Date: Sat, 26 Jan 2008 06:13:50 +0300 From: Solar Designer <solar@...nwall.com> To: john-users@...ts.openwall.com Subject: Re: custom character set Adam - I've approved your posting this time, although the quoting is somewhat excessive and confusing... please try to do it better next time you post. On Fri, Jan 25, 2008 at 09:24:25PM -0500, Adam Turk wrote: > The hash is ntlm. I don't have a LM version of the password as I disabled LM hashes. This is fine. However, please note that the official JtR lacks support for NTLM hashes - they're only supported with contributed patches (such as the jumbo patch), or with some unofficial builds. Also, please note that "incremental" mode is limited to lengths up to 8 by default, at compile time. > What I did was create a user called test and set its password to TeSjtEsJTE. I ran pwdump7 to get the hashes. I am generating a table of time to crack a series of passowords. I need to see how it would take to crack my password using a custom character. I have the time it takes to crack using an alphanumeric charset. Hmm, do you only have the theoretical time for an alphanumeric charset - or have you actually tried that? As I have mentioned, "incremental" mode simply won't work for length 10 unless you patch params.h, re-compile, and generate a new .chr file. > I created a new john.pot using your contents and then tried to generate a new char file using: > john-386.exe --make-charset=cust.chr john.pot > and I get Loaded 0 plaintexts, exiting... > > What did I do wrong? Several things: 1. You do not need to specify john.pot on the command line. There's only one john.pot, and JtR knows it by name. With "--make-charset=...", if you give any additional filenames on the command line, they are treated as password files (like the output of PWDUMP) and are used to filter the contents of john.pot (only hashes found both in john.pot and in the specified password files will be loaded). Since john.pot itself, being a file internal to JtR, does not use the same formatting as password files on input to JtR, you have essentially told JtR to filter all passwords out - which it did. 2. The john-386.exe filename suggests that you're using a standard build of JtR, not a custom one - so it won't generate .chr files for lengths beyond 8. 3. john-386.exe, as included in standard Win32 builds of JtR 1.7+, is intended for ancient computers only (like 10+ years old). On modern computers, you would use john-mmx.exe instead - although, as I have explained above, in this case you'd need a custom build instead. > I have looked at using external, but I haven't found any examples of filters. I did not suggest you to use an external filter() - that would be too slow given your very small charset (since almost all candidate passwords would need to be generated, then filtered out). Besides, to use it you would need to make "incremental" mode generate 10-character candidate passwords first. My suggestion was to use an entire new external mode that would generate only the passwords that match your criteria - on its own. There are some examples of both kinds of external modes (filters and complete modes) in the default john.ini file, but I expect that they are too complicated for you to modify... -- Alexander Peslyak <solar at openwall.com> GPG key ID: 5B341F15 fp: B3FB 63F4 D7A3 BCCC 6F6E FC55 A2FC 027C 5B34 1F15 http://www.openwall.com - bringing security into open computing environments -- To unsubscribe, e-mail john-users-unsubscribe@...ts.openwall.com and reply to the automated confirmation request that will be sent to you.
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.