Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sat, 26 Jan 2008 06:13:50 +0300
From: Solar Designer <>
Subject: Re: custom character set

Adam - I've approved your posting this time, although the quoting is
somewhat excessive and confusing... please try to do it better next time
you post.

On Fri, Jan 25, 2008 at 09:24:25PM -0500, Adam Turk wrote:
> The hash is ntlm.  I don't have a LM version of the password as I disabled LM hashes.

This is fine.  However, please note that the official JtR lacks support
for NTLM hashes - they're only supported with contributed patches (such
as the jumbo patch), or with some unofficial builds.

Also, please note that "incremental" mode is limited to lengths up to 8
by default, at compile time.

> What I did was create a user called test and set its password to TeSjtEsJTE.  I ran pwdump7 to get the hashes.  I am generating a table of time to crack a series of passowords.  I need to see how it would take to crack my password using a custom character.  I have the time it takes to crack using an alphanumeric charset.

Hmm, do you only have the theoretical time for an alphanumeric charset -
or have you actually tried that?  As I have mentioned, "incremental"
mode simply won't work for length 10 unless you patch params.h,
re-compile, and generate a new .chr file.
> I created a new john.pot using your contents and then tried to generate a new char file using:
> john-386.exe --make-charset=cust.chr john.pot
> and I get Loaded 0 plaintexts, exiting...
> What did I do wrong?

Several things:

1. You do not need to specify john.pot on the command line.  There's
only one john.pot, and JtR knows it by name.  With "--make-charset=...",
if you give any additional filenames on the command line, they are
treated as password files (like the output of PWDUMP) and are used to
filter the contents of john.pot (only hashes found both in john.pot and
in the specified password files will be loaded).  Since john.pot itself,
being a file internal to JtR, does not use the same formatting as
password files on input to JtR, you have essentially told JtR to filter
all passwords out - which it did.

2. The john-386.exe filename suggests that you're using a standard build
of JtR, not a custom one - so it won't generate .chr files for lengths
beyond 8.

3. john-386.exe, as included in standard Win32 builds of JtR 1.7+, is
intended for ancient computers only (like 10+ years old).  On modern
computers, you would use john-mmx.exe instead - although, as I have
explained above, in this case you'd need a custom build instead.

> I have looked at using external, but I haven't found any examples of filters.

I did not suggest you to use an external filter() - that would be too
slow given your very small charset (since almost all candidate passwords
would need to be generated, then filtered out).  Besides, to use it you
would need to make "incremental" mode generate 10-character candidate
passwords first.

My suggestion was to use an entire new external mode that would generate
only the passwords that match your criteria - on its own.

There are some examples of both kinds of external modes (filters and
complete modes) in the default john.ini file, but I expect that they are
too complicated for you to modify...

Alexander Peslyak <solar at>
GPG key ID: 5B341F15  fp: B3FB 63F4 D7A3 BCCC 6F6E  FC55 A2FC 027C 5B34 1F15 - bringing security into open computing environments

To unsubscribe, e-mail and reply
to the automated confirmation request that will be sent to you.

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.