Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sun, 11 Jan 2009 07:33:45 +0300
From: Solar Designer <solar@...nwall.com>
To: john-users@...ts.openwall.com
Subject: Re: Clarification desired on modifying incremental mode to handle 9 chars

On Sat, Jan 10, 2009 at 09:25:27PM -0600, Steve Bergman wrote:
> On my Q6600, what I have done is followed your recommendations from
> various threads and assigned length 8 to one core, length 7 to another,
> length 6 to another, and 0-5 to the remaining core.  (BTW, looking over
> the progress in the logs, I'm pretty satisfied as to that distribution
> of work.) This is using the default 95 char range, since I think this
> might be a reasonably good password. In 15 hours, if I am reading the
> logs correctly, it has polished off all the length 1, 2, 3, and 4
> checks, as each of those has gotten to "character count 95".  (Length 5
> is at 58, length 6 is at 31, 7 at 19, 8 at 13.)

Thank you for posting this info - I imagine that some list members may
find it useful.

> Indeed, the 8 character search space is already mind-boggling. And 9
> would be 95 times that. I'm hoping that john's "work smarter, not
> harder" strategy might come though. If it doesn't, that's OK, too. It is
> nagging me that I may very well have set a nine character password.

Here's an approach you may try.  With the following in your john.conf,
you may use the bundled all.chr file to have JtR try 9 character
candidate passwords:

[Incremental:All8]
File = $JOHN/all.chr
MinLen = 8
MaxLen = 8
CharCount = 95

[List.External:8plus1]
void init()
{
	word[9] = 0;
}

void filter()
{
	word[8] = '1';
}

You run it as:

	./john -i=all8 -e=8plus1 passwd

Obviously, you may run four instances of this (one per core), having
each of them put a different character into the 9th position (pick the
four characters that you were most likely to end your password with).

You may even do:

void filter()
{
	word[8] = word[7];
}

that is, have JtR duplicate the last character.  Then for other cores
you may use something like:

void filter()
{
	if (word[7] == '1') word = 0; else word[8] = '1';
}

to make JtR skip candidate passwords that would match those produced by
the dup-last-char session.

Alexander

-- 
To unsubscribe, e-mail john-users-unsubscribe@...ts.openwall.com and reply
to the automated confirmation request that will be sent to you.

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.