Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sun, 28 Jan 2007 10:11:11 +0300
From: Solar Designer <>
Subject: Re:  how to find a password of 16 digits

On Wed, Jan 24, 2007 at 02:52:40AM +0000, Johnny wrote:
> C:\John>john-mmx -i:digits -stdout | [target program for further processing]
> I modified the john.ini this way:
> [Incremental:Digits]
> File = $JOHN/digits.chr
> MinLen = 16
> MaxLen = 16
> CharCount = 10
> The result was that it JTR is not able to genertate digits beyond 8 characters 
> in this mode. - Up to 8 characters worked fine.

Yes, "incremental" mode is limited to lengths up to 8 by default, at
compile time.

> But I am sure, that the password must have 16 digits, no doubt.

Do you know anything else about the password?  For example, is it a Visa
or MasterCard? ;-)

> -> Is it possible to change any setting(s) to bypass the 8 characters 
> restriction in incremental mode? - Where and how?

Yes, but you ought to be able to re-compile JtR from the source code.
If you're on Windows, then you need to download and install Cygwin:

Then you download the source code for JtR, e.g. john-1.7.2.tar.gz, and
extract and compile it from the bash shell as included in Cygwin with
the following commands:

	tar xvzf john-1.7.2.tar.gz
	cd john-1.7.2/src
	make clean win32-cygwin-x86-sse2

If the above has worked fine, you've tested your ability to re-compile
JtR, with no modifications yet.  Let's use this unmodified JtR to
extract some statistical info from the supplied digits.chr with the
following trick (still in bash):

	cd ../run
	./john -i=digits --stdout | sed 's/^/:/; 1000000q' > john.pot

This will save the first 1 million of candidate passwords (of length up
to 8) that -i=digits would normally try, as if these were actual cracked
passwords.  Now edit the src/params.h file - replace the following lines
(around line 200):

#define CHARSET_MIN			' '
#define CHARSET_MAX			0x7E
#define CHARSET_LENGTH			8


#define CHARSET_MIN			'0'
#define CHARSET_MAX			'9'
#define CHARSET_LENGTH			16

Then let's rebuild JtR with this modification:

	cd ../src
	make clean win32-cygwin-x86-sse2

And generate a new .chr file:

	cd ../run
	./john --make-charset=digits16.chr

The output should be:

Loaded 1000000 plaintexts
Generating charsets... 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 DONE
Generating cracking order... DONE
Successfully written charset file: digits16.chr (10 characters)

Now you can define a new "incremental" mode:

File = $JOHN/digits16.chr
MinLen = 16
MaxLen = 16
CharCount = 10

Note that this new digits16.chr will also work for lengths 0 to 15, if
you ever need that.  However, it will only work with this custom build
of JtR, and moreover this custom build of JtR will not be able to
process the old (supplied) .chr files anymore.

Finally, let's test it:

	./john -i=digits16 --stdout | head

If you've used JtR 1.7.2 and its supplied digits.chr as specified above,
this should produce:


Also, you can see what candidate passwords will be tried later on:

	./john -i=digits16 --stdout | head -1000000 | tail

This produces:


> -> If not, how can I generate my owen wordlist consisting of only digits and 
> of 16 characters? - A command line as an example would be nice.

Obviously, you don't want to be trying to save 170 or 180 petabytes of
data in a file.  Even if you would happen to have this much storage and
your operating system and filesystem would support files this large,
your system would likely fail before this process is complete in some 30
years (assuming a rate of 10 million candidate passwords per second).

You can, however, pipe the output of "./john -i=digits16 --stdout" into
your program, hoping that the right password will be tried sometime in
the first year due to the statistical information from the old digits.chr.
You can further improve your chances by providing JtR with more
information on your password (say, by means of applying an external
filter() at the time you generate the digits16.chr file).

> -> Could I modify the "-rules" option to make JTR generating 16 digits out of 
> a wordlist of only one! line of 16 digits? Im not sure how to use this option.

No, you'd need a different input wordlist for that (say, an empty one),
but the number of post-preprocessor rules would be too large for this to
work in practice.  JtR would spend ages verifying the syntax of those
rules before it starts to do anything.  The rules are not intended for
things like that.

Alexander Peslyak <solar at>
GPG key ID: 5B341F15  fp: B3FB 63F4 D7A3 BCCC 6F6E  FC55 A2FC 027C 5B34 1F15 - bringing security into open computing environments

Was I helpful?  Please give your feedback here:

To unsubscribe, e-mail and reply
to the automated confirmation request that will be sent to you.

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.