Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Tue, 28 May 2013 11:31:04 -0400
From: Matt Weir <cweir@...edu>
To: "john-users@...ts.openwall.com" <john-users@...ts.openwall.com>
Subject: Re: Help with uppercase rule

I know you only had questions about a couple parts of the rule, but to help
everyone else out I'm just going to break down the entire the rule part by
part, (explanations separated by a ':')

-c : Reject rule if the hashtype is case insensitive, (for example LanMAN.
No sense having an uppercase rule if everything is going to be
automatically uppercased anyway)
>2 : Only try words greater than two characters long
!?X :Reject the rule if it contains a non-alpha numeric character. Aka
not [a-zA-Z0-9].
This is a tricky rule as ! is for reject, and ?x is for alpha numeric
character, so capitalizing the 'X', aka ?X matches everything not alpha
numeric.
u: converts the word to uppercase
Q: query memory to see if the rule has changed the word. Reject it if
nothing has changed. Aka no sense making a guess if the word is '123456',
or 'ABCD' since you will have already tried them with the ':' default rule
M: Memorize the newly mangled word. This is where things get really
complicated. Long story short, we want to reject all guesses that would be
created by a simple capitalize rule since that would create duplicate
guesses when we called the capitalize rule. So the rest of the checks are
to remove those duplicates. Aka reject the word 'a12345' when it is
uppercased to 'A12345'.
c: capitalize the mangled guess. So 'PASSWORD' is changed to 'Password'.
Note, it will only change if any letter but the first letter is capitalized.
Q: Reject the guess unless it has changed. Aka only accept it if there were
letters to capitalize that were not the first character
u: Finally uppercase the word to reverse the capitalization we did earlier
to detect duplicate guesses

Matt


On Tue, May 28, 2013 at 10:57 AM, Rafael Veras <rafaveguim@...il.com> wrote:

> After reading the documentation, I'm still left with some questions about
> the following rule:
>
> # Uppercase pure alphanumeric words
> -c >2 !?X u Q M c Q u
>
> 1. What does !?X mean?
>
> 2. Why c (capitalize) is called after uppercase (u)? I thought capitalize
> wouldn't have any effect after uppercase.
>
> 3. Why is uppercase called once again in the end?
>
> I guess I am missing something about the Q and M commands that occur in
> between.
>
> Thanks,
>
>
> --
>
> *Rafael Veras*
>
>
>

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.