Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Sun, 6 Aug 2006 23:40:27 +0400
From: Solar Designer <>
Subject: Re: More problems with rules and Charset for french language

On Sun, Aug 06, 2006 at 05:33:08AM -0000, madfran wrote:
> When I use your proposal I never see the french characters

Since it takes less than a second for John to complete an exhaustive
search for those two unknown character positions, you might not be able
to notice what characters it actually tries.

If you want to make sure that it tries all of the desired characters,
you may run it as follows:

	john --external=STRxxOR --stdout > tries.lst

Then browse the file tries.lst (e.g., in a text editor such as Notepad
if you're on Windows) and search it for your desired French characters.
You should find all of them.

> and john are not able to find the right password.

Chances are that you're wrong in your assumptions about the password.

Commenting on your previous attempt, I wrote:

> >3. You did not mention how you generated the french.chr, so I am not
> >sure if it's correct.  You do remember that the default compile-time
> >configuration for John (in params.h) limits the "incremental" mode to
> >printable US-ASCII characters only, right?
> I think the real problem is the default compile-time in US-ASCII characters.

Indeed, it was one of the problems with your previous attempt.  But it
is irrelevant to the approach I had suggested that you use instead.
With that, you do not use "incremental" mode at all.  So you also do not
need a french.chr.

> To generate the french.chr I put in john.pot the french character like,
> :Â
> :Á 
> :À
> :Ç
> :É
> :Ê
> :È
> .
> .
> .
> and then I launch the generation,
> john --make-charset=french.chr

The above would be correct if you patch params.h to allow for other than
US-ASCII characters with "incremental" mode.  But you really do not need
to do any of this to crack just two unknown characters.

> but then I never see this characters when john try to gues.


> I think john always translate the 8bits code in US-ASCII characters and destroy
> the information introduced in john.pot

No, that's not exactly how it works, but this is irrelevant anyway.

Please just confirm that the external mode works as intended.  Once you
do, and if you're still unable to crack your password, you would know
that your assumptions about the password were wrong.

Alexander Peslyak <solar at>
GPG key ID: B35D3598  fp: 6429 0D7E F130 C13E C929  6447 73C3 A290 B35D 3598 - bringing security into open computing environments

To unsubscribe, e-mail and reply
to the automated confirmation request that will be sent to you.

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.