Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 24 Jan 2008 19:29:34 +0300
From: Solar Designer <solar@...nwall.com>
To: john-users@...ts.openwall.com
Subject: Re:  question about charsets

On Thu, Jan 24, 2008 at 01:38:58PM +0000, helleye wrote:
> from what i know it build tables that rank which char should appear next
> according the last 2 chars that already in the word
> 
> wonder if it also consider the place on the word

Yes, it does - as well as "word" length.

> for example
> abcabd 
> for ab it will count c and d ,one time in the same ranking (ab c1d1)
> 
> or split to
> 0.ab c1 
> 3.ab d1

The latter.

However, in case there's insufficient information available for a given
combination of {length, position, two preceding characters}, there are
fallbacks.  These are implemented with calls to expand() in inc.c:
inc_new_count(), as well as assignments to (*chars)[CHARSET_SIZE] in
charset.c: charset_generate_chars().

> if solar can elaborate please on how exactly it work , and maybe you have 
> ideas on how to improve , i might try to build one

Well, a possible improvement would be to use information from other
lengths before falling back to allchars, but after all other fallbacks
(for the proper length).

Also, here's some advice on how to test a potential improvement:

It is important that you use distinct sets of passwords for generating
your .chr file and for testing "incremental mode" or its replacement.

It is trivial to "improve" things in such a way that "incremental mode"
would work much better against the same set of passwords that were used
for generating the .chr file - but this is of no practical value.  At
the same time, such "improvement" is likely to make things worse under
real-world conditions (when you don't have a chance to base your .chr
files right on your target passwords).

Good luck, and do read the source code. ;-)

-- 
Alexander Peslyak <solar at openwall.com>
GPG key ID: 5B341F15  fp: B3FB 63F4 D7A3 BCCC 6F6E  FC55 A2FC 027C 5B34 1F15
http://www.openwall.com - bringing security into open computing environments

-- 
To unsubscribe, e-mail john-users-unsubscribe@...ts.openwall.com and reply
to the automated confirmation request that will be sent to you.

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.