Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Sat, 28 Mar 2009 09:55:10 +0300
From: Solar Designer <solar@...nwall.com>
To: john-users@...ts.openwall.com
Subject: Re: --make-charset against a File with LANMAN and NTLM Passes?

On Fri, Mar 27, 2009 at 12:34:15PM -0500, Minga Minga wrote:
> Tried that first. Doesn't work.
> 
> ./john --make-chars:adsfdsaf.chr --format:nt pwdump.txt
> Invalid options combination or duplicate option: "--format:nt"

Oh, you're correct.  In version 1.7.3.1-all-5, patch line 66 in
options.c removing (or commenting out) "FLG_MAKECHR_CHK | ", and
recompile.  Then the above command will work as intended (I've just
tested it).

The reason why "--make-charset" and "--format" are declared incompatible
is that the "--format" specification won't be honored when you don't
specify any password files on the command line.  In that case, the
entire john.pot will be processed by "--make-charset", without a hash
type filter that "--format" option could be expected to provide.

> I was trying to create a custom CHR for just this one pwdump input file. My
> john.pot file contains almost 2 million entries of which only 35000 are for
> my input file. I was hoping to create a .CHR that eliminates special
> characters that are "never" used by the people on this domain. In an effort
> to speed up brute forcing. I can do it manually obviously though.

OK.  Please try patching options.c as suggested above.  Please let the
list know of your results - including whether the highly-focused custom
.chr file actually worked better for you or not.

> [...] It appears that DumbForce is faster than  using --external AND
> an -i:all6   anyways (see below)
[...]

Please re-post this as a follow-up to the correct thread (use your mail
reader's "Reply" feature on a message in that thread to ensure that the
headers are set correctly), then I might comment on it.  I don't want us
to mix up the two threads - that would be a disservice to those browsing
archives of this list on the web.

Thanks,

Alexander

-- 
To unsubscribe, e-mail john-users-unsubscribe@...ts.openwall.com and reply
to the automated confirmation request that will be sent to you.

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.