Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 9 Sep 2013 14:40:35 -0400
From: Rich Rumble <>
Subject: Re: Sayantan's Weekly Report #13

On Mon, Sep 9, 2013 at 1:21 PM, magnum <> wrote:

> Just thinking out loud here: How much is the gain from consecutive ranges?
> I believe HashCat does in fact not use consecutive ranges even for eg. ?l
> but instead sort them after some kind of probability order. This would be
> even more useful with ?a which should probably start with some lower-case
> letter and end with "~" or some other less used character. I have noticed
> that when you use a large mask like ?a?a?a?a?a?a it takes quite a while
> before first crack because the "msb" part starts with seldom used specials.
Couldn't  ?a?a?a?a?a?a = incremental 6 (all.chr)
maybe ?u?l?l?l = inc_1(alpha_upper) + inc_3(alpha_lower)
 or would it just make more sense that ?u?l?l?l is actually
inc_4(alpha_lower) with just the first char capitalized (C)

It could just be me not understanding, and Mask mode is a totally different
animal than Incremental/trigraphs. With the recent work that's been done,
are there better ways to guess weak passwords? Would "n-grams" work in
place of ?a?a?a?a?a?a (6-"grams") work there as well as inc-6-all, or
markov-6-all? I can't code anything and math isn't a subject I'm gooder in,
so that's your guys show, I'm just always curious :) Devils advocate
signing off.

Content of type "text/html" skipped

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.