raw-sha512-cuda --device=1 --session:foo
> --wordlist=digits_list.txt -rules:Foo crackme.txt
>  JtR just seems to do nothing.  I let it run for a couple of hours but it
> never seemed to do anything.
> Running the status command returns this:
>     ./john --status=foo
>     fopen: foo.rec: No such file or directory
It's a GPU on a MAC so I'm not sure how well tested that is
> I am guessing it is because the digits_list.txt is too big (~950meg) or the
> way I've tried setting up the mangling is too inefficient.
This could also be it...

In the KnownForce external this should do a 1-3 alpha numeric (upper
and lower + digits) and 1-7 digits after (because the length is 10 in
this example, increase to 11 to have 1-8 digits). This will be a
"dumb" search, aaa1, aaa2, aaa3 etc... and will take a lot of time
potentially. I'm not sure it would be faster this way than using the
rules you created on a one line wordlist file, and I've not tested the
code below, I think it's right.
<snip>


	length = 10;	// Password length to try

/* This defines the character sets for different character positions */
	pos = 0;
	while (pos < 3) {
		ofs = pos++ << 8;
		i = 0;
		c = '0';
		while (c <= '9')
			charset[ofs + i++] = c++;
		c = 'A';
		while (c <= 'Z')
			charset[ofs + i++] = c++;
		c = 'a';
		while (c <= 'z')
			charset[ofs + i++] = c++;
		charset[ofs + i] = 0;
	}
	while (pos < length) {
		ofs = pos++ << 8;
		i = 0;
		c = '0';
		while (c <= '9')
			charset[ofs + i++] = c++;
		charset[ofs + i] = 0;
	}

	last = length - 1;
	pos = -1;
	while (++pos <= last)
		word[pos] = charset[id[pos] = pos << 8];
	lastid = (lastofs = last << 8) - 1;
	word[pos] = 0;
}

void generate()

</snip>
-rich

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.