Date: Fri, 27 Mar 2009 12:52:16 -0500 From: Minga Minga <mingakore@...il.com> To: john-users@...ts.openwall.com Subject: New john.conf rules (Part 1 of 9999) All, I've been working on writing my own john.conf rules recently in an effort to reverse engineer certain company's password policies. I have been able to decipher many of the "tricks" that their users use, and write john.conf rules specificially to abuse their idea of a 'safe' password. I'm sure there are already john.conf rules that tackle some of these - but having specific rules really helped me to crack as many passwords as possible. Im also "new" at writing john.conf - so Im sure some of them aren't done the "best' way and could be minimized. But I like having them in a readable and easier to understand format. The thing I really like about these rules - is that the dictionary file I use can be "small" - contains 4-5 characters MAX - and it will cracked 8-10 character passwords easily. Ill try to post more and more rules each week. Ill also try to explain each entry below via comments. Please post your custom john.conf rules too! [List.Rules:Wordlist] : # KoreLogic - prepends 2008 (and variations) to the beginning of each word. # This cracks passwords such as 2008Sep! 2008Sep$ 2008Sep* 2008Sep. 2008Sept iiii # KoreLogic - Capitalize pure alphabetic words and PREPENDS 2000,2001 up to 2009 # This is ONLY really useful if your dictionary is all lower case - and you KNOW your users # capitalize the first character of their passwords (That part stolen from other lines in john.conf) -c <*>2!?Aciiii # KoreLogic- Capitalize first char of pure alphabetic words - then Append 2001! 2001? .... 2008^ .. 2019? # Useful for cracking: Oct012008! Oct032008! Oct052008! Oct152008! -c <*>2!?Ac$2$0$$$[!@...^&*\-=_+,./?] # KoreLogic - Simply append a recent year - and a special char to the end - NO capitals first # Good for oct2008! octb2008! octo2008! $2$0$$$[!@...^&*\-=_+,./?] # Many people prepend passwords with ABC, abc, abcd, etc. This prepends those strings to your dictionary # Good for Abc123$$ Abc12309 abc12333 aBCd12345 i[aA]i[bB]i[cC] i[aA]i[bB]i[cC]i[dD] Ok thats enough for now.. lots more later. -Minga
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.