Date: Mon, 18 Feb 2008 07:33:40 +0000 From: Andy Stevens <insomniacpenguin@...glemail.com> To: john-users@...ts.openwall.com Subject: case insensitivity, rules & charsets Hi, I'm processing a set of SHA hashes for passwords that are case-insensitive (our app that uses them converts to lower case before doing the authentication check; we need to recover them so we can migrate to a database-based authentication mechanism that uses a different hash method). I can easily enough convert the "all" wordlist to lower case, and strip out any duplicates this produces, but I figured to speed things up I should also disable any of the rules that would attempt variations using upper case characters. Unfortunately, I'm finding the rule syntax a bit cryptic, so figuring out which ones to disable is a bit slow going... I had thought at first that this wouldn't be needed, as the RULES file says the -c flag will "reject this rule unless current hash type is case-sensitive". However, in my case the hash type itself isn't inherently case-sensitive, it's just the application that makes it that way, so the flag won't make any difference. Is there an equivalent to the default [List.Rules:Wordlist] listed anywhere, that omits the case-sensitive entries? Or would that just be the same as removing the -c lines from the list? Next I looked into the incremental mode's charsets. all.chr includes both upper & lower case, so would obviously be checking a lot of unnecessary candidates. I see in the docs that alpha.chr would try 'from "a" to "zzzzzzzz"' and since the CharCount is 26 I assume that it contains only lower case. alnum.chr has a CharCount of 36, but I don't see anything that definitively states if that's using lower or upper case letters. In either case I thought of adding the remaining printable characters with Extra, but the docs say these are treated as "least probable" and I suspect many of them (e.g. those on shifted-number keys) may occur more often that that. I could create my own custom one, but it appears the .chr contains more than just the letters themselves (I assume that's where the "frequencies of different trigraphs" mentioned in the FAQ are stored?) And currently I don't have a good sample set of passwords, until JtR finds them for me... I read in the docs that the LanMan charset is like all.chr but case-insensitive so, presumably, has the 95 printable characters minus 26 for the upper/lower duplicates (the CharCount backs this up). It seems to me this is likely to contain better frequency information than using Extra on one of the others, but unless I'm mistaken it's the upper case letters that appear in it. Is there any way to convert this character set to an equivalent .chr that uses lower case instead? Lastly, I know one of the hashes corresponds to a word in the wordlist with two numeric digits appended, but a trial run didn't find that so I assume there's no rule for this in the default list. Also I was wondering about substitutions like "swap i for 1, o for 0, A for 4, S for $, etc."? (there might be, but I've not yet figured the rules out well enough to tell) So I was wondering if there are any well-known resources for common extra rules to try, things that have proved useful to others? Thanks in advance, Andy. -- http://pseudoq.sourceforge.net/ Open source java Sudoku application -- To unsubscribe, e-mail john-users-unsubscribe@...ts.openwall.com and reply to the automated confirmation request that will be sent to you.
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.