Date: Fri, 14 Aug 2015 23:07:41 +0200 From: Tonimir Kisasondi <kisasondi@...il.com> To: john-dev@...ts.openwall.com Subject: Metadata for wordlists Hello everyone, This is my first time posting here, so, hello everyone, I'm Tonimir and i am kinda interested in password cracking and research in the same area. :) I don't know if this is a right list for this discussion, but this is as close as it gets, so sorry if i'm offtopic, you are free to ignore this then, but you are the best/closest audience for this discussion. So, one of the things i like are default passwords and dictionaries for default passwords. Be it default passwords that are vendor pre-set or backdoors that are found by researchers, but sometime you want to have a large list, but select only passwords that are backdoors, or only those that work on HP servers. Also, sometimes you want to "annotate" wordlists for instance, selecting just the top 75% of the statistically occuring elements that are used in leaked password lists. Or only words that are "tech" related or only "french". Or do a reverse lookup: why did the password b4dg3r5 work from the default password list on this machine. You get the idea, the possibilities are endless, and this opens the avenue for more interesting password cracking attacks and methods. It's quite easy to do with something like JSON (or JSONgz), and it's easy to extract a wordlist from the annotated format and maintain a set of lists collaboratively via github or some other method and reduce redundancy in all projects. So, why am i writing this? 1) Do you think something like that is useful? What's your opinion on this? 2) Would you be interested in accepting a patch/toolchain to enable this functionality in john? The core would be unchanged, it's only a python script that helps you to manipulate annotated wordlists (awl) 3) Of course I'm experimenting with this functionality in python currently, but i would love to hear your opinion on the whole matter. If you think this is interesting, I'm more then willing to contribute the necessary code into jumbo. Sincerely, Tonimir Kisasondi
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.