Date: Thu, 11 Feb 2010 06:40:49 -0500 From: "Matt Weir" <cweir@...edu> To: <john-users@...ts.openwall.com> Subject: RE: Re: Replacement for all.chr based on "Rock You" Passwords. URL inside. Hey Minga, thanks for providing a .chr file based on the RockYou dataset. As Solar requested I ran some tests against various password lists using your .chr file, the default JtR All .chr file, along with a custom .chr file I created based on the PhpBB.com dataset. The short version is that the RockYou set performed the best when cracking other website password lists. You can find the full results + graphs + a lot of off topic rambling here: http://reusablesec.blogspot.com/2010/02/even-more-markov-modeling-whats-in.h tml As of right now I don't have a good data-set containing computer log-ins, (vs website log-ins). Because of that I really want to stress that while these tests imply that Minga's Rockyou .chr file might perform better when attacking web based passwords, John the Ripper's default .chr files were trained on computer passwords. If you are attacking a LANMAN/NTLM/Crypt(3)/CISCO/etc hash you probably still want to use John's included .chr files. In fact you defiantly want to use the included .chr files against LANMAN hashes due to how the hash works, (Only Uppercase, 7 characters max). This also brings up the point that without additional filters, using other attack types, (such as 'Alnum'), that are provided with JtR might work better over shorting cracking sessions than using Minga's RockYou .chr file that includes uppercase, special characters, etc. Matt Weir weir@...fsu.edu http://reusablesec.blogspot.com
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.