Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 08 May 2015 23:56:48 +0100
From: Demian Smith <demian.smith@....de>
To: john-users@...ts.openwall.com
Subject: Re: Advise on best approach (truecrypt pw based on pdf
 file)

Hi Magnum, Hi Frank,

> Are you saying the password is made up from initial letters of a sentence? As in "To be or not to be, that's the question" -> "Tbontbttq". 

Exactly this, yes. Not the smartest approach in terms of "memorable",
but I did not think that I'd lose my HDD  in an unrecoverable state.

> Trying your sed magic, this seems to be the case. But did you use the first sentence on a page, or a random one? 

It had bee na random one - initially I thought I'd new the page (as it
had potentially been opened on a different machine which saved the page
last opened. None of the sentences there worked, which, in my layman’s
thoughts indicates it had been a different page or I made a typo...

> sed -re 's/[?!.:,;"]+ ?/\n/g' | sed -re 's/([A-Za-z])[A-Za-z]*[^A-Za-z]*/\1/g' | grep -E '^[A-Z]' 

This looks really nice - while I'm using cl every now and then, sed
magic like this is way over my head, so thank you very much!

> It's still flawed because it keeps the original linefeeds, breaking sentences.
> Could your txt verskion have line breaks in other places than the pdf
> version?

Looking over a couple of pages it seems as if pdftotext is doing a
decent enough job. But I have gone a different route there and have just
removed all of the linebreaks with
{ tr '\n' ' ' < mytext.txt; echo; } | sed '$s/ $//'
before doing the other sed magic. Partly because I might as well have
used only half a sentence (up to a , or an "and") . it had bee na
sentence which made grammatical sense...

So, after a bit of fine tuning - removing all linebreaks, keeping only
first letters of any words, removing whitespaces (simply in kate, to be
honest), converting . to linebreaks and removing all lines starting with
lowercase letters I had a hopefully decent txt file. This I fed into my
"adoption" of the Word List Cleaner and made a fake pot file out of it,
which I then used to create a chr.

Judging by the current status, it looks like it is doing a goodish job:
> 0g 23000p 0:00:09:18  0g/s 41.15p/s 82.31c/s 82.31C/s Tfneatwa..Tfneotps
> 0g 25868p 0:00:13:15  0g/s 32.50p/s 65.00c/s 65.00C/s Iceuaeog..Iceuabab


So it looks -to me - as if I am on the right track, mainly due to
--make-charset and incremental mode are doing a really great job there.

Thank you ever so much, lads, I really appreciate your help and thoughts
on this!
Now I'm just hoping that luck will be on my side and I'll recovery it
within reasonable time and before my cores are burning out ...

Thanks again,
Demian

 ★ On 15/05/08 10:39 p.m. Frank Dittrich wrote ★
> On 05/08/2015 07:47 PM, Demian Smith wrote:
>> I know a couple of facts, which hopefully make it feasible in the first
>> place:
>> - I have created the password from a random page of a random book¹
>> - First letter MUST be capital
>> - No numbers or diacritics,
>> - Likely only I as second capital letter
>> - No digits
>> - Probably 5 -12 chars (I imagine it to be around 8, but that's guessing)
> [...]
>> (¹ I have tried
>> cat INFILE | sed -re 's/[?!.:]/\n/g' | sed -re
>> 's/([A-Za-z])[A-Za-z]+[^A-Za-z]*/\1/g' > outfile
>> on a txt version of the pdf and using "outfile" as a wordlist - no luck)
> 
> Could your txt verskion have line breaks in other places than the pdf
> version?
> 
> Frank

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.